3551a281829cda1d1994fde18e3383d6aeafa8f5946b29f2db06f267f599256086df384748d1afd4646a12bf8c953be7a15f17d33874a723aaa3bdd6c674156f83ab114e1a13931a8f4fd06a6badd01b3c7ad41f1a7441f2ffe5c22bab13bb54fb9c3e0069888040dfa549513cf87b41977642c52f26993211ebb0204d9898be3a4be7bf12c18c070c779a737efc106fdbfb5c8ae9232c7cca86a8bc12a34ef7163509ff1ebb06b1a6c674b53874c6e55388fa2e28fa0325d7d6769f4caa46d0bdb53f06573152234d07523d63df2836551af2cbcaf8dd1ef98fc34183bb5d9e1a0a9799189af0ea92efc2b67e2166a3f421a9edc9a7825f34e823bc144e346cf33fed28506d8f6cd76c5cbb3785eea7dacb255f58bf22ea573f59f9eb097c2723ecb25533271a9ea26b98d8f70ca2eedab42e9b60da99c8dc34bee8c1d499e9cee441b76fa54fa3a5d35c70f7a7e917e533ffc324136603b2b11496064f6eb55b8154592ae6ba329e84b19933e83ad25eebe61138e6051948873fa46410d3006d610ed91380dac565cae4a3a997eb100d42055119467c146ba91681a44f0935565c70661e99ea2b2bf7246d5b5b98f37f124131be3885797bda57230db1ad3799219a6a51fff41580c8f06b5958bab8f683ac822c2681cc57a73fa43768a81945c0d28503e8260e653ce9d00e6a2b88255b6a6d517acab5e8d94e137ffc735afea53b2268b53299c5cde6ed319c27506ebd37833248ef0032fdfbd10e4d00e105802eb7aca685ea1127c3e6c20d8c7dc753c18c64f081b8a6e0bfb191cd78eca2e0b816b964e24f26eebfd9e877a53799cbdcbcaf52a8408bc16eea1d71a91e6888b5825fff318098af92a2c989261c650477e8c453d8963891eba7335849c0b296332ee2e8bb6a845b47cc399ff7745f8535474ebaa4856923a1aa17bf066fbb1f912065ad600b643b14822f756a45b02a7b8adb5f8cea10ee23d08116b09490bd13aab93f78641ec52b931c88f345aedce6c991ea31060130e83e03f116f403de43be44b92e8e44f21abda148d88315a14bbba83064f1940ef8fc735c6241be2f5b8929572b717b5d8f878846e1c6e2f9d4641d6cdb09703c6c3397786de505adc48fb5856c3d07853b5fb1368456fbf84cf9b089c57f7ad56846a21faba7875fedda2754da14a869963dd3f7716c0e4cce81be3bc3163849abd4281de3987787f42d2a3ebe80ade77da6700b1883e98ee70d4182e988c0f2a97eac46b149091859aa0fdef27b02d069e2b3d6472475e03293097cb1979f424409a0d389c659a13da4ed9d5e4958c694985200d6eca3bae2b533cbb113bd78d21ad19d2bc5c70484a67096912a6ec28857b9bbe90e7f77cf4c91be58c1eb5e698fa4ef8961a6bdb5fa496caf97d0e5d392d5ef022437092f5d05c0cd99375a74bf0cab7e2ee086086954935c90e9b97b54580c50e25400601ac2aed0a74bd2819c38367e7be87d64256311825cd161a7c68b52316369b230f0b63751c4e4472a73c85950c916cd7d50e1d6982bbb64a576b1cda8d102f1cc3e54f109c3eef77c163a46526f12496e3737f0d589e31e37dd704f6d5256af0a27761a3ff17ea9b98bf370ed1e04184594b4c76cfbb083d86b8b38c3789ccba5be9a9197995bc182faaf2cc2ea052ef7ebf7ebccd7865e1b2c80460b2291365eecf795deea0bc7b1b109fb1f3f75583c42b5644c49c3501b9ba4f8b991ca3eec48f9492ccabc5969bcb0027c9ba5b2a5b2344c28dc1d322ba32f9b64e8e6db0403b5eef118ba7190eb52dc5fbd43c829940a66cb32d54cdca33477f02e595b10e4c8e17d6c7e0d89fd6a08a0e0a068ab19593a12ef6c77669d252c7b2c57cf46f50f9517838dba9fabb8a2463542ac7075a9e4c596b6ff04cbbba0dd666b6188258046c82c39b46118d2130f66005e7bf596806385217e7e045d1c0d3569e6ae8ba313f945c65052cf55dd3573001a3ec0ace2574776ba086ac178c6e8165012f51e7946e7d018ca7a8b37e04ad88aa5cc1275a53f02f2ff55f22098d036d3b0b527bb0104213133434a63de82a98664882bb6168cd1886d21bd227f09cd5d657ec49fed0c3c6ccec8e25641c3a923e9fc27ecc52f9b253b1c92f727f27cd746af2fe6e4c71e613bcb76b862bd8a2480f1a114374adf4e09e2eb29c90278267e5d60bb7988aaa767ae40603db832dd01817a5a0beb2f066442b8541620586fb43cd8b2fcfd4ed6060a8daf8d22e90cc99062be2ce868614c759bbac67d3e720a7636777dfdf02bbe11763acebdec73caddb9dcd6b1e5b508b92522f5646760783da36727ae57a21bb73bdb97f5b2cd0b129d2670cba76d17de2187419f25310bf4f7fea73c8ea02dd0c41241ddb593a0f4ccb6a5024b768e7b483308e23ca4c8fabe1b3894367f09399b4490aa1aa50be8a6fc45e523580fa393b7b63532b4addba36aa794358a146192aa41832113f11946319b9e9014d75a01a5cfde8e4ee2848dbe8521f11d20eb4954e22d2074c33d9afbbd6b263a8ebb1282daf4f4e81177867ffe4311900013dd0b683e5bb46833c2"}, 0x1004)

13:51:31 executing program 1:
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0xa}, @l2cap_cid_le_signaling={{0x6}, @l2cap_ecred_reconf_rsp={{0x1a, 0xb0, 0x2}, {0xff}}}}, 0xf)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi_and_pscan_mode={{0x22, 0x6a}, {0x7, [{@none, 0x80, 0x4, 0x8, "956261", 0x8, 0x80}, {@none, 0x64, 0x2, 0x9, "fd2bb8", 0x6}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x5, 0x8, 0x48, "94bfdb", 0xd4, 0xb5}, {@any, 0x3f, 0x1, 0xe1, "acf0ba", 0x2, 0x7}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x0, 0xff, 0x9b, "12ef4f", 0x2, 0x9}, {@none, 0x3, 0x4, 0x31, "c9b7da", 0x101, 0x7f}, {@none, 0xd, 0x6, 0x5, "f662ed", 0x4, 0x1}]}}}, 0x6d)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0xa}, @l2cap_cid_le_signaling={{0x6}, @l2cap_ecred_reconf_rsp={{0x1a, 0xb0, 0x2}, {0xff}}}}, 0xf) (async)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi_and_pscan_mode={{0x22, 0x6a}, {0x7, [{@none, 0x80, 0x4, 0x8, "956261", 0x8, 0x80}, {@none, 0x64, 0x2, 0x9, "fd2bb8", 0x6}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x5, 0x8, 0x48, "94bfdb", 0xd4, 0xb5}, {@any, 0x3f, 0x1, 0xe1, "acf0ba", 0x2, 0x7}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x0, 0xff, 0x9b, "12ef4f", 0x2, 0x9}, {@none, 0x3, 0x4, 0x31, "c9b7da", 0x101, 0x7f}, {@none, 0xd, 0x6, 0x5, "f662ed", 0x4, 0x1}]}}}, 0x6d) (async)

[ 2323.444880][T32540] FAULT_INJECTION: forcing a failure.
[ 2323.444880][T32540] name fail_usercopy, interval 1, probability 0, space 0, times 0
13:51:31 executing program 4:
dup(0xffffffffffffffff) (async, rerun: 32)
r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x40000) (rerun: 32)
accept$inet6(r0, 0x0, &(0x7f0000000080))

13:51:31 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000002800bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2323.500970][T32540] CPU: 0 PID: 32540 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2323.511451][T32540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2323.521537][T32540] Call Trace:
[ 2323.524839][T32540]  <TASK>
[ 2323.527790][T32540]  dump_stack_lvl+0xcd/0x134
[ 2323.532512][T32540]  should_fail.cold+0x5/0xa
[ 2323.537064][T32540]  _copy_from_user+0x2a/0x170
[ 2323.541805][T32540]  input_event_from_user+0x131/0x3a0
[ 2323.547144][T32540]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2323.553018][T32540]  evdev_write+0x356/0x760
[ 2323.557479][T32540]  ? evdev_read+0xe30/0xe30
[ 2323.562027][T32540]  ? apparmor_file_permission+0x264/0x4e0
[ 2323.567791][T32540]  ? bpf_lsm_file_permission+0x5/0x10
[ 2323.573212][T32540]  ? security_file_permission+0xab/0xd0
[ 2323.578807][T32540]  vfs_write+0x2d7/0xdd0
[ 2323.583088][T32540]  ? evdev_read+0xe30/0xe30
[ 2323.587635][T32540]  ? vfs_read+0x930/0x930
[ 2323.592014][T32540]  ? __fget_files+0x26a/0x440
[ 2323.596733][T32540]  ? __fget_light+0xe5/0x270
[ 2323.601370][T32540]  ksys_write+0x1e8/0x250
[ 2323.605738][T32540]  ? __ia32_sys_read+0xb0/0xb0
[ 2323.610540][T32540]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2323.616478][T32540]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2323.622606][T32540]  do_syscall_64+0x35/0xb0
[ 2323.627060][T32540]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2323.633000][T32540] RIP: 0033:0x7eff6688a649
[ 2323.637542][T32540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2323.657186][T32540] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2323.665604][T32540] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2323.673579][T32540] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2323.681560][T32540] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2323.689550][T32540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
13:51:32 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 52)

13:51:32 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04360700000000000040"], 0xa) (async, rerun: 32)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x1000}, "69cd15d90671ba44be25a5b3a0c5d49d14f72d11d2a58d4122120b9bb8fae8e69ca1e4a1cb9e04992be71eb2b8daf4252130d4aee1af26bbe10369ebcc3dabc46520f780601bc0368d586a130e2e6e0ae7215230b7a768e0ee99684c63ebdafed2947078c627ca71589c3ce57b1eaffe4610175e7e755216ca23181e6dcc69921ded959eae512f74b1db86cc6c4c1be0b3f25724bded9e06b6a3924195e7b6028c36de76b614cc0754a4090c848fdc6c695c4da73f64ca79df4f38ce9890c759f9d3f9c22ad9aebeea55e9e8427ecb6fd5acf1c6f2cf433d07691eef5c006ee25f38be1228e96baae1124268b10b5bec390670d24a6075fd41d841582410c176f985448a54a6051f0485adb64d04586a64e554f48db1e88738b40cc5af6681152153aef9d8fad9364c4a74313df6bc79a4d868c9aa4730e84ebe21645a0687ef41078c7a7eada539322978209e993d08e38b22c8073afd601c6e7f805054c9162c10af154c96e157db61a3e23119360aa5185dfd8e6cf96d9861379763d1efda6cf18e4ebe760173f4ba7353ef72129d06e7eb49fe4aad957b89657580bfb3a9d1ba597fdbf73545dfb1bfbc6169642a5ef30376c206f3a4db051359d0aac0999c54842e47737890cabc77fb38ee3fc63d53f52876148ecc394b3cfb7a8396c7ad2c2bffbe7368e3102434849be3b8574e7c0a11d509e4db6d79df7e64d3942b7d83d841926ed505df135323f7db4e6b2d79c05258e660b218b22c703a136cd3eebed091d3d958edbaa7ad7eb457c2c907196c2b7b9921bc24658ae213bba9a0517411632c6498fee136c06d18cbbef5175889fb2489b611cb051b35a7e48ca6d6f8652839c17fbc85c222204625f1de0d5a2181bbd9d8046ae7fd5bdc1a00d2ab89ba289b92052555b614ef7257f6100b419f70fde531e2765ea640909b3778bdfe684b64bf813bede59d73a4eeca9aca24eb112643d824de47fe23a83c6736becf6bc99e8c784c4118eb8f787fa807a9b3b302a3998a42b3e3dbe4c8a1805db3d2f1a379a5893fa7bf17a84896644ab90550e8ec5d791f86a366c96c52e5448d2cf2c125a210397f7786640d4140fd87cb2b18a55de7b45518e1ecb3be35473f273beb2c07a54a08029a6eee05824280e085c36016165f57d996097e23392202c52b9514e64402ce67ce3cee6ea7e3a7c2465cc4a161d9d7238ee57eda42b87b5ce2dda229a9bb9679bb683aff4ef08b2bedf2d92248b8709287d287c73a1232bc54fa7c9410244ede183a519993a4ab1452646fcb7b53e4761b6ef6f947381897bb1e1ea21e640bee7e44d9cea31b03e0c7708662209eaa6d66edc86d05f7ab7a3937a7079bb385812a2f3ddf460c4f1cccfa3597fa10ad78af4e60675a15f938017279a40c7efc2736cb57da3f87459e1bf0ee263a04c90c359868fb3f360513842ce021a259d04660c833d07c443890a2b5c71947eb3f93d0560ecddadc510cf9728c1dedb270cc131adaf385729b344fb100bad3de9544fd15f285cc306fabdf4336c9fa27848b5d32ed377a879e0cd6019ef9c1b17caee53310829925667f03d9cb99a741ec2b4686c0cd4670313bae3bc302dcc26dc2eaf57ba7d23dae5cbcc0cb320f035f1d113c294991412b9ee7cf939e50348ad9c02bf5fb39e518bd777ec907ca5d89a4e4343ab4ef5f90a193e0a7d5b3ea6a262425296574791368090132051ea560cc8dac12b94c1352cdfcf4117f0c059a82dd06493db1f2950944678d3bbd4fc7c16822a65777655798a9fe58ab8683dca267c7668e52fc86ade980b0706228ea6680d98732960a5af024ab6fb84581a0ce6a08049a073b13a4594042406588032a2248d5b7d5848f050f9c0b1660a0964cb1dcbc5b5138458dd8c85789fa7b9eaded45ab56d08635bf94cba1b0e981cbea55c985d27b08b491cdfca3ae3241280212f274507f21f09198a836b24dfc59cd17f945f51585976c26db42684ce5c40831d9fbfee9521e33201dd7e29266dcf527905f636b93075734fcb6d8a11f9c5915ae999cdee0a75f193b202be1a1801889620e7c6d6abb727e350a50904963258f5f24775500a4015ae3237bbe8e38e89f15734dcb7ecfa6c7798921a45ae3b3bd2ea0dde15d06e86eb432088fa1c6e2305e1bee8f8ffd13b6c7a1760f91715be7409609aa56dd4d1d6fe3d00e0d95505448478c2941849427ccb20a6bcb03cafea7e74aa65657e09e8fd83c501301b37983b02fcdcebd9077884118945cc7cd1708b7fbe396d6617ec7ef928ec387d3465541ea8cd59ab9eb74ed440abac82bb3889a0216b49857479516eb9a71d4f95821c04f2cd12de90324c62465bec96de8f1edca68b0bae61e26951647e229c21e235ec82e58fefd7757e6d10a17f23a2814c7daeb0a9fde58d2f6778a1ecd818c253033c14560aa39e5d5c76ccdccc69f4a2f54ed9ea56aae4238e613fe0c4e1b0b06f7b5045d60c12615337e1dac4924c85e058ef71db7765b17d9562f33a4deb22ad9c2fa1a7e6738bcfd661846aa166a130a4e203191f45e9c546179b8968010a60b82bebee64f4f7501766fd923fd660293a07c0e8088394cbf10064ee0d148e4993d3c609c472bcb968c17d469d520da27952566668fd033c89b71ff2f947d9709f86943c0e12e3851ba782a08adcd87d8f4e7c5be645b2c32c6aa893233b723a13d2a59f29889d57b749e9cf7422ed895d4bcd63d860f3a26c4fb0a7a49a44d3e03ad3e92ae75af8f91e58f1608c9792e4e631892c81908d053d5024704ade643e29f9b6ddafc8129b9b320e0740176b054b2d6f853709822c4c59be4c0e44044da840bcc46f0ab84cbd7073d271709ef49d3387d7d9808a89a5b13d3da842cc998964e51b32c33b8f8f2894953774f08ba695934ba87639d9ee631d00c25e780740993b0c7feaf2d9ec59f48f5a588fc0b27bf19c972ca3390ae57783971b3ce126f22d6fa115af119f4b90b0f7125c5f74325ce507a345a3752fa04c8f10e6ab792381d2e314642590dcde76f2a864160d5b76130c4fe465e50c97e51f45ab119797bec8a176698fec97588d91b02c9f7950af78271c6268e7552167af25da663914d4ec5c727cf838cc82183009f30d4d90ebc5a9e073d5319b9d66c49b40603e81d0407b55d128a1b00b5d09eaffdf77bf7e202f1e71c9b8dac79013551a281829cda1d1994fde18e3383d6aeafa8f5946b29f2db06f267f599256086df384748d1afd4646a12bf8c953be7a15f17d33874a723aaa3bdd6c674156f83ab114e1a13931a8f4fd06a6badd01b3c7ad41f1a7441f2ffe5c22bab13bb54fb9c3e0069888040dfa549513cf87b41977642c52f26993211ebb0204d9898be3a4be7bf12c18c070c779a737efc106fdbfb5c8ae9232c7cca86a8bc12a34ef7163509ff1ebb06b1a6c674b53874c6e55388fa2e28fa0325d7d6769f4caa46d0bdb53f06573152234d07523d63df2836551af2cbcaf8dd1ef98fc34183bb5d9e1a0a9799189af0ea92efc2b67e2166a3f421a9edc9a7825f34e823bc144e346cf33fed28506d8f6cd76c5cbb3785eea7dacb255f58bf22ea573f59f9eb097c2723ecb25533271a9ea26b98d8f70ca2eedab42e9b60da99c8dc34bee8c1d499e9cee441b76fa54fa3a5d35c70f7a7e917e533ffc324136603b2b11496064f6eb55b8154592ae6ba329e84b19933e83ad25eebe61138e6051948873fa46410d3006d610ed91380dac565cae4a3a997eb100d42055119467c146ba91681a44f0935565c70661e99ea2b2bf7246d5b5b98f37f124131be3885797bda57230db1ad3799219a6a51fff41580c8f06b5958bab8f683ac822c2681cc57a73fa43768a81945c0d28503e8260e653ce9d00e6a2b88255b6a6d517acab5e8d94e137ffc735afea53b2268b53299c5cde6ed319c27506ebd37833248ef0032fdfbd10e4d00e105802eb7aca685ea1127c3e6c20d8c7dc753c18c64f081b8a6e0bfb191cd78eca2e0b816b964e24f26eebfd9e877a53799cbdcbcaf52a8408bc16eea1d71a91e6888b5825fff318098af92a2c989261c650477e8c453d8963891eba7335849c0b296332ee2e8bb6a845b47cc399ff7745f8535474ebaa4856923a1aa17bf066fbb1f912065ad600b643b14822f756a45b02a7b8adb5f8cea10ee23d08116b09490bd13aab93f78641ec52b931c88f345aedce6c991ea31060130e83e03f116f403de43be44b92e8e44f21abda148d88315a14bbba83064f1940ef8fc735c6241be2f5b8929572b717b5d8f878846e1c6e2f9d4641d6cdb09703c6c3397786de505adc48fb5856c3d07853b5fb1368456fbf84cf9b089c57f7ad56846a21faba7875fedda2754da14a869963dd3f7716c0e4cce81be3bc3163849abd4281de3987787f42d2a3ebe80ade77da6700b1883e98ee70d4182e988c0f2a97eac46b149091859aa0fdef27b02d069e2b3d6472475e03293097cb1979f424409a0d389c659a13da4ed9d5e4958c694985200d6eca3bae2b533cbb113bd78d21ad19d2bc5c70484a67096912a6ec28857b9bbe90e7f77cf4c91be58c1eb5e698fa4ef8961a6bdb5fa496caf97d0e5d392d5ef022437092f5d05c0cd99375a74bf0cab7e2ee086086954935c90e9b97b54580c50e25400601ac2aed0a74bd2819c38367e7be87d64256311825cd161a7c68b52316369b230f0b63751c4e4472a73c85950c916cd7d50e1d6982bbb64a576b1cda8d102f1cc3e54f109c3eef77c163a46526f12496e3737f0d589e31e37dd704f6d5256af0a27761a3ff17ea9b98bf370ed1e04184594b4c76cfbb083d86b8b38c3789ccba5be9a9197995bc182faaf2cc2ea052ef7ebf7ebccd7865e1b2c80460b2291365eecf795deea0bc7b1b109fb1f3f75583c42b5644c49c3501b9ba4f8b991ca3eec48f9492ccabc5969bcb0027c9ba5b2a5b2344c28dc1d322ba32f9b64e8e6db0403b5eef118ba7190eb52dc5fbd43c829940a66cb32d54cdca33477f02e595b10e4c8e17d6c7e0d89fd6a08a0e0a068ab19593a12ef6c77669d252c7b2c57cf46f50f9517838dba9fabb8a2463542ac7075a9e4c596b6ff04cbbba0dd666b6188258046c82c39b46118d2130f66005e7bf596806385217e7e045d1c0d3569e6ae8ba313f945c65052cf55dd3573001a3ec0ace2574776ba086ac178c6e8165012f51e7946e7d018ca7a8b37e04ad88aa5cc1275a53f02f2ff55f22098d036d3b0b527bb0104213133434a63de82a98664882bb6168cd1886d21bd227f09cd5d657ec49fed0c3c6ccec8e25641c3a923e9fc27ecc52f9b253b1c92f727f27cd746af2fe6e4c71e613bcb76b862bd8a2480f1a114374adf4e09e2eb29c90278267e5d60bb7988aaa767ae40603db832dd01817a5a0beb2f066442b8541620586fb43cd8b2fcfd4ed6060a8daf8d22e90cc99062be2ce868614c759bbac67d3e720a7636777dfdf02bbe11763acebdec73caddb9dcd6b1e5b508b92522f5646760783da36727ae57a21bb73bdb97f5b2cd0b129d2670cba76d17de2187419f25310bf4f7fea73c8ea02dd0c41241ddb593a0f4ccb6a5024b768e7b483308e23ca4c8fabe1b3894367f09399b4490aa1aa50be8a6fc45e523580fa393b7b63532b4addba36aa794358a146192aa41832113f11946319b9e9014d75a01a5cfde8e4ee2848dbe8521f11d20eb4954e22d2074c33d9afbbd6b263a8ebb1282daf4f4e81177867ffe4311900013dd0b683e5bb46833c2"}, 0x1004) (rerun: 32)

13:51:32 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sniff_subrate={{0x2e, 0xb}, {0x3, 0xc8, 0x3, 0x80, 0x7ff, 0xff}}}, 0xe)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x4e}, "e4022d5b2058469dc52e42d931cd0d720a8d969081a5c2d66373100df329497e83399a6a07e31d9f15913bc76ef93e40debfc4e1ba1ce4af7ce6766383e84b3d96aed486172bf05c74b89e5f145b"}, 0x52)

13:51:32 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x10000000)

13:51:32 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000014000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:32 executing program 4:
dup(0xffffffffffffffff)
r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x40000)
accept$inet6(r0, 0x0, &(0x7f0000000080))
dup(0xffffffffffffffff) (async)
openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x40000) (async)
accept$inet6(r0, 0x0, &(0x7f0000000080)) (async)

[ 2323.697608][T32540] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2323.705594][T32540]  </TASK>
13:51:32 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="fa770a67670714dd01a95249cdcef38867682819fd5893be364955be6e000000000395cc1279d178b6560905be4040e3b607eec4f9"], 0xa)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x0, 0x21}, @l2cap_cid_signaling={{0x1d}, [@l2cap_move_chan_cfm={{0x10, 0x40, 0x4}, {0x7, 0x3}}, @l2cap_conf_rsp={{0x5, 0x3, 0x11}, {0xfffe, 0x4, 0x3f, [@l2cap_conf_rfc={0x4, 0x9, {0x1, 0x1, 0x7, 0x4, 0x20, 0xe5f5}}]}}]}}, 0x26)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x0, 0x10}, @l2cap_cid_signaling={{0xc}, [@l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x3, 0x7, 0x4, 0x4}}]}}, 0x15)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="bfed81b5540c6c286c9319ad52cf6ec8ad7c6c45f0ee08af21987edfb194b69eb73663da38c81bfdef30c4c568d0568a54f9b0990e54c51f9b051a7fd2edca22785b22b16bc7d8e65b05"], 0x9)

13:51:32 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sniff_subrate={{0x2e, 0xb}, {0x3, 0xc8, 0x3, 0x80, 0x7ff, 0xff}}}, 0xe)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x4e}, "e4022d5b2058469dc52e42d931cd0d720a8d969081a5c2d66373100df329497e83399a6a07e31d9f15913bc76ef93e40debfc4e1ba1ce4af7ce6766383e84b3d96aed486172bf05c74b89e5f145b"}, 0x52)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sniff_subrate={{0x2e, 0xb}, {0x3, 0xc8, 0x3, 0x80, 0x7ff, 0xff}}}, 0xe) (async)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x4e}, "e4022d5b2058469dc52e42d931cd0d720a8d969081a5c2d66373100df329497e83399a6a07e31d9f15913bc76ef93e40debfc4e1ba1ce4af7ce6766383e84b3d96aed486172bf05c74b89e5f145b"}, 0x52) (async)

13:51:32 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="03c900d32635e237f5f04a98056947e58b2c0512dea8ab48fb9d74e58c5111e336d2d822b3a1ed16db7070565935a380bd9de42b3cb6425351a22b91a699dbbb824ed199166456b43dc7f79972d1e2a175cceea1c930b07fc1218574db475461f114322e60000826fc65e1a49c605276aaa14571e186410eb6f90e3492996e8803e0d1531d97b2678ecac86c46309dfc4c15ca776c37be856e527814ddba6d2993980a09002adc48ce884e0e0f1abbc1e672cb0a9996cc9c66123d3ad9e3e93c27f8b336bb55436bda45eb437800d0ab7037bb741725f60ac00f62ea4d1512afb7ecc98a04"], 0xd7)

[ 2323.829038][T32574] FAULT_INJECTION: forcing a failure.
[ 2323.829038][T32574] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2323.855518][T32574] CPU: 0 PID: 32574 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2323.866005][T32574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2323.876198][T32574] Call Trace:
13:51:32 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x60000000)

13:51:32 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="fa770a67670714dd01a95249cdcef38867682819fd5893be364955be6e000000000395cc1279d178b6560905be4040e3b607eec4f9"], 0xa)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x0, 0x21}, @l2cap_cid_signaling={{0x1d}, [@l2cap_move_chan_cfm={{0x10, 0x40, 0x4}, {0x7, 0x3}}, @l2cap_conf_rsp={{0x5, 0x3, 0x11}, {0xfffe, 0x4, 0x3f, [@l2cap_conf_rfc={0x4, 0x9, {0x1, 0x1, 0x7, 0x4, 0x20, 0xe5f5}}]}}]}}, 0x26)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x0, 0x10}, @l2cap_cid_signaling={{0xc}, [@l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x3, 0x7, 0x4, 0x4}}]}}, 0x15)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="bfed81b5540c6c286c9319ad52cf6ec8ad7c6c45f0ee08af21987edfb194b69eb73663da38c81bfdef30c4c568d0568a54f9b0990e54c51f9b051a7fd2edca22785b22b16bc7d8e65b05"], 0x9)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="fa770a67670714dd01a95249cdcef38867682819fd5893be364955be6e000000000395cc1279d178b6560905be4040e3b607eec4f9"], 0xa) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x0, 0x21}, @l2cap_cid_signaling={{0x1d}, [@l2cap_move_chan_cfm={{0x10, 0x40, 0x4}, {0x7, 0x3}}, @l2cap_conf_rsp={{0x5, 0x3, 0x11}, {0xfffe, 0x4, 0x3f, [@l2cap_conf_rfc={0x4, 0x9, {0x1, 0x1, 0x7, 0x4, 0x20, 0xe5f5}}]}}]}}, 0x26) (async)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x0, 0x10}, @l2cap_cid_signaling={{0xc}, [@l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x3, 0x7, 0x4, 0x4}}]}}, 0x15) (async)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="bfed81b5540c6c286c9319ad52cf6ec8ad7c6c45f0ee08af21987edfb194b69eb73663da38c81bfdef30c4c568d0568a54f9b0990e54c51f9b051a7fd2edca22785b22b16bc7d8e65b05"], 0x9) (async)

[ 2323.879500][T32574]  <TASK>
[ 2323.882456][T32574]  dump_stack_lvl+0xcd/0x134
[ 2323.887088][T32574]  should_fail.cold+0x5/0xa
[ 2323.891639][T32574]  _copy_from_user+0x2a/0x170
[ 2323.896368][T32574]  input_event_from_user+0x131/0x3a0
[ 2323.901695][T32574]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2323.907561][T32574]  evdev_write+0x356/0x760
[ 2323.912018][T32574]  ? evdev_read+0xe30/0xe30
[ 2323.916549][T32574]  ? apparmor_file_permission+0x264/0x4e0
[ 2323.922314][T32574]  ? bpf_lsm_file_permission+0x5/0x10
[ 2323.928153][T32574]  ? security_file_permission+0xab/0xd0
[ 2323.933723][T32574]  vfs_write+0x2d7/0xdd0
[ 2323.937995][T32574]  ? evdev_read+0xe30/0xe30
[ 2323.942510][T32574]  ? vfs_read+0x930/0x930
[ 2323.946855][T32574]  ? __fget_files+0x26a/0x440
[ 2323.951557][T32574]  ? __fget_light+0xe5/0x270
[ 2323.956160][T32574]  ksys_write+0x1e8/0x250
[ 2323.960515][T32574]  ? __ia32_sys_read+0xb0/0xb0
[ 2323.965399][T32574]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2323.971312][T32574]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2323.977227][T32574]  do_syscall_64+0x35/0xb0
[ 2323.981661][T32574]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2323.987567][T32574] RIP: 0033:0x7eff6688a649
[ 2323.991990][T32574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2324.011621][T32574] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2324.020071][T32574] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
13:51:32 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sniff_subrate={{0x2e, 0xb}, {0x3, 0xc8, 0x3, 0x80, 0x7ff, 0xff}}}, 0xe) (async)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x4e}, "e4022d5b2058469dc52e42d931cd0d720a8d969081a5c2d66373100df329497e83399a6a07e31d9f15913bc76ef93e40debfc4e1ba1ce4af7ce6766383e84b3d96aed486172bf05c74b89e5f145b"}, 0x52)

[ 2324.028150][T32574] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2324.036130][T32574] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2324.044127][T32574] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2324.052110][T32574] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2324.060196][T32574]  </TASK>
13:51:32 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 53)

13:51:32 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (async)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="03c900d32635e237f5f04a98056947e58b2c0512dea8ab48fb9d74e58c5111e336d2d822b3a1ed16db7070565935a380bd9de42b3cb6425351a22b91a699dbbb824ed199166456b43dc7f79972d1e2a175cceea1c930b07fc1218574db475461f114322e60000826fc65e1a49c605276aaa14571e186410eb6f90e3492996e8803e0d1531d97b2678ecac86c46309dfc4c15ca776c37be856e527814ddba6d2993980a09002adc48ce884e0e0f1abbc1e672cb0a9996cc9c66123d3ad9e3e93c27f8b336bb55436bda45eb437800d0ab7037bb741725f60ac00f62ea4d1512afb7ecc98a04"], 0xd7)

13:51:32 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000006000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:32 executing program 1:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="03c9004b1491ca0b2d9386ad80cc2b04629b642140bc63f2cf7fa50b73655fc805deda5330d056a0e8865f8fadc796746f608cfe383dd4f8bb88703fbc899a1063e524da364bfa924b62211e2a59bd9ce3a86beabd7d355f0519280c8c106bfddeffa770c3cbf82cf25c59ecbdbf2572adacb73f7b9339e3e6767f901ffad34d77c2295e16ed656a"], 0x4f)

13:51:32 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="fa770a67670714dd01a95249cdcef38867682819fd5893be364955be6e000000000395cc1279d178b6560905be4040e3b607eec4f9"], 0xa)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x0, 0x21}, @l2cap_cid_signaling={{0x1d}, [@l2cap_move_chan_cfm={{0x10, 0x40, 0x4}, {0x7, 0x3}}, @l2cap_conf_rsp={{0x5, 0x3, 0x11}, {0xfffe, 0x4, 0x3f, [@l2cap_conf_rfc={0x4, 0x9, {0x1, 0x1, 0x7, 0x4, 0x20, 0xe5f5}}]}}]}}, 0x26)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x0, 0x10}, @l2cap_cid_signaling={{0xc}, [@l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x3, 0x7, 0x4, 0x4}}]}}, 0x15)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="bfed81b5540c6c286c9319ad52cf6ec8ad7c6c45f0ee08af21987edfb194b69eb73663da38c81bfdef30c4c568d0568a54f9b0990e54c51f9b051a7fd2edca22785b22b16bc7d8e65b05"], 0x9)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="fa770a67670714dd01a95249cdcef38867682819fd5893be364955be6e000000000395cc1279d178b6560905be4040e3b607eec4f9"], 0xa) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x0, 0x21}, @l2cap_cid_signaling={{0x1d}, [@l2cap_move_chan_cfm={{0x10, 0x40, 0x4}, {0x7, 0x3}}, @l2cap_conf_rsp={{0x5, 0x3, 0x11}, {0xfffe, 0x4, 0x3f, [@l2cap_conf_rfc={0x4, 0x9, {0x1, 0x1, 0x7, 0x4, 0x20, 0xe5f5}}]}}]}}, 0x26) (async)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x0, 0x10}, @l2cap_cid_signaling={{0xc}, [@l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x3, 0x7, 0x4, 0x4}}]}}, 0x15) (async)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="bfed81b5540c6c286c9319ad52cf6ec8ad7c6c45f0ee08af21987edfb194b69eb73663da38c81bfdef30c4c568d0568a54f9b0990e54c51f9b051a7fd2edca22785b22b16bc7d8e65b05"], 0x9) (async)

13:51:32 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x65580000)

13:51:32 executing program 1:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="03c9004b1491ca0b2d9386ad80cc2b04629b642140bc63f2cf7fa50b73655fc805deda5330d056a0e8865f8fadc796746f608cfe383dd4f8bb88703fbc899a1063e524da364bfa924b62211e2a59bd9ce3a86beabd7d355f0519280c8c106bfddeffa770c3cbf82cf25c59ecbdbf2572adacb73f7b9339e3e6767f901ffad34d77c2295e16ed656a"], 0x4f)

13:51:32 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="03c900d32635e237f5f04a98056947e58b2c0512dea8ab48fb9d74e58c5111e336d2d822b3a1ed16db7070565935a380bd9de42b3cb6425351a22b91a699dbbb824ed199166456b43dc7f79972d1e2a175cceea1c930b07fc1218574db475461f114322e60000826fc65e1a49c605276aaa14571e186410eb6f90e3492996e8803e0d1531d97b2678ecac86c46309dfc4c15ca776c37be856e527814ddba6d2993980a09002adc48ce884e0e0f1abbc1e672cb0a9996cc9c66123d3ad9e3e93c27f8b336bb55436bda45eb437800d0ab7037bb741725f60ac00f62ea4d1512afb7ecc98a04"], 0xd7)

13:51:32 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000586500bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2324.206815][T32609] FAULT_INJECTION: forcing a failure.
[ 2324.206815][T32609] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2324.231473][T32609] CPU: 0 PID: 32609 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2324.241947][T32609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2324.252036][T32609] Call Trace:
13:51:32 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x81000000)

[ 2324.255339][T32609]  <TASK>
[ 2324.258296][T32609]  dump_stack_lvl+0xcd/0x134
[ 2324.262952][T32609]  should_fail.cold+0x5/0xa
[ 2324.267509][T32609]  _copy_from_user+0x2a/0x170
[ 2324.272683][T32609]  input_event_from_user+0x131/0x3a0
[ 2324.278014][T32609]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2324.283882][T32609]  evdev_write+0x356/0x760
[ 2324.288361][T32609]  ? evdev_read+0xe30/0xe30
[ 2324.292983][T32609]  ? apparmor_file_permission+0x264/0x4e0
[ 2324.298745][T32609]  ? bpf_lsm_file_permission+0x5/0x10
13:51:32 executing program 4:
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(0xffffffffffffffff, 0x7a8, &(0x7f0000000000)={{@my=0x0, 0x5}, @hyper, 0x1, 0x4, 0xffffffff, 0x39e1, 0x3, 0x1, 0x401})
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)

13:51:32 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x88a8ffff)

[ 2324.304159][T32609]  ? security_file_permission+0xab/0xd0
[ 2324.309779][T32609]  vfs_write+0x2d7/0xdd0
[ 2324.314068][T32609]  ? evdev_read+0xe30/0xe30
[ 2324.318613][T32609]  ? vfs_read+0x930/0x930
[ 2324.322988][T32609]  ? __fget_files+0x26a/0x440
[ 2324.327715][T32609]  ? __fget_light+0xe5/0x270
[ 2324.332360][T32609]  ksys_write+0x1e8/0x250
[ 2324.336731][T32609]  ? __ia32_sys_read+0xb0/0xb0
[ 2324.341532][T32609]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2324.347495][T32609]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2324.353448][T32609]  do_syscall_64+0x35/0xb0
[ 2324.357909][T32609]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2324.363843][T32609] RIP: 0033:0x7eff6688a649
[ 2324.368293][T32609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2324.389165][T32609] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2324.397597][T32609] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
13:51:32 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 54)

13:51:32 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x9effffff)

13:51:32 executing program 4:
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(0xffffffffffffffff, 0x7a8, &(0x7f0000000000)={{@my=0x0, 0x5}, @hyper, 0x1, 0x4, 0xffffffff, 0x39e1, 0x3, 0x1, 0x401})
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(0xffffffffffffffff, 0x7a8, &(0x7f0000000000)={{@my=0x0, 0x5}, @hyper, 0x1, 0x4, 0xffffffff, 0x39e1, 0x3, 0x1, 0x401}) (async)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (async)

13:51:32 executing program 1:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="03c9004b1491ca0b2d9386ad80cc2b04629b642140bc63f2cf7fa50b73655fc805deda5330d056a0e8865f8fadc796746f608cfe383dd4f8bb88703fbc899a1063e524da364bfa924b62211e2a59bd9ce3a86beabd7d355f0519280c8c106bfddeffa770c3cbf82cf25c59ecbdbf2572adacb73f7b9339e3e6767f901ffad34d77c2295e16ed656a"], 0x4f)

13:51:32 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043607003ec6ff0f000000000000000000000005"], 0xa)

13:51:32 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000008100bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2324.405581][T32609] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2324.413623][T32609] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2324.421604][T32609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2324.429608][T32609] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2324.437609][T32609]  </TASK>
13:51:32 executing program 4:
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(0xffffffffffffffff, 0x7a8, &(0x7f0000000000)={{@my=0x0, 0x5}, @hyper, 0x1, 0x4, 0xffffffff, 0x39e1, 0x3, 0x1, 0x401})
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async, rerun: 64)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (rerun: 64)

13:51:32 executing program 1:
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xac}, "3302e3c991555e27bd9f391a6ea51ba280743413a715d659e0a0f4ff0fd9503c3a36b0dadce79a894f72d08b21a06952e9d141a3bc34e4581144a58b38c6ee0875ea3435619fcfe351194639c4c0bbe68a91af4439bbd7c6e4e484886be826b3f1ef343d102a645da9176a2517a316f26e927689c491b70a4f4c04d23ed663cf91a8932c5636476a1fb591bb8de789c475848be160e1b19312165664e6c8529f3f33e5eab8578d224cd8552a"}, 0xb0)

13:51:32 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000008700bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:32 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043607003ec6ff0f000000000000000000000005"], 0xa)

13:51:32 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0xf0ffffff)

13:51:32 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe800000000000000000ffffa88800bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2324.542846][T32635] FAULT_INJECTION: forcing a failure.
[ 2324.542846][T32635] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2324.604027][T32635] CPU: 1 PID: 32635 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2324.614512][T32635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2324.624631][T32635] Call Trace:
[ 2324.627939][T32635]  <TASK>
[ 2324.630902][T32635]  dump_stack_lvl+0xcd/0x134
[ 2324.635547][T32635]  should_fail.cold+0x5/0xa
[ 2324.640105][T32635]  _copy_from_user+0x2a/0x170
[ 2324.644836][T32635]  input_event_from_user+0x131/0x3a0
[ 2324.650167][T32635]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2324.656014][T32635]  evdev_write+0x356/0x760
[ 2324.660442][T32635]  ? evdev_read+0xe30/0xe30
[ 2324.664960][T32635]  ? apparmor_file_permission+0x264/0x4e0
[ 2324.670735][T32635]  ? bpf_lsm_file_permission+0x5/0x10
[ 2324.676109][T32635]  ? security_file_permission+0xab/0xd0
[ 2324.681675][T32635]  vfs_write+0x2d7/0xdd0
[ 2324.685924][T32635]  ? evdev_read+0xe30/0xe30
[ 2324.690435][T32635]  ? vfs_read+0x930/0x930
[ 2324.694765][T32635]  ? __fget_files+0x26a/0x440
[ 2324.700751][T32635]  ? __fget_light+0xe5/0x270
[ 2324.705339][T32635]  ksys_write+0x1e8/0x250
[ 2324.709669][T32635]  ? __ia32_sys_read+0xb0/0xb0
[ 2324.714544][T32635]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2324.720462][T32635]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2324.726387][T32635]  do_syscall_64+0x35/0xb0
[ 2324.730907][T32635]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2324.736822][T32635] RIP: 0033:0x7eff6688a649
[ 2324.741345][T32635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2324.760982][T32635] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2324.769418][T32635] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2324.777402][T32635] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2324.785399][T32635] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2324.793378][T32635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
13:51:33 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 55)

13:51:33 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043607003ec6ff0f000000000000000000000005"], 0xa)

13:51:33 executing program 1:
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xac}, "3302e3c991555e27bd9f391a6ea51ba280743413a715d659e0a0f4ff0fd9503c3a36b0dadce79a894f72d08b21a06952e9d141a3bc34e4581144a58b38c6ee0875ea3435619fcfe351194639c4c0bbe68a91af4439bbd7c6e4e484886be826b3f1ef343d102a645da9176a2517a316f26e927689c491b70a4f4c04d23ed663cf91a8932c5636476a1fb591bb8de789c475848be160e1b19312165664e6c8529f3f33e5eab8578d224cd8552a"}, 0xb0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xac}, "3302e3c991555e27bd9f391a6ea51ba280743413a715d659e0a0f4ff0fd9503c3a36b0dadce79a894f72d08b21a06952e9d141a3bc34e4581144a58b38c6ee0875ea3435619fcfe351194639c4c0bbe68a91af4439bbd7c6e4e484886be826b3f1ef343d102a645da9176a2517a316f26e927689c491b70a4f4c04d23ed663cf91a8932c5636476a1fb591bb8de789c475848be160e1b19312165664e6c8529f3f33e5eab8578d224cd8552a"}, 0xb0) (async)

13:51:33 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xd9}, "f35348725d15a8615df8a0583febe0f1afa6f93a3530819e28ed3a3b6d9ba864a13fca7b18a4549807917a4badc81980e82ec2feb4270afafada89d4441d94b61add5a6b7eb46e42a2976e96fb7f1d56826d4ec03c3ed1a134b1496ecfa828e3594459f80998a864b622b8c07d460adff15a5a85ad8d12526137ca38066c3ca80fed30d9bf5a6ea35a48e10164ba7c83f12b3d3fdb3bfe45e6856240fd22a71a51c930ccc9b2e415f185ccaa6188b7dadf305fc9a23b8634fbea37d9914af9e38e79c7c5b5effe1122ce1883d7d6076cc30039cc8438562050"}, 0xdd)

13:51:33 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0xf4390000)

13:51:33 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe800000000000000000ffffff9e00bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2324.801355][T32635] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2324.809455][T32635]  </TASK>
13:51:33 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000140)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000100)=@HCI_EVENT_PKT={0x4, @hci_ev_si_security={{0x2, 0x7}, {0x4, 0x40, 0x4, 0x1f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x8f}, "64e245d6d7979ac42c4c302ed91032c733071d2a0d589c8c40bf0cb9d0e73e812336acfd1290d6263739273414a7d531415be0df436877e035498dda795e6e4e4956810190ca31c64cea0d63a80b6db2c7dc0e6cfea9ef9a48e05757484e8dd9efe80b285772c9fca30aa9f6653192f9af473677b843305a58a498f88715d693631b3dbc230945cd16ba2b164a7a12"}, 0x93)

13:51:33 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xd9}, "f35348725d15a8615df8a0583febe0f1afa6f93a3530819e28ed3a3b6d9ba864a13fca7b18a4549807917a4badc81980e82ec2feb4270afafada89d4441d94b61add5a6b7eb46e42a2976e96fb7f1d56826d4ec03c3ed1a134b1496ecfa828e3594459f80998a864b622b8c07d460adff15a5a85ad8d12526137ca38066c3ca80fed30d9bf5a6ea35a48e10164ba7c83f12b3d3fdb3bfe45e6856240fd22a71a51c930ccc9b2e415f185ccaa6188b7dadf305fc9a23b8634fbea37d9914af9e38e79c7c5b5effe1122ce1883d7d6076cc30039cc8438562050"}, 0xdd)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xd9}, "f35348725d15a8615df8a0583febe0f1afa6f93a3530819e28ed3a3b6d9ba864a13fca7b18a4549807917a4badc81980e82ec2feb4270afafada89d4441d94b61add5a6b7eb46e42a2976e96fb7f1d56826d4ec03c3ed1a134b1496ecfa828e3594459f80998a864b622b8c07d460adff15a5a85ad8d12526137ca38066c3ca80fed30d9bf5a6ea35a48e10164ba7c83f12b3d3fdb3bfe45e6856240fd22a71a51c930ccc9b2e415f185ccaa6188b7dadf305fc9a23b8634fbea37d9914af9e38e79c7c5b5effe1122ce1883d7d6076cc30039cc8438562050"}, 0xdd) (async)

13:51:33 executing program 1:
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xac}, "3302e3c991555e27bd9f391a6ea51ba280743413a715d659e0a0f4ff0fd9503c3a36b0dadce79a894f72d08b21a06952e9d141a3bc34e4581144a58b38c6ee0875ea3435619fcfe351194639c4c0bbe68a91af4439bbd7c6e4e484886be826b3f1ef343d102a645da9176a2517a316f26e927689c491b70a4f4c04d23ed663cf91a8932c5636476a1fb591bb8de789c475848be160e1b19312165664e6c8529f3f33e5eab8578d224cd8552a"}, 0xb0)

13:51:33 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0xff030000)

13:51:33 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe800000000000000000000002af00bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:33 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000140)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2) (async)
syz_emit_vhci(&(0x7f0000000100)=@HCI_EVENT_PKT={0x4, @hci_ev_si_security={{0x2, 0x7}, {0x4, 0x40, 0x4, 0x1f}}}, 0xa) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x8f}, "64e245d6d7979ac42c4c302ed91032c733071d2a0d589c8c40bf0cb9d0e73e812336acfd1290d6263739273414a7d531415be0df436877e035498dda795e6e4e4956810190ca31c64cea0d63a80b6db2c7dc0e6cfea9ef9a48e05757484e8dd9efe80b285772c9fca30aa9f6653192f9af473677b843305a58a498f88715d693631b3dbc230945cd16ba2b164a7a12"}, 0x93)

[ 2324.935102][T32663] FAULT_INJECTION: forcing a failure.
[ 2324.935102][T32663] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2324.968436][T32663] CPU: 0 PID: 32663 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2324.978925][T32663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2324.989013][T32663] Call Trace:
[ 2324.992323][T32663]  <TASK>
[ 2324.995283][T32663]  dump_stack_lvl+0xcd/0x134
[ 2324.999916][T32663]  should_fail.cold+0x5/0xa
[ 2325.004466][T32663]  _copy_from_user+0x2a/0x170
[ 2325.009197][T32663]  input_event_from_user+0x131/0x3a0
[ 2325.014534][T32663]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2325.020381][T32663]  evdev_write+0x356/0x760
[ 2325.024818][T32663]  ? evdev_read+0xe30/0xe30
[ 2325.029355][T32663]  ? apparmor_file_permission+0x264/0x4e0
[ 2325.035120][T32663]  ? bpf_lsm_file_permission+0x5/0x10
[ 2325.040518][T32663]  ? security_file_permission+0xab/0xd0
[ 2325.046087][T32663]  vfs_write+0x2d7/0xdd0
[ 2325.050350][T32663]  ? evdev_read+0xe30/0xe30
[ 2325.054851][T32663]  ? vfs_read+0x930/0x930
[ 2325.059179][T32663]  ? __fget_files+0x26a/0x440
[ 2325.064054][T32663]  ? __fget_light+0xe5/0x270
[ 2325.068664][T32663]  ksys_write+0x1e8/0x250
[ 2325.073013][T32663]  ? __ia32_sys_read+0xb0/0xb0
[ 2325.077797][T32663]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2325.083713][T32663]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2325.089655][T32663]  do_syscall_64+0x35/0xb0
[ 2325.094104][T32663]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2325.100014][T32663] RIP: 0033:0x7eff6688a649
[ 2325.104442][T32663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2325.124170][T32663] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
13:51:33 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 56)

13:51:33 executing program 1:
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000200))
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000240)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x0, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_conn_req={{0x2, 0x0, 0x4}, {0xdcb8, 0x1}}, @l2cap_move_chan_cfm={{0x10, 0x9, 0x4}, {0x400, 0x6}}, @l2cap_create_chan_req={{0xc, 0x3, 0x5}, {0xb2, 0x3, 0x81}}, @l2cap_disconn_req={{0x6, 0x4, 0x4}, {0x7, 0x6}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x3f, 0x2}, {0x7}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xd8}, "5f7d19b5936c80cc83fb0ca39219856fcc434d011c3a6317420ba4e1cb0dfdf0e9469b2cfa20dc8289e16f7f46ef70018bdaa32c5c6ae293c052a3c4b2dc0565d155806ebc90b85062d7c478922aff0ce878c9d941a5bfd6467fb5559d1ceb156f63978d02da7882f2f314a2ead055fee7678e22f4f827452ed7b11868b6ebe464525e780ce29d10c3744547cfa3dfdd5ed790b5e18524ea162f11f547ad4e84c63893225abff0a808be0f22ad08fb8959b9b4ad1546e3880c2ba5af00824d865756edc2e655dbf42ea8317f5466822a964caabadc107bd7"}, 0xdc)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_phy_link_complete={{0x40, 0x2}, {0x6, 0xc8}}}, 0x5)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_req={{0x6, 0x20, 0x4}, {0x1ff, 0xae}}}}, 0x11)

13:51:33 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000140)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000100)=@HCI_EVENT_PKT={0x4, @hci_ev_si_security={{0x2, 0x7}, {0x4, 0x40, 0x4, 0x1f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x8f}, "64e245d6d7979ac42c4c302ed91032c733071d2a0d589c8c40bf0cb9d0e73e812336acfd1290d6263739273414a7d531415be0df436877e035498dda795e6e4e4956810190ca31c64cea0d63a80b6db2c7dc0e6cfea9ef9a48e05757484e8dd9efe80b285772c9fca30aa9f6653192f9af473677b843305a58a498f88715d693631b3dbc230945cd16ba2b164a7a12"}, 0x93)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa) (async)
syz_emit_vhci(&(0x7f0000000140)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2) (async)
syz_emit_vhci(&(0x7f0000000100)=@HCI_EVENT_PKT={0x4, @hci_ev_si_security={{0x2, 0x7}, {0x4, 0x40, 0x4, 0x1f}}}, 0xa) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x8f}, "64e245d6d7979ac42c4c302ed91032c733071d2a0d589c8c40bf0cb9d0e73e812336acfd1290d6263739273414a7d531415be0df436877e035498dda795e6e4e4956810190ca31c64cea0d63a80b6db2c7dc0e6cfea9ef9a48e05757484e8dd9efe80b285772c9fca30aa9f6653192f9af473677b843305a58a498f88715d693631b3dbc230945cd16ba2b164a7a12"}, 0x93) (async)

13:51:33 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0xffffa888)

13:51:33 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe800000000000000000000000bd00bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2325.132602][T32663] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2325.140585][T32663] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2325.148653][T32663] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2325.156644][T32663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2325.164625][T32663] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2325.172709][T32663]  </TASK>
13:51:33 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xd9}, "f35348725d15a8615df8a0583febe0f1afa6f93a3530819e28ed3a3b6d9ba864a13fca7b18a4549807917a4badc81980e82ec2feb4270afafada89d4441d94b61add5a6b7eb46e42a2976e96fb7f1d56826d4ec03c3ed1a134b1496ecfa828e3594459f80998a864b622b8c07d460adff15a5a85ad8d12526137ca38066c3ca80fed30d9bf5a6ea35a48e10164ba7c83f12b3d3fdb3bfe45e6856240fd22a71a51c930ccc9b2e415f185ccaa6188b7dadf305fc9a23b8634fbea37d9914af9e38e79c7c5b5effe1122ce1883d7d6076cc30039cc8438562050"}, 0xdd)

13:51:33 executing program 1:
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000200)) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async, rerun: 32)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2) (rerun: 32)
syz_emit_vhci(&(0x7f0000000240)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x0, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_conn_req={{0x2, 0x0, 0x4}, {0xdcb8, 0x1}}, @l2cap_move_chan_cfm={{0x10, 0x9, 0x4}, {0x400, 0x6}}, @l2cap_create_chan_req={{0xc, 0x3, 0x5}, {0xb2, 0x3, 0x81}}, @l2cap_disconn_req={{0x6, 0x4, 0x4}, {0x7, 0x6}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x3f, 0x2}, {0x7}}]}}, 0x30) (async, rerun: 32)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xd8}, "5f7d19b5936c80cc83fb0ca39219856fcc434d011c3a6317420ba4e1cb0dfdf0e9469b2cfa20dc8289e16f7f46ef70018bdaa32c5c6ae293c052a3c4b2dc0565d155806ebc90b85062d7c478922aff0ce878c9d941a5bfd6467fb5559d1ceb156f63978d02da7882f2f314a2ead055fee7678e22f4f827452ed7b11868b6ebe464525e780ce29d10c3744547cfa3dfdd5ed790b5e18524ea162f11f547ad4e84c63893225abff0a808be0f22ad08fb8959b9b4ad1546e3880c2ba5af00824d865756edc2e655dbf42ea8317f5466822a964caabadc107bd7"}, 0xdc) (async, rerun: 32)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_phy_link_complete={{0x40, 0x2}, {0x6, 0xc8}}}, 0x5) (async)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_req={{0x6, 0x20, 0x4}, {0x1ff, 0xae}}}}, 0x11)

13:51:33 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0xfffff000)

13:51:33 executing program 3:
r0 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r0, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010)
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r4}]}, 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_LINK={0x8, 0x1, r4}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000040)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x43})
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)

13:51:33 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe800000000000000000000001c600bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2325.265423][T32690] FAULT_INJECTION: forcing a failure.
[ 2325.265423][T32690] name fail_usercopy, interval 1, probability 0, space 0, times 0
13:51:33 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0xffffff7f)

13:51:33 executing program 1:
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000200)) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2) (async, rerun: 32)
syz_emit_vhci(&(0x7f0000000240)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x0, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_conn_req={{0x2, 0x0, 0x4}, {0xdcb8, 0x1}}, @l2cap_move_chan_cfm={{0x10, 0x9, 0x4}, {0x400, 0x6}}, @l2cap_create_chan_req={{0xc, 0x3, 0x5}, {0xb2, 0x3, 0x81}}, @l2cap_disconn_req={{0x6, 0x4, 0x4}, {0x7, 0x6}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x3f, 0x2}, {0x7}}]}}, 0x30) (async, rerun: 32)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xd8}, "5f7d19b5936c80cc83fb0ca39219856fcc434d011c3a6317420ba4e1cb0dfdf0e9469b2cfa20dc8289e16f7f46ef70018bdaa32c5c6ae293c052a3c4b2dc0565d155806ebc90b85062d7c478922aff0ce878c9d941a5bfd6467fb5559d1ceb156f63978d02da7882f2f314a2ead055fee7678e22f4f827452ed7b11868b6ebe464525e780ce29d10c3744547cfa3dfdd5ed790b5e18524ea162f11f547ad4e84c63893225abff0a808be0f22ad08fb8959b9b4ad1546e3880c2ba5af00824d865756edc2e655dbf42ea8317f5466822a964caabadc107bd7"}, 0xdc)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_phy_link_complete={{0x40, 0x2}, {0x6, 0xc8}}}, 0x5) (async)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_req={{0x6, 0x20, 0x4}, {0x1ff, 0xae}}}}, 0x11)

[ 2325.316294][T32690] CPU: 0 PID: 32690 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2325.326775][T32690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2325.337122][T32690] Call Trace:
[ 2325.340425][T32690]  <TASK>
[ 2325.343397][T32690]  dump_stack_lvl+0xcd/0x134
[ 2325.348032][T32690]  should_fail.cold+0x5/0xa
[ 2325.352579][T32690]  _copy_from_user+0x2a/0x170
[ 2325.357298][T32690]  input_event_from_user+0x131/0x3a0
[ 2325.362633][T32690]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2325.368500][T32690]  evdev_write+0x356/0x760
[ 2325.372956][T32690]  ? evdev_read+0xe30/0xe30
[ 2325.377495][T32690]  ? apparmor_file_permission+0x264/0x4e0
[ 2325.384046][T32690]  ? bpf_lsm_file_permission+0x5/0x10
[ 2325.389470][T32690]  ? security_file_permission+0xab/0xd0
[ 2325.395091][T32690]  vfs_write+0x2d7/0xdd0
[ 2325.399346][T32690]  ? evdev_read+0xe30/0xe30
[ 2325.403875][T32690]  ? vfs_read+0x930/0x930
[ 2325.408320][T32690]  ? __fget_files+0x26a/0x440
[ 2325.413021][T32690]  ? __fget_light+0xe5/0x270
[ 2325.417628][T32690]  ksys_write+0x1e8/0x250
[ 2325.421996][T32690]  ? __ia32_sys_read+0xb0/0xb0
[ 2325.426781][T32690]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2325.432697][T32690]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2325.438613][T32690]  do_syscall_64+0x35/0xb0
[ 2325.443053][T32690]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2325.448962][T32690] RIP: 0033:0x7eff6688a649
[ 2325.453390][T32690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2325.473117][T32690] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2325.481552][T32690] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2325.489534][T32690] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2325.497601][T32690] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2325.505588][T32690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
13:51:33 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 57)

13:51:33 executing program 1:
sendto$packet(0xffffffffffffffff, &(0x7f0000000100)="b12311b36182903cc64100e1addc32951a248be123e5b2a7532d3fcb286f54ca8f983f8d9ca5802ddd003a5d53831423b461af80791c72339c5f4fe7c537c7844f443713c6c503528f09e9ba2332410e06299a2e2de515a7c54c53bbb6e8ece04bb441260f82511cc0f4a377a8d08d8dc1a445322fea7d7b84b8e5ff96a69c19776d09ec6ee08a72d7acbe6b444a2b4eb1d9455b267778fd1e7a0714b970766be4a44832d3fb7ae7f8b2015abec7e13ab68ecbde824c617bdbe4c4920ea0cc94cba87627b0c2ef34b8572fbe0277b94ebecdf2b5cb0cd7d441d7d5848935c5047dcf30008e198f1d798e9f4412389bc45cd843bf08e826c96b1265b68d869852e4acc59e02e396926e667d7a5fdd2ff3cff6f72d36c8c7221fcb766389a488e891fed28de16b9e1847314aa160f820d0fa4e9e842c34ce93e222670f117416fc922c477feca804566d56c190784c6fa43e213405cca30d2b9edd4a4620355258f65433fa7108f5f5e4743b60f83f6ce03d0e44eab65219b62a24274a0843a380befa2ff1a3d8ad389d0f133a345aa23d8bd857c88bee1b12ecd63f385bf079906f4cdc2b64e4c5fb77988b302a533d75576d96de6e7f58d8fd6d805965599472ddfeed615c16698b3ee78343e9f94089844f606bcdbe483c7a16badcd98cb44d4c4a508a516a52c126740c2110deeb585669f5ddf6afd9aefc788d767d45301a6d8d5295962a0a56dfe8da22fa15259b180cda3a06de4400ff4513183e7ff3cc66305b81da74bcf43dc744305212fc155020f397e546991fd1874e9be8df8028d94c5b7c1ef61586cecab11135543ce39acd240882750f4fdfb6c1df59402520c750d495885cdfd46c9fbef82253ca6d7d813657df23af4823244064d04d09fb797d9be090377ff7b664827bce1c6757e26e7ba90e150b4a98ecf6d872fbdff182c2ec1d8d8f41aa1bd691626b9cff7fb90a7b0911798b8b48cb5342191733882a9993a560bf9c19cda0e4292af2e6561722301d4bd992ee4424e71ae98612b8f68d3cce4c573020e83882ff2704da652691a57602c968713c2d89c6928649d0fd9f9bc8d97097d160fdd24c3d5e80e7a9386cd5e1f7a6e63aa47be9c3c7a9f1448f348bfcf513fc572f041590f8ceb29a58e6268db149fecb134bce6617167ae5812081b0746313ae71cb61d483a4dc001c0c636444bf809933803e97cda6218f5f6b27eb18077db65c3020bd8933f517bf7d0a5d4f7fff9fe302479daa3b5c6b4f0e18c27e3bf7796dc5a05cf01d044a1701c8145ecb62191e7493efe419fa8429ed6751136b79a0597d6f25e19f1d13b6c8b8c09bbae088661cb297bdf5f5d4ed04ec11076f7000832b4b8185f771976e844af87975c63df4ebec6ccd72a4514614d4f5f9122ffd585f1b748cc49e914d56c7bd676a1df62771ddefa1944ab202bd095bc8c5e009c85eb419cffca13d947d09483249943ee15737a5d2d15de5969ac9ec4b83e5cdbde764e204502d40a5fa014a45328d13110bdda244451bfdeae33791e0727072d7355bad52706de3da5f17318923608c3ce748a6059e116a53b1a28e6f9a9f6973567a54bd69be2d6a9972052f1807c3c9756fa0b1559a267341577f1a43bcc6e31355599ac08c7c5fe7f45e5c9d0d7ec809ad80dc19f651a5931fbe29e59a2cca30a9e72cc8b3c7a9316fdc61634b306139d6af4a02676de74c5115a06f267f475f3e05622b72760b45e40fc150929440e7fb998b8171ee334e148278702c2bbf6fb909d4255412ccef22e90143aa1cf430d116547e46617d6be356ff1186f3888adc79ef204e542d0cce83e6530dab5c0a77cb4c58263bd13addc9e44b1635220a822a8c28e87f16b4e6a37e39c809b4d8d1eaf4bc46bb7d7346597a651bc6951033e27daa6cada361e501f951af9efc9dc7e1f6226e0c7fa23888c85a845e5f8925a726ec474ad728939a3556d543e45c1a41fdaead4d61f69668182c7036c7df05676e63eff20d99cf08c9180fcf11b27a6c7014a50d9ce19769c26f4c7f4929de3024b91a125d09f8647eaa7ecdac09c8778d4d581333d01c88e4df19a86082f65fe3401a27ebf2aaa0949f0e09828efce941bf96c2852307624bb8c90059e044ecb68fcc88f0fb63724eda894a9f525f9e23ceaa7eff334136557be304996355b2b67191fc2a352b7e11df9aed0f3a229a6fe4f53c59191dd6f2575391d6a88cfdc3bdef95bf1b33573fab890a210f77509d30792f93eaa9dfb6ae362068d04d5dae934e94114431adc3975c43377300d476c75c6f6aacbcadc7d95b77fcb0b697de985f028989ea6ad15d9965b5962ff77884d1dde4a015de1d1a23932b483f1e912bef52486340db9aa63f8242a5814aad8a61dad6442baf7b398be6056c60ccddddf87f6db312218c22fb896792d0e3ce35246dc4009868fe1d14f224275d85e04b7bc3aca6d64ca0eba2e21ed022a7b57d668d684272c4e45165f21dd7e897aacd3bf6a9798263005837920907612105ade0711c10ba8d57e806547a493a8c67d79654b06f10a399a0ab453d7012a0b51ddf78497b4bccee375ee14c4e4085c5e15b00813d28de2684eb9379d241177f34ac22e4d39eabc86cd6487ada194b75f243461eb6d3aa2261ca2a513ae7a1dcf4f4cb00f59b31bf4a8ae4cd13edeff5c51c897b3930a201d485b882747b03ef05d3303d6753ceb6e793bb6f38c1bb1f6104e792ca449318e624d86bfc3333dbd8e66cc68ebcbb41b66cd5937587fff41a37043bbc4624012bd78783cd4e57ee4bea7822a63bdb7c10805a128c39f7cf1580fb96579acdbed360f84f3e695a348e99ddba430eef7811216ac22338900ba4707327374b3bddf32176a5974459ab4fdbd8d741e244d34dd881bbe83785da1fc03e7b15743838d6b6b35d42c0c7d9c0eaca24cdf7f582b2490cc733d0f6e1cf44ca6bf31cdf6bfc41e070483781445ca4e02389a07397ef844574bdbef8a74bbc9c1e4746ec8551b7769bda793c192070437960ec29260665648ea7ed9d126df11e012c73ac1059379a1fefad5cd4eb0176a3990f22fa55655b600f713ec0df9a924c70bf92793ff2b4cae6885feb999097d13baafa414f068ca8b85ae2c6296df8b1f83c80529df9a348934afec7508aa1b1f76a0dfe5da2d4373a642def4e4e74010c100d39157636f14184b27ba0f3649cac36b8e7e2678b418e5cfb8624e1e240fa1fa995b893640f446ee61a6c7e46b852e7c77468da26e305642137a4cf498bea636e66ced63f138ccb06bbff8d843e137d72564cc8dadabac8a11354839770fb1998e0249567dce9da8573475cad0dddb70030d0ee5fb859dfe24f7f524d5aa5eda1cccf828e4dd5dec4a587bdd9acd9d59dd48ba632bfd666e013af7421b28a0386cad14ba2d5a047a2bbf2e63a994cf862e46f3b83e85f75733e2feb83b3cc7835a7e6e8de2da227f0726c027e66ea1b87ff50886d8fe332fe512fdfaf4ea5e6cd5b0c7957c6905936d7bbf46ded4c29fccadd82c6b736833fc3e3da05dbe1996be283152548b33d5432c27e8cdb54dbc7f4cdd1e66eb3fca4137f88852fe03f4f9f0bbad28875c237d36c90a870fdb56060028e27d9974362005270b902ff77e9f24cef5ef3325c526d211cf1efc7c5e07fe729e8cc4d839b1c3cfa24dcd9e03c46b64418184314fd30ad323dda7fea92aa028f578b147ae52ae3bb83e4581894f4514793f7fcb28b312b57298f3ceac0eea5513d76845bb9e466c638ee20120d748a3f0375809d40a1fe7a99eeaa7f853913dd12d6a696287100bc512db52c635e2650abcc20e1b9cfe2100f0d544010252c2c5d9cec9ace3c2f0920c6acd6a1d9b6c7244709204b1ec272590f3bcf0cd3c07107feb42d6ca3c9d9f69a61f93a560177a2b66492572bc5597d9fea0494c048df7634b9f2fe34cc55cbfd9be75507e6829bcdf712e83da3175ac1dadb819ea598638ae2578960416542a0ad7d08fe59a5d7ba24950ab38af321b06c0d754695202798575f4ba1bc951efe00d4fff5f51d1a2950fffe3b10a097d01392c81ead4286a6753e9b21118f7238f929804b3e669f9cf9fb9552a92974d5cc1f8dfcce772b995b1de9300174e313f2ab518fc4e565c9428b17b872ea044c6c9368593d6519bd3e21b0952595ea94084360aace7ab9fcb12c0a70ceadc92fe5b65d344d850805ac02303921306bb5faf60cdfa7ba79327ab04056f909b5f99b49ab2d7fe886faaeea33fb93e325e413c199dd1f6347a84656e85e8903734392c3ddaa918560022bd8d08716490d491720ab7aa9270d185caa656b364bbbb51822e6a59053127ffff563171d526500a7a7368d18fd5ff3e4182f4455af528ecaa948e6811f5c0d3e6459ee8d90cf034ad8eff95cba68dbd6ac910e20487173d9c7c9ccc6dc8ccd26f4137dc495d078106231d4d980cafb68ad1207b2b90070ee5a8982d9654036df5cfbe7c2622c734db612d9ec2c6b5ef5ae8b0a4df363abd9d22b38b8adb1b24ddda753b396c7de2da8da1e9e557e5cd23b515ec762706a7e9aed633a2605ce769756ed2c519222487aaaae7ce17c04b738345b914bbfa79fbbe4b230e531fd8e3395a61c31f7d50ba9be366c825e0698ee8b31752cd1cf6399fbacbb323aed3f6fc7e91bdb312970f52103fa3d5180e3e5a7b298255662892745d7a606c3fab32ae694745611678cbafb9d6cb49b1b9f4a14258a7662a1cfb47bf7ff1ffc132150bcf81e4c49b38704ff4a5e23d6c19f968f1e470b2fb907de9937d9d2ef22cdd4e05e64eb450c5a2eceaf4f62a983e00e32b6941e57aa539101d66d3d0bac53f10e536df45aadedf758e228b12064cbe90f85dbe4139980c3fca7f914c5c3be414f48a06bf16380d9c82156d3d602b24b19b7f34a67db70f5c7876124fbf39a6d5d63ed3a9b6a94fee62bcad9c2ffc90be90017a0275f42d5777826a87ad822a16835d0755eb253f04aa99795af7489a5ec0791207e64697403fb9c85409c284983b0c760c0d912c444c926752eec1949e09696e40b17dfcd2a6f890342fe83141fc9e203db50589607ed921f393dabf480e09d2950adb138e77a86f3af4906d246a709af5a766368929a5b46c843690aaf46fb928fdb7665af91cfbe26019a701da567555547d9b259425ee7eb4bcd323f16a91fa15e2e41d45f0361e1a87943264f09fa1eff52891f19d4cc31efc582356303bf83245736ddda0285be5ec924d79d16aae85e7170bc596162f09b6f50506f9012deca2b49a68ffde2a1fdf7c5c8dd4dc4c2783ea1caa1082b1f63a1ad750f1cedaa8ac41d81bf900a0fa25bc5f2ac634413741554af64a591067086aeabb528332138857f2903564848fc5130f89f9e59feab0d4393a1501ae213d77aa74b1337ca3f7400277ef02c44a48370370ce7290753918a7ca6500508fa36b76fb014a2aa7a0b3d4837d3c31dc871409b9c1195ff5c566f6f53fde4fa47379104bcd4db7fbe0f5e144dcd953308b331f3ca212dbbffd19869aacf213f09e74123b5cbbdb7de6f1f8aff4922e19f75b3c7b46dbb872e182ade41149e7d80f38d69b1c56c9ceeb3cd811f39d1e05340827a54b04c730a2957803bfdd8475ef458431fa84663ef3d0aa7962b5185bd7050aeb45ad61e38f9faf9f5f1a665810c297c5dfca56f160a3f7837de13d87254af00e203769b98811d00a970b06fdb8c6a4bce9176dd943711fba9786a55c5b2d6f64c211a97a1114da07fd62d4bfb486be8ecea06", 0x1000, 0x40000, &(0x7f0000000000)={0x11, 0xf7, 0x0, 0x1, 0x8, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x26}}, 0x14)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x2, 0x3e}, @l2cap_cid_signaling={{0x3a}, [@l2cap_move_chan_cfm={{0x10, 0x3f, 0x4}, {0x1000, 0x2e2}}, @l2cap_conf_rsp={{0x5, 0x7, 0x9}, {0x5, 0xfff9, 0x0, [@l2cap_conf_fcs={0x5, 0x1}]}}, @l2cap_conf_req={{0x4, 0x7, 0x19}, {0xffff, 0x7f, [@l2cap_conf_ews={0x7, 0x2, 0x1}, @l2cap_conf_flushto={0x2, 0x2, 0x7}, @l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_fcs={0x5, 0x1, 0x1}]}}, @l2cap_disconn_rsp={{0x7, 0x0, 0x4}, {0x4, 0x38}}]}}, 0x43)

13:51:33 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe800000000000000000000000cb00bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:33 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="c155"], 0x8)

13:51:33 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0xffffff9e)

13:51:33 executing program 3:
r0 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r0, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010)
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r4}]}, 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_LINK={0x8, 0x1, r4}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000040)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x43})
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200) (async)
sendmsg$nl_route(r0, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010) (async)
socket(0x10, 0x2, 0x0) (async)
write(r1, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32) (async)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$packet(0x11, 0x3, 0x300) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) (async)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r4}]}, 0x34}}, 0x0) (async)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_LINK={0x8, 0x1, r4}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10) (async)
ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000040)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x43}) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa) (async)

[ 2325.513568][T32690] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2325.521745][T32690]  </TASK>
13:51:33 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0xfffffff0)

13:51:33 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="c155"], 0x8)

13:51:33 executing program 1:
sendto$packet(0xffffffffffffffff, &(0x7f0000000100)="b12311b36182903cc64100e1addc32951a248be123e5b2a7532d3fcb286f54ca8f983f8d9ca5802ddd003a5d53831423b461af80791c72339c5f4fe7c537c7844f443713c6c503528f09e9ba2332410e06299a2e2de515a7c54c53bbb6e8ece04bb441260f82511cc0f4a377a8d08d8dc1a445322fea7d7b84b8e5ff96a69c19776d09ec6ee08a72d7acbe6b444a2b4eb1d9455b267778fd1e7a0714b970766be4a44832d3fb7ae7f8b2015abec7e13ab68ecbde824c617bdbe4c4920ea0cc94cba87627b0c2ef34b8572fbe0277b94ebecdf2b5cb0cd7d441d7d5848935c5047dcf30008e198f1d798e9f4412389bc45cd843bf08e826c96b1265b68d869852e4acc59e02e396926e667d7a5fdd2ff3cff6f72d36c8c7221fcb766389a488e891fed28de16b9e1847314aa160f820d0fa4e9e842c34ce93e222670f117416fc922c477feca804566d56c190784c6fa43e213405cca30d2b9edd4a4620355258f65433fa7108f5f5e4743b60f83f6ce03d0e44eab65219b62a24274a0843a380befa2ff1a3d8ad389d0f133a345aa23d8bd857c88bee1b12ecd63f385bf079906f4cdc2b64e4c5fb77988b302a533d75576d96de6e7f58d8fd6d805965599472ddfeed615c16698b3ee78343e9f94089844f606bcdbe483c7a16badcd98cb44d4c4a508a516a52c126740c2110deeb585669f5ddf6afd9aefc788d767d45301a6d8d5295962a0a56dfe8da22fa15259b180cda3a06de4400ff4513183e7ff3cc66305b81da74bcf43dc744305212fc155020f397e546991fd1874e9be8df8028d94c5b7c1ef61586cecab11135543ce39acd240882750f4fdfb6c1df59402520c750d495885cdfd46c9fbef82253ca6d7d813657df23af4823244064d04d09fb797d9be090377ff7b664827bce1c6757e26e7ba90e150b4a98ecf6d872fbdff182c2ec1d8d8f41aa1bd691626b9cff7fb90a7b0911798b8b48cb5342191733882a9993a560bf9c19cda0e4292af2e6561722301d4bd992ee4424e71ae98612b8f68d3cce4c573020e83882ff2704da652691a57602c968713c2d89c6928649d0fd9f9bc8d97097d160fdd24c3d5e80e7a9386cd5e1f7a6e63aa47be9c3c7a9f1448f348bfcf513fc572f041590f8ceb29a58e6268db149fecb134bce6617167ae5812081b0746313ae71cb61d483a4dc001c0c636444bf809933803e97cda6218f5f6b27eb18077db65c3020bd8933f517bf7d0a5d4f7fff9fe302479daa3b5c6b4f0e18c27e3bf7796dc5a05cf01d044a1701c8145ecb62191e7493efe419fa8429ed6751136b79a0597d6f25e19f1d13b6c8b8c09bbae088661cb297bdf5f5d4ed04ec11076f7000832b4b8185f771976e844af87975c63df4ebec6ccd72a4514614d4f5f9122ffd585f1b748cc49e914d56c7bd676a1df62771ddefa1944ab202bd095bc8c5e009c85eb419cffca13d947d09483249943ee15737a5d2d15de5969ac9ec4b83e5cdbde764e204502d40a5fa014a45328d13110bdda244451bfdeae33791e0727072d7355bad52706de3da5f17318923608c3ce748a6059e116a53b1a28e6f9a9f6973567a54bd69be2d6a9972052f1807c3c9756fa0b1559a267341577f1a43bcc6e31355599ac08c7c5fe7f45e5c9d0d7ec809ad80dc19f651a5931fbe29e59a2cca30a9e72cc8b3c7a9316fdc61634b306139d6af4a02676de74c5115a06f267f475f3e05622b72760b45e40fc150929440e7fb998b8171ee334e148278702c2bbf6fb909d4255412ccef22e90143aa1cf430d116547e46617d6be356ff1186f3888adc79ef204e542d0cce83e6530dab5c0a77cb4c58263bd13addc9e44b1635220a822a8c28e87f16b4e6a37e39c809b4d8d1eaf4bc46bb7d7346597a651bc6951033e27daa6cada361e501f951af9efc9dc7e1f6226e0c7fa23888c85a845e5f8925a726ec474ad728939a3556d543e45c1a41fdaead4d61f69668182c7036c7df05676e63eff20d99cf08c9180fcf11b27a6c7014a50d9ce19769c26f4c7f4929de3024b91a125d09f8647eaa7ecdac09c8778d4d581333d01c88e4df19a86082f65fe3401a27ebf2aaa0949f0e09828efce941bf96c2852307624bb8c90059e044ecb68fcc88f0fb63724eda894a9f525f9e23ceaa7eff334136557be304996355b2b67191fc2a352b7e11df9aed0f3a229a6fe4f53c59191dd6f2575391d6a88cfdc3bdef95bf1b33573fab890a210f77509d30792f93eaa9dfb6ae362068d04d5dae934e94114431adc3975c43377300d476c75c6f6aacbcadc7d95b77fcb0b697de985f028989ea6ad15d9965b5962ff77884d1dde4a015de1d1a23932b483f1e912bef52486340db9aa63f8242a5814aad8a61dad6442baf7b398be6056c60ccddddf87f6db312218c22fb896792d0e3ce35246dc4009868fe1d14f224275d85e04b7bc3aca6d64ca0eba2e21ed022a7b57d668d684272c4e45165f21dd7e897aacd3bf6a9798263005837920907612105ade0711c10ba8d57e806547a493a8c67d79654b06f10a399a0ab453d7012a0b51ddf78497b4bccee375ee14c4e4085c5e15b00813d28de2684eb9379d241177f34ac22e4d39eabc86cd6487ada194b75f243461eb6d3aa2261ca2a513ae7a1dcf4f4cb00f59b31bf4a8ae4cd13edeff5c51c897b3930a201d485b882747b03ef05d3303d6753ceb6e793bb6f38c1bb1f6104e792ca449318e624d86bfc3333dbd8e66cc68ebcbb41b66cd5937587fff41a37043bbc4624012bd78783cd4e57ee4bea7822a63bdb7c10805a128c39f7cf1580fb96579acdbed360f84f3e695a348e99ddba430eef7811216ac22338900ba4707327374b3bddf32176a5974459ab4fdbd8d741e244d34dd881bbe83785da1fc03e7b15743838d6b6b35d42c0c7d9c0eaca24cdf7f582b2490cc733d0f6e1cf44ca6bf31cdf6bfc41e070483781445ca4e02389a07397ef844574bdbef8a74bbc9c1e4746ec8551b7769bda793c192070437960ec29260665648ea7ed9d126df11e012c73ac1059379a1fefad5cd4eb0176a3990f22fa55655b600f713ec0df9a924c70bf92793ff2b4cae6885feb999097d13baafa414f068ca8b85ae2c6296df8b1f83c80529df9a348934afec7508aa1b1f76a0dfe5da2d4373a642def4e4e74010c100d39157636f14184b27ba0f3649cac36b8e7e2678b418e5cfb8624e1e240fa1fa995b893640f446ee61a6c7e46b852e7c77468da26e305642137a4cf498bea636e66ced63f138ccb06bbff8d843e137d72564cc8dadabac8a11354839770fb1998e0249567dce9da8573475cad0dddb70030d0ee5fb859dfe24f7f524d5aa5eda1cccf828e4dd5dec4a587bdd9acd9d59dd48ba632bfd666e013af7421b28a0386cad14ba2d5a047a2bbf2e63a994cf862e46f3b83e85f75733e2feb83b3cc7835a7e6e8de2da227f0726c027e66ea1b87ff50886d8fe332fe512fdfaf4ea5e6cd5b0c7957c6905936d7bbf46ded4c29fccadd82c6b736833fc3e3da05dbe1996be283152548b33d5432c27e8cdb54dbc7f4cdd1e66eb3fca4137f88852fe03f4f9f0bbad28875c237d36c90a870fdb56060028e27d9974362005270b902ff77e9f24cef5ef3325c526d211cf1efc7c5e07fe729e8cc4d839b1c3cfa24dcd9e03c46b64418184314fd30ad323dda7fea92aa028f578b147ae52ae3bb83e4581894f4514793f7fcb28b312b57298f3ceac0eea5513d76845bb9e466c638ee20120d748a3f0375809d40a1fe7a99eeaa7f853913dd12d6a696287100bc512db52c635e2650abcc20e1b9cfe2100f0d544010252c2c5d9cec9ace3c2f0920c6acd6a1d9b6c7244709204b1ec272590f3bcf0cd3c07107feb42d6ca3c9d9f69a61f93a560177a2b66492572bc5597d9fea0494c048df7634b9f2fe34cc55cbfd9be75507e6829bcdf712e83da3175ac1dadb819ea598638ae2578960416542a0ad7d08fe59a5d7ba24950ab38af321b06c0d754695202798575f4ba1bc951efe00d4fff5f51d1a2950fffe3b10a097d01392c81ead4286a6753e9b21118f7238f929804b3e669f9cf9fb9552a92974d5cc1f8dfcce772b995b1de9300174e313f2ab518fc4e565c9428b17b872ea044c6c9368593d6519bd3e21b0952595ea94084360aace7ab9fcb12c0a70ceadc92fe5b65d344d850805ac02303921306bb5faf60cdfa7ba79327ab04056f909b5f99b49ab2d7fe886faaeea33fb93e325e413c199dd1f6347a84656e85e8903734392c3ddaa918560022bd8d08716490d491720ab7aa9270d185caa656b364bbbb51822e6a59053127ffff563171d526500a7a7368d18fd5ff3e4182f4455af528ecaa948e6811f5c0d3e6459ee8d90cf034ad8eff95cba68dbd6ac910e20487173d9c7c9ccc6dc8ccd26f4137dc495d078106231d4d980cafb68ad1207b2b90070ee5a8982d9654036df5cfbe7c2622c734db612d9ec2c6b5ef5ae8b0a4df363abd9d22b38b8adb1b24ddda753b396c7de2da8da1e9e557e5cd23b515ec762706a7e9aed633a2605ce769756ed2c519222487aaaae7ce17c04b738345b914bbfa79fbbe4b230e531fd8e3395a61c31f7d50ba9be366c825e0698ee8b31752cd1cf6399fbacbb323aed3f6fc7e91bdb312970f52103fa3d5180e3e5a7b298255662892745d7a606c3fab32ae694745611678cbafb9d6cb49b1b9f4a14258a7662a1cfb47bf7ff1ffc132150bcf81e4c49b38704ff4a5e23d6c19f968f1e470b2fb907de9937d9d2ef22cdd4e05e64eb450c5a2eceaf4f62a983e00e32b6941e57aa539101d66d3d0bac53f10e536df45aadedf758e228b12064cbe90f85dbe4139980c3fca7f914c5c3be414f48a06bf16380d9c82156d3d602b24b19b7f34a67db70f5c7876124fbf39a6d5d63ed3a9b6a94fee62bcad9c2ffc90be90017a0275f42d5777826a87ad822a16835d0755eb253f04aa99795af7489a5ec0791207e64697403fb9c85409c284983b0c760c0d912c444c926752eec1949e09696e40b17dfcd2a6f890342fe83141fc9e203db50589607ed921f393dabf480e09d2950adb138e77a86f3af4906d246a709af5a766368929a5b46c843690aaf46fb928fdb7665af91cfbe26019a701da567555547d9b259425ee7eb4bcd323f16a91fa15e2e41d45f0361e1a87943264f09fa1eff52891f19d4cc31efc582356303bf83245736ddda0285be5ec924d79d16aae85e7170bc596162f09b6f50506f9012deca2b49a68ffde2a1fdf7c5c8dd4dc4c2783ea1caa1082b1f63a1ad750f1cedaa8ac41d81bf900a0fa25bc5f2ac634413741554af64a591067086aeabb528332138857f2903564848fc5130f89f9e59feab0d4393a1501ae213d77aa74b1337ca3f7400277ef02c44a48370370ce7290753918a7ca6500508fa36b76fb014a2aa7a0b3d4837d3c31dc871409b9c1195ff5c566f6f53fde4fa47379104bcd4db7fbe0f5e144dcd953308b331f3ca212dbbffd19869aacf213f09e74123b5cbbdb7de6f1f8aff4922e19f75b3c7b46dbb872e182ade41149e7d80f38d69b1c56c9ceeb3cd811f39d1e05340827a54b04c730a2957803bfdd8475ef458431fa84663ef3d0aa7962b5185bd7050aeb45ad61e38f9faf9f5f1a665810c297c5dfca56f160a3f7837de13d87254af00e203769b98811d00a970b06fdb8c6a4bce9176dd943711fba9786a55c5b2d6f64c211a97a1114da07fd62d4bfb486be8ecea06", 0x1000, 0x40000, &(0x7f0000000000)={0x11, 0xf7, 0x0, 0x1, 0x8, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x26}}, 0x14)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x2, 0x3e}, @l2cap_cid_signaling={{0x3a}, [@l2cap_move_chan_cfm={{0x10, 0x3f, 0x4}, {0x1000, 0x2e2}}, @l2cap_conf_rsp={{0x5, 0x7, 0x9}, {0x5, 0xfff9, 0x0, [@l2cap_conf_fcs={0x5, 0x1}]}}, @l2cap_conf_req={{0x4, 0x7, 0x19}, {0xffff, 0x7f, [@l2cap_conf_ews={0x7, 0x2, 0x1}, @l2cap_conf_flushto={0x2, 0x2, 0x7}, @l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_fcs={0x5, 0x1, 0x1}]}}, @l2cap_disconn_rsp={{0x7, 0x0, 0x4}, {0x4, 0x38}}]}}, 0x43)
sendto$packet(0xffffffffffffffff, &(0x7f0000000100)="b12311b36182903cc64100e1addc32951a248be123e5b2a7532d3fcb286f54ca8f983f8d9ca5802ddd003a5d53831423b461af80791c72339c5f4fe7c537c7844f443713c6c503528f09e9ba2332410e06299a2e2de515a7c54c53bbb6e8ece04bb441260f82511cc0f4a377a8d08d8dc1a445322fea7d7b84b8e5ff96a69c19776d09ec6ee08a72d7acbe6b444a2b4eb1d9455b267778fd1e7a0714b970766be4a44832d3fb7ae7f8b2015abec7e13ab68ecbde824c617bdbe4c4920ea0cc94cba87627b0c2ef34b8572fbe0277b94ebecdf2b5cb0cd7d441d7d5848935c5047dcf30008e198f1d798e9f4412389bc45cd843bf08e826c96b1265b68d869852e4acc59e02e396926e667d7a5fdd2ff3cff6f72d36c8c7221fcb766389a488e891fed28de16b9e1847314aa160f820d0fa4e9e842c34ce93e222670f117416fc922c477feca804566d56c190784c6fa43e213405cca30d2b9edd4a4620355258f65433fa7108f5f5e4743b60f83f6ce03d0e44eab65219b62a24274a0843a380befa2ff1a3d8ad389d0f133a345aa23d8bd857c88bee1b12ecd63f385bf079906f4cdc2b64e4c5fb77988b302a533d75576d96de6e7f58d8fd6d805965599472ddfeed615c16698b3ee78343e9f94089844f606bcdbe483c7a16badcd98cb44d4c4a508a516a52c126740c2110deeb585669f5ddf6afd9aefc788d767d45301a6d8d5295962a0a56dfe8da22fa15259b180cda3a06de4400ff4513183e7ff3cc66305b81da74bcf43dc744305212fc155020f397e546991fd1874e9be8df8028d94c5b7c1ef61586cecab11135543ce39acd240882750f4fdfb6c1df59402520c750d495885cdfd46c9fbef82253ca6d7d813657df23af4823244064d04d09fb797d9be090377ff7b664827bce1c6757e26e7ba90e150b4a98ecf6d872fbdff182c2ec1d8d8f41aa1bd691626b9cff7fb90a7b0911798b8b48cb5342191733882a9993a560bf9c19cda0e4292af2e6561722301d4bd992ee4424e71ae98612b8f68d3cce4c573020e83882ff2704da652691a57602c968713c2d89c6928649d0fd9f9bc8d97097d160fdd24c3d5e80e7a9386cd5e1f7a6e63aa47be9c3c7a9f1448f348bfcf513fc572f041590f8ceb29a58e6268db149fecb134bce6617167ae5812081b0746313ae71cb61d483a4dc001c0c636444bf809933803e97cda6218f5f6b27eb18077db65c3020bd8933f517bf7d0a5d4f7fff9fe302479daa3b5c6b4f0e18c27e3bf7796dc5a05cf01d044a1701c8145ecb62191e7493efe419fa8429ed6751136b79a0597d6f25e19f1d13b6c8b8c09bbae088661cb297bdf5f5d4ed04ec11076f7000832b4b8185f771976e844af87975c63df4ebec6ccd72a4514614d4f5f9122ffd585f1b748cc49e914d56c7bd676a1df62771ddefa1944ab202bd095bc8c5e009c85eb419cffca13d947d09483249943ee15737a5d2d15de5969ac9ec4b83e5cdbde764e204502d40a5fa014a45328d13110bdda244451bfdeae33791e0727072d7355bad52706de3da5f17318923608c3ce748a6059e116a53b1a28e6f9a9f6973567a54bd69be2d6a9972052f1807c3c9756fa0b1559a267341577f1a43bcc6e31355599ac08c7c5fe7f45e5c9d0d7ec809ad80dc19f651a5931fbe29e59a2cca30a9e72cc8b3c7a9316fdc61634b306139d6af4a02676de74c5115a06f267f475f3e05622b72760b45e40fc150929440e7fb998b8171ee334e148278702c2bbf6fb909d4255412ccef22e90143aa1cf430d116547e46617d6be356ff1186f3888adc79ef204e542d0cce83e6530dab5c0a77cb4c58263bd13addc9e44b1635220a822a8c28e87f16b4e6a37e39c809b4d8d1eaf4bc46bb7d7346597a651bc6951033e27daa6cada361e501f951af9efc9dc7e1f6226e0c7fa23888c85a845e5f8925a726ec474ad728939a3556d543e45c1a41fdaead4d61f69668182c7036c7df05676e63eff20d99cf08c9180fcf11b27a6c7014a50d9ce19769c26f4c7f4929de3024b91a125d09f8647eaa7ecdac09c8778d4d581333d01c88e4df19a86082f65fe3401a27ebf2aaa0949f0e09828efce941bf96c2852307624bb8c90059e044ecb68fcc88f0fb63724eda894a9f525f9e23ceaa7eff334136557be304996355b2b67191fc2a352b7e11df9aed0f3a229a6fe4f53c59191dd6f2575391d6a88cfdc3bdef95bf1b33573fab890a210f77509d30792f93eaa9dfb6ae362068d04d5dae934e94114431adc3975c43377300d476c75c6f6aacbcadc7d95b77fcb0b697de985f028989ea6ad15d9965b5962ff77884d1dde4a015de1d1a23932b483f1e912bef52486340db9aa63f8242a5814aad8a61dad6442baf7b398be6056c60ccddddf87f6db312218c22fb896792d0e3ce35246dc4009868fe1d14f224275d85e04b7bc3aca6d64ca0eba2e21ed022a7b57d668d684272c4e45165f21dd7e897aacd3bf6a9798263005837920907612105ade0711c10ba8d57e806547a493a8c67d79654b06f10a399a0ab453d7012a0b51ddf78497b4bccee375ee14c4e4085c5e15b00813d28de2684eb9379d241177f34ac22e4d39eabc86cd6487ada194b75f243461eb6d3aa2261ca2a513ae7a1dcf4f4cb00f59b31bf4a8ae4cd13edeff5c51c897b3930a201d485b882747b03ef05d3303d6753ceb6e793bb6f38c1bb1f6104e792ca449318e624d86bfc3333dbd8e66cc68ebcbb41b66cd5937587fff41a37043bbc4624012bd78783cd4e57ee4bea7822a63bdb7c10805a128c39f7cf1580fb96579acdbed360f84f3e695a348e99ddba430eef7811216ac22338900ba4707327374b3bddf32176a5974459ab4fdbd8d741e244d34dd881bbe83785da1fc03e7b15743838d6b6b35d42c0c7d9c0eaca24cdf7f582b2490cc733d0f6e1cf44ca6bf31cdf6bfc41e070483781445ca4e02389a07397ef844574bdbef8a74bbc9c1e4746ec8551b7769bda793c192070437960ec29260665648ea7ed9d126df11e012c73ac1059379a1fefad5cd4eb0176a3990f22fa55655b600f713ec0df9a924c70bf92793ff2b4cae6885feb999097d13baafa414f068ca8b85ae2c6296df8b1f83c80529df9a348934afec7508aa1b1f76a0dfe5da2d4373a642def4e4e74010c100d39157636f14184b27ba0f3649cac36b8e7e2678b418e5cfb8624e1e240fa1fa995b893640f446ee61a6c7e46b852e7c77468da26e305642137a4cf498bea636e66ced63f138ccb06bbff8d843e137d72564cc8dadabac8a11354839770fb1998e0249567dce9da8573475cad0dddb70030d0ee5fb859dfe24f7f524d5aa5eda1cccf828e4dd5dec4a587bdd9acd9d59dd48ba632bfd666e013af7421b28a0386cad14ba2d5a047a2bbf2e63a994cf862e46f3b83e85f75733e2feb83b3cc7835a7e6e8de2da227f0726c027e66ea1b87ff50886d8fe332fe512fdfaf4ea5e6cd5b0c7957c6905936d7bbf46ded4c29fccadd82c6b736833fc3e3da05dbe1996be283152548b33d5432c27e8cdb54dbc7f4cdd1e66eb3fca4137f88852fe03f4f9f0bbad28875c237d36c90a870fdb56060028e27d9974362005270b902ff77e9f24cef5ef3325c526d211cf1efc7c5e07fe729e8cc4d839b1c3cfa24dcd9e03c46b64418184314fd30ad323dda7fea92aa028f578b147ae52ae3bb83e4581894f4514793f7fcb28b312b57298f3ceac0eea5513d76845bb9e466c638ee20120d748a3f0375809d40a1fe7a99eeaa7f853913dd12d6a696287100bc512db52c635e2650abcc20e1b9cfe2100f0d544010252c2c5d9cec9ace3c2f0920c6acd6a1d9b6c7244709204b1ec272590f3bcf0cd3c07107feb42d6ca3c9d9f69a61f93a560177a2b66492572bc5597d9fea0494c048df7634b9f2fe34cc55cbfd9be75507e6829bcdf712e83da3175ac1dadb819ea598638ae2578960416542a0ad7d08fe59a5d7ba24950ab38af321b06c0d754695202798575f4ba1bc951efe00d4fff5f51d1a2950fffe3b10a097d01392c81ead4286a6753e9b21118f7238f929804b3e669f9cf9fb9552a92974d5cc1f8dfcce772b995b1de9300174e313f2ab518fc4e565c9428b17b872ea044c6c9368593d6519bd3e21b0952595ea94084360aace7ab9fcb12c0a70ceadc92fe5b65d344d850805ac02303921306bb5faf60cdfa7ba79327ab04056f909b5f99b49ab2d7fe886faaeea33fb93e325e413c199dd1f6347a84656e85e8903734392c3ddaa918560022bd8d08716490d491720ab7aa9270d185caa656b364bbbb51822e6a59053127ffff563171d526500a7a7368d18fd5ff3e4182f4455af528ecaa948e6811f5c0d3e6459ee8d90cf034ad8eff95cba68dbd6ac910e20487173d9c7c9ccc6dc8ccd26f4137dc495d078106231d4d980cafb68ad1207b2b90070ee5a8982d9654036df5cfbe7c2622c734db612d9ec2c6b5ef5ae8b0a4df363abd9d22b38b8adb1b24ddda753b396c7de2da8da1e9e557e5cd23b515ec762706a7e9aed633a2605ce769756ed2c519222487aaaae7ce17c04b738345b914bbfa79fbbe4b230e531fd8e3395a61c31f7d50ba9be366c825e0698ee8b31752cd1cf6399fbacbb323aed3f6fc7e91bdb312970f52103fa3d5180e3e5a7b298255662892745d7a606c3fab32ae694745611678cbafb9d6cb49b1b9f4a14258a7662a1cfb47bf7ff1ffc132150bcf81e4c49b38704ff4a5e23d6c19f968f1e470b2fb907de9937d9d2ef22cdd4e05e64eb450c5a2eceaf4f62a983e00e32b6941e57aa539101d66d3d0bac53f10e536df45aadedf758e228b12064cbe90f85dbe4139980c3fca7f914c5c3be414f48a06bf16380d9c82156d3d602b24b19b7f34a67db70f5c7876124fbf39a6d5d63ed3a9b6a94fee62bcad9c2ffc90be90017a0275f42d5777826a87ad822a16835d0755eb253f04aa99795af7489a5ec0791207e64697403fb9c85409c284983b0c760c0d912c444c926752eec1949e09696e40b17dfcd2a6f890342fe83141fc9e203db50589607ed921f393dabf480e09d2950adb138e77a86f3af4906d246a709af5a766368929a5b46c843690aaf46fb928fdb7665af91cfbe26019a701da567555547d9b259425ee7eb4bcd323f16a91fa15e2e41d45f0361e1a87943264f09fa1eff52891f19d4cc31efc582356303bf83245736ddda0285be5ec924d79d16aae85e7170bc596162f09b6f50506f9012deca2b49a68ffde2a1fdf7c5c8dd4dc4c2783ea1caa1082b1f63a1ad750f1cedaa8ac41d81bf900a0fa25bc5f2ac634413741554af64a591067086aeabb528332138857f2903564848fc5130f89f9e59feab0d4393a1501ae213d77aa74b1337ca3f7400277ef02c44a48370370ce7290753918a7ca6500508fa36b76fb014a2aa7a0b3d4837d3c31dc871409b9c1195ff5c566f6f53fde4fa47379104bcd4db7fbe0f5e144dcd953308b331f3ca212dbbffd19869aacf213f09e74123b5cbbdb7de6f1f8aff4922e19f75b3c7b46dbb872e182ade41149e7d80f38d69b1c56c9ceeb3cd811f39d1e05340827a54b04c730a2957803bfdd8475ef458431fa84663ef3d0aa7962b5185bd7050aeb45ad61e38f9faf9f5f1a665810c297c5dfca56f160a3f7837de13d87254af00e203769b98811d00a970b06fdb8c6a4bce9176dd943711fba9786a55c5b2d6f64c211a97a1114da07fd62d4bfb486be8ecea06", 0x1000, 0x40000, &(0x7f0000000000)={0x11, 0xf7, 0x0, 0x1, 0x8, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x26}}, 0x14) (async)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x2, 0x3e}, @l2cap_cid_signaling={{0x3a}, [@l2cap_move_chan_cfm={{0x10, 0x3f, 0x4}, {0x1000, 0x2e2}}, @l2cap_conf_rsp={{0x5, 0x7, 0x9}, {0x5, 0xfff9, 0x0, [@l2cap_conf_fcs={0x5, 0x1}]}}, @l2cap_conf_req={{0x4, 0x7, 0x19}, {0xffff, 0x7f, [@l2cap_conf_ews={0x7, 0x2, 0x1}, @l2cap_conf_flushto={0x2, 0x2, 0x7}, @l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_fcs={0x5, 0x1, 0x1}]}}, @l2cap_disconn_rsp={{0x7, 0x0, 0x4}, {0x4, 0x38}}]}}, 0x43) (async)

13:51:33 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe800000000000000000000000e500bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2325.631346][T32731] FAULT_INJECTION: forcing a failure.
[ 2325.631346][T32731] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2325.662929][T32731] CPU: 1 PID: 32731 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2325.673503][T32731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2325.683570][T32731] Call Trace:
[ 2325.686858][T32731]  <TASK>
[ 2325.689805][T32731]  dump_stack_lvl+0xcd/0x134
[ 2325.694426][T32731]  should_fail.cold+0x5/0xa
[ 2325.698966][T32731]  _copy_from_user+0x2a/0x170
[ 2325.703666][T32731]  input_event_from_user+0x131/0x3a0
[ 2325.708972][T32731]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2325.714916][T32731]  evdev_write+0x356/0x760
[ 2325.719349][T32731]  ? evdev_read+0xe30/0xe30
[ 2325.723862][T32731]  ? apparmor_file_permission+0x264/0x4e0
[ 2325.729618][T32731]  ? bpf_lsm_file_permission+0x5/0x10
[ 2325.735008][T32731]  ? security_file_permission+0xab/0xd0
[ 2325.740569][T32731]  vfs_write+0x2d7/0xdd0
[ 2325.744836][T32731]  ? evdev_read+0xe30/0xe30
[ 2325.749357][T32731]  ? vfs_read+0x930/0x930
[ 2325.753701][T32731]  ? __fget_files+0x26a/0x440
[ 2325.758830][T32731]  ? __fget_light+0xe5/0x270
[ 2325.763530][T32731]  ksys_write+0x1e8/0x250
[ 2325.768051][T32731]  ? __ia32_sys_read+0xb0/0xb0
[ 2325.772831][T32731]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2325.778744][T32731]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2325.784661][T32731]  do_syscall_64+0x35/0xb0
[ 2325.789107][T32731]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2325.795099][T32731] RIP: 0033:0x7eff6688a649
[ 2325.799521][T32731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2325.819141][T32731] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
13:51:34 executing program 3:
r0 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r0, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010)
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r4}]}, 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_LINK={0x8, 0x1, r4}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000040)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x43})
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200) (async)
sendmsg$nl_route(r0, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010) (async)
socket(0x10, 0x2, 0x0) (async)
write(r1, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32) (async)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$packet(0x11, 0x3, 0x300) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) (async)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r4}]}, 0x34}}, 0x0) (async)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_LINK={0x8, 0x1, r4}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10) (async)
ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000040)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x43}) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa) (async)

13:51:34 executing program 1:
sendto$packet(0xffffffffffffffff, &(0x7f0000000100)="b12311b36182903cc64100e1addc32951a248be123e5b2a7532d3fcb286f54ca8f983f8d9ca5802ddd003a5d53831423b461af80791c72339c5f4fe7c537c7844f443713c6c503528f09e9ba2332410e06299a2e2de515a7c54c53bbb6e8ece04bb441260f82511cc0f4a377a8d08d8dc1a445322fea7d7b84b8e5ff96a69c19776d09ec6ee08a72d7acbe6b444a2b4eb1d9455b267778fd1e7a0714b970766be4a44832d3fb7ae7f8b2015abec7e13ab68ecbde824c617bdbe4c4920ea0cc94cba87627b0c2ef34b8572fbe0277b94ebecdf2b5cb0cd7d441d7d5848935c5047dcf30008e198f1d798e9f4412389bc45cd843bf08e826c96b1265b68d869852e4acc59e02e396926e667d7a5fdd2ff3cff6f72d36c8c7221fcb766389a488e891fed28de16b9e1847314aa160f820d0fa4e9e842c34ce93e222670f117416fc922c477feca804566d56c190784c6fa43e213405cca30d2b9edd4a4620355258f65433fa7108f5f5e4743b60f83f6ce03d0e44eab65219b62a24274a0843a380befa2ff1a3d8ad389d0f133a345aa23d8bd857c88bee1b12ecd63f385bf079906f4cdc2b64e4c5fb77988b302a533d75576d96de6e7f58d8fd6d805965599472ddfeed615c16698b3ee78343e9f94089844f606bcdbe483c7a16badcd98cb44d4c4a508a516a52c126740c2110deeb585669f5ddf6afd9aefc788d767d45301a6d8d5295962a0a56dfe8da22fa15259b180cda3a06de4400ff4513183e7ff3cc66305b81da74bcf43dc744305212fc155020f397e546991fd1874e9be8df8028d94c5b7c1ef61586cecab11135543ce39acd240882750f4fdfb6c1df59402520c750d495885cdfd46c9fbef82253ca6d7d813657df23af4823244064d04d09fb797d9be090377ff7b664827bce1c6757e26e7ba90e150b4a98ecf6d872fbdff182c2ec1d8d8f41aa1bd691626b9cff7fb90a7b0911798b8b48cb5342191733882a9993a560bf9c19cda0e4292af2e6561722301d4bd992ee4424e71ae98612b8f68d3cce4c573020e83882ff2704da652691a57602c968713c2d89c6928649d0fd9f9bc8d97097d160fdd24c3d5e80e7a9386cd5e1f7a6e63aa47be9c3c7a9f1448f348bfcf513fc572f041590f8ceb29a58e6268db149fecb134bce6617167ae5812081b0746313ae71cb61d483a4dc001c0c636444bf809933803e97cda6218f5f6b27eb18077db65c3020bd8933f517bf7d0a5d4f7fff9fe302479daa3b5c6b4f0e18c27e3bf7796dc5a05cf01d044a1701c8145ecb62191e7493efe419fa8429ed6751136b79a0597d6f25e19f1d13b6c8b8c09bbae088661cb297bdf5f5d4ed04ec11076f7000832b4b8185f771976e844af87975c63df4ebec6ccd72a4514614d4f5f9122ffd585f1b748cc49e914d56c7bd676a1df62771ddefa1944ab202bd095bc8c5e009c85eb419cffca13d947d09483249943ee15737a5d2d15de5969ac9ec4b83e5cdbde764e204502d40a5fa014a45328d13110bdda244451bfdeae33791e0727072d7355bad52706de3da5f17318923608c3ce748a6059e116a53b1a28e6f9a9f6973567a54bd69be2d6a9972052f1807c3c9756fa0b1559a267341577f1a43bcc6e31355599ac08c7c5fe7f45e5c9d0d7ec809ad80dc19f651a5931fbe29e59a2cca30a9e72cc8b3c7a9316fdc61634b306139d6af4a02676de74c5115a06f267f475f3e05622b72760b45e40fc150929440e7fb998b8171ee334e148278702c2bbf6fb909d4255412ccef22e90143aa1cf430d116547e46617d6be356ff1186f3888adc79ef204e542d0cce83e6530dab5c0a77cb4c58263bd13addc9e44b1635220a822a8c28e87f16b4e6a37e39c809b4d8d1eaf4bc46bb7d7346597a651bc6951033e27daa6cada361e501f951af9efc9dc7e1f6226e0c7fa23888c85a845e5f8925a726ec474ad728939a3556d543e45c1a41fdaead4d61f69668182c7036c7df05676e63eff20d99cf08c9180fcf11b27a6c7014a50d9ce19769c26f4c7f4929de3024b91a125d09f8647eaa7ecdac09c8778d4d581333d01c88e4df19a86082f65fe3401a27ebf2aaa0949f0e09828efce941bf96c2852307624bb8c90059e044ecb68fcc88f0fb63724eda894a9f525f9e23ceaa7eff334136557be304996355b2b67191fc2a352b7e11df9aed0f3a229a6fe4f53c59191dd6f2575391d6a88cfdc3bdef95bf1b33573fab890a210f77509d30792f93eaa9dfb6ae362068d04d5dae934e94114431adc3975c43377300d476c75c6f6aacbcadc7d95b77fcb0b697de985f028989ea6ad15d9965b5962ff77884d1dde4a015de1d1a23932b483f1e912bef52486340db9aa63f8242a5814aad8a61dad6442baf7b398be6056c60ccddddf87f6db312218c22fb896792d0e3ce35246dc4009868fe1d14f224275d85e04b7bc3aca6d64ca0eba2e21ed022a7b57d668d684272c4e45165f21dd7e897aacd3bf6a9798263005837920907612105ade0711c10ba8d57e806547a493a8c67d79654b06f10a399a0ab453d7012a0b51ddf78497b4bccee375ee14c4e4085c5e15b00813d28de2684eb9379d241177f34ac22e4d39eabc86cd6487ada194b75f243461eb6d3aa2261ca2a513ae7a1dcf4f4cb00f59b31bf4a8ae4cd13edeff5c51c897b3930a201d485b882747b03ef05d3303d6753ceb6e793bb6f38c1bb1f6104e792ca449318e624d86bfc3333dbd8e66cc68ebcbb41b66cd5937587fff41a37043bbc4624012bd78783cd4e57ee4bea7822a63bdb7c10805a128c39f7cf1580fb96579acdbed360f84f3e695a348e99ddba430eef7811216ac22338900ba4707327374b3bddf32176a5974459ab4fdbd8d741e244d34dd881bbe83785da1fc03e7b15743838d6b6b35d42c0c7d9c0eaca24cdf7f582b2490cc733d0f6e1cf44ca6bf31cdf6bfc41e070483781445ca4e02389a07397ef844574bdbef8a74bbc9c1e4746ec8551b7769bda793c192070437960ec29260665648ea7ed9d126df11e012c73ac1059379a1fefad5cd4eb0176a3990f22fa55655b600f713ec0df9a924c70bf92793ff2b4cae6885feb999097d13baafa414f068ca8b85ae2c6296df8b1f83c80529df9a348934afec7508aa1b1f76a0dfe5da2d4373a642def4e4e74010c100d39157636f14184b27ba0f3649cac36b8e7e2678b418e5cfb8624e1e240fa1fa995b893640f446ee61a6c7e46b852e7c77468da26e305642137a4cf498bea636e66ced63f138ccb06bbff8d843e137d72564cc8dadabac8a11354839770fb1998e0249567dce9da8573475cad0dddb70030d0ee5fb859dfe24f7f524d5aa5eda1cccf828e4dd5dec4a587bdd9acd9d59dd48ba632bfd666e013af7421b28a0386cad14ba2d5a047a2bbf2e63a994cf862e46f3b83e85f75733e2feb83b3cc7835a7e6e8de2da227f0726c027e66ea1b87ff50886d8fe332fe512fdfaf4ea5e6cd5b0c7957c6905936d7bbf46ded4c29fccadd82c6b736833fc3e3da05dbe1996be283152548b33d5432c27e8cdb54dbc7f4cdd1e66eb3fca4137f88852fe03f4f9f0bbad28875c237d36c90a870fdb56060028e27d9974362005270b902ff77e9f24cef5ef3325c526d211cf1efc7c5e07fe729e8cc4d839b1c3cfa24dcd9e03c46b64418184314fd30ad323dda7fea92aa028f578b147ae52ae3bb83e4581894f4514793f7fcb28b312b57298f3ceac0eea5513d76845bb9e466c638ee20120d748a3f0375809d40a1fe7a99eeaa7f853913dd12d6a696287100bc512db52c635e2650abcc20e1b9cfe2100f0d544010252c2c5d9cec9ace3c2f0920c6acd6a1d9b6c7244709204b1ec272590f3bcf0cd3c07107feb42d6ca3c9d9f69a61f93a560177a2b66492572bc5597d9fea0494c048df7634b9f2fe34cc55cbfd9be75507e6829bcdf712e83da3175ac1dadb819ea598638ae2578960416542a0ad7d08fe59a5d7ba24950ab38af321b06c0d754695202798575f4ba1bc951efe00d4fff5f51d1a2950fffe3b10a097d01392c81ead4286a6753e9b21118f7238f929804b3e669f9cf9fb9552a92974d5cc1f8dfcce772b995b1de9300174e313f2ab518fc4e565c9428b17b872ea044c6c9368593d6519bd3e21b0952595ea94084360aace7ab9fcb12c0a70ceadc92fe5b65d344d850805ac02303921306bb5faf60cdfa7ba79327ab04056f909b5f99b49ab2d7fe886faaeea33fb93e325e413c199dd1f6347a84656e85e8903734392c3ddaa918560022bd8d08716490d491720ab7aa9270d185caa656b364bbbb51822e6a59053127ffff563171d526500a7a7368d18fd5ff3e4182f4455af528ecaa948e6811f5c0d3e6459ee8d90cf034ad8eff95cba68dbd6ac910e20487173d9c7c9ccc6dc8ccd26f4137dc495d078106231d4d980cafb68ad1207b2b90070ee5a8982d9654036df5cfbe7c2622c734db612d9ec2c6b5ef5ae8b0a4df363abd9d22b38b8adb1b24ddda753b396c7de2da8da1e9e557e5cd23b515ec762706a7e9aed633a2605ce769756ed2c519222487aaaae7ce17c04b738345b914bbfa79fbbe4b230e531fd8e3395a61c31f7d50ba9be366c825e0698ee8b31752cd1cf6399fbacbb323aed3f6fc7e91bdb312970f52103fa3d5180e3e5a7b298255662892745d7a606c3fab32ae694745611678cbafb9d6cb49b1b9f4a14258a7662a1cfb47bf7ff1ffc132150bcf81e4c49b38704ff4a5e23d6c19f968f1e470b2fb907de9937d9d2ef22cdd4e05e64eb450c5a2eceaf4f62a983e00e32b6941e57aa539101d66d3d0bac53f10e536df45aadedf758e228b12064cbe90f85dbe4139980c3fca7f914c5c3be414f48a06bf16380d9c82156d3d602b24b19b7f34a67db70f5c7876124fbf39a6d5d63ed3a9b6a94fee62bcad9c2ffc90be90017a0275f42d5777826a87ad822a16835d0755eb253f04aa99795af7489a5ec0791207e64697403fb9c85409c284983b0c760c0d912c444c926752eec1949e09696e40b17dfcd2a6f890342fe83141fc9e203db50589607ed921f393dabf480e09d2950adb138e77a86f3af4906d246a709af5a766368929a5b46c843690aaf46fb928fdb7665af91cfbe26019a701da567555547d9b259425ee7eb4bcd323f16a91fa15e2e41d45f0361e1a87943264f09fa1eff52891f19d4cc31efc582356303bf83245736ddda0285be5ec924d79d16aae85e7170bc596162f09b6f50506f9012deca2b49a68ffde2a1fdf7c5c8dd4dc4c2783ea1caa1082b1f63a1ad750f1cedaa8ac41d81bf900a0fa25bc5f2ac634413741554af64a591067086aeabb528332138857f2903564848fc5130f89f9e59feab0d4393a1501ae213d77aa74b1337ca3f7400277ef02c44a48370370ce7290753918a7ca6500508fa36b76fb014a2aa7a0b3d4837d3c31dc871409b9c1195ff5c566f6f53fde4fa47379104bcd4db7fbe0f5e144dcd953308b331f3ca212dbbffd19869aacf213f09e74123b5cbbdb7de6f1f8aff4922e19f75b3c7b46dbb872e182ade41149e7d80f38d69b1c56c9ceeb3cd811f39d1e05340827a54b04c730a2957803bfdd8475ef458431fa84663ef3d0aa7962b5185bd7050aeb45ad61e38f9faf9f5f1a665810c297c5dfca56f160a3f7837de13d87254af00e203769b98811d00a970b06fdb8c6a4bce9176dd943711fba9786a55c5b2d6f64c211a97a1114da07fd62d4bfb486be8ecea06", 0x1000, 0x40000, &(0x7f0000000000)={0x11, 0xf7, 0x0, 0x1, 0x8, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x26}}, 0x14)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x2, 0x3e}, @l2cap_cid_signaling={{0x3a}, [@l2cap_move_chan_cfm={{0x10, 0x3f, 0x4}, {0x1000, 0x2e2}}, @l2cap_conf_rsp={{0x5, 0x7, 0x9}, {0x5, 0xfff9, 0x0, [@l2cap_conf_fcs={0x5, 0x1}]}}, @l2cap_conf_req={{0x4, 0x7, 0x19}, {0xffff, 0x7f, [@l2cap_conf_ews={0x7, 0x2, 0x1}, @l2cap_conf_flushto={0x2, 0x2, 0x7}, @l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_fcs={0x5, 0x1, 0x1}]}}, @l2cap_disconn_rsp={{0x7, 0x0, 0x4}, {0x4, 0x38}}]}}, 0x43)
sendto$packet(0xffffffffffffffff, &(0x7f0000000100)="b12311b36182903cc64100e1addc32951a248be123e5b2a7532d3fcb286f54ca8f983f8d9ca5802ddd003a5d53831423b461af80791c72339c5f4fe7c537c7844f443713c6c503528f09e9ba2332410e06299a2e2de515a7c54c53bbb6e8ece04bb441260f82511cc0f4a377a8d08d8dc1a445322fea7d7b84b8e5ff96a69c19776d09ec6ee08a72d7acbe6b444a2b4eb1d9455b267778fd1e7a0714b970766be4a44832d3fb7ae7f8b2015abec7e13ab68ecbde824c617bdbe4c4920ea0cc94cba87627b0c2ef34b8572fbe0277b94ebecdf2b5cb0cd7d441d7d5848935c5047dcf30008e198f1d798e9f4412389bc45cd843bf08e826c96b1265b68d869852e4acc59e02e396926e667d7a5fdd2ff3cff6f72d36c8c7221fcb766389a488e891fed28de16b9e1847314aa160f820d0fa4e9e842c34ce93e222670f117416fc922c477feca804566d56c190784c6fa43e213405cca30d2b9edd4a4620355258f65433fa7108f5f5e4743b60f83f6ce03d0e44eab65219b62a24274a0843a380befa2ff1a3d8ad389d0f133a345aa23d8bd857c88bee1b12ecd63f385bf079906f4cdc2b64e4c5fb77988b302a533d75576d96de6e7f58d8fd6d805965599472ddfeed615c16698b3ee78343e9f94089844f606bcdbe483c7a16badcd98cb44d4c4a508a516a52c126740c2110deeb585669f5ddf6afd9aefc788d767d45301a6d8d5295962a0a56dfe8da22fa15259b180cda3a06de4400ff4513183e7ff3cc66305b81da74bcf43dc744305212fc155020f397e546991fd1874e9be8df8028d94c5b7c1ef61586cecab11135543ce39acd240882750f4fdfb6c1df59402520c750d495885cdfd46c9fbef82253ca6d7d813657df23af4823244064d04d09fb797d9be090377ff7b664827bce1c6757e26e7ba90e150b4a98ecf6d872fbdff182c2ec1d8d8f41aa1bd691626b9cff7fb90a7b0911798b8b48cb5342191733882a9993a560bf9c19cda0e4292af2e6561722301d4bd992ee4424e71ae98612b8f68d3cce4c573020e83882ff2704da652691a57602c968713c2d89c6928649d0fd9f9bc8d97097d160fdd24c3d5e80e7a9386cd5e1f7a6e63aa47be9c3c7a9f1448f348bfcf513fc572f041590f8ceb29a58e6268db149fecb134bce6617167ae5812081b0746313ae71cb61d483a4dc001c0c636444bf809933803e97cda6218f5f6b27eb18077db65c3020bd8933f517bf7d0a5d4f7fff9fe302479daa3b5c6b4f0e18c27e3bf7796dc5a05cf01d044a1701c8145ecb62191e7493efe419fa8429ed6751136b79a0597d6f25e19f1d13b6c8b8c09bbae088661cb297bdf5f5d4ed04ec11076f7000832b4b8185f771976e844af87975c63df4ebec6ccd72a4514614d4f5f9122ffd585f1b748cc49e914d56c7bd676a1df62771ddefa1944ab202bd095bc8c5e009c85eb419cffca13d947d09483249943ee15737a5d2d15de5969ac9ec4b83e5cdbde764e204502d40a5fa014a45328d13110bdda244451bfdeae33791e0727072d7355bad52706de3da5f17318923608c3ce748a6059e116a53b1a28e6f9a9f6973567a54bd69be2d6a9972052f1807c3c9756fa0b1559a267341577f1a43bcc6e31355599ac08c7c5fe7f45e5c9d0d7ec809ad80dc19f651a5931fbe29e59a2cca30a9e72cc8b3c7a9316fdc61634b306139d6af4a02676de74c5115a06f267f475f3e05622b72760b45e40fc150929440e7fb998b8171ee334e148278702c2bbf6fb909d4255412ccef22e90143aa1cf430d116547e46617d6be356ff1186f3888adc79ef204e542d0cce83e6530dab5c0a77cb4c58263bd13addc9e44b1635220a822a8c28e87f16b4e6a37e39c809b4d8d1eaf4bc46bb7d7346597a651bc6951033e27daa6cada361e501f951af9efc9dc7e1f6226e0c7fa23888c85a845e5f8925a726ec474ad728939a3556d543e45c1a41fdaead4d61f69668182c7036c7df05676e63eff20d99cf08c9180fcf11b27a6c7014a50d9ce19769c26f4c7f4929de3024b91a125d09f8647eaa7ecdac09c8778d4d581333d01c88e4df19a86082f65fe3401a27ebf2aaa0949f0e09828efce941bf96c2852307624bb8c90059e044ecb68fcc88f0fb63724eda894a9f525f9e23ceaa7eff334136557be304996355b2b67191fc2a352b7e11df9aed0f3a229a6fe4f53c59191dd6f2575391d6a88cfdc3bdef95bf1b33573fab890a210f77509d30792f93eaa9dfb6ae362068d04d5dae934e94114431adc3975c43377300d476c75c6f6aacbcadc7d95b77fcb0b697de985f028989ea6ad15d9965b5962ff77884d1dde4a015de1d1a23932b483f1e912bef52486340db9aa63f8242a5814aad8a61dad6442baf7b398be6056c60ccddddf87f6db312218c22fb896792d0e3ce35246dc4009868fe1d14f224275d85e04b7bc3aca6d64ca0eba2e21ed022a7b57d668d684272c4e45165f21dd7e897aacd3bf6a9798263005837920907612105ade0711c10ba8d57e806547a493a8c67d79654b06f10a399a0ab453d7012a0b51ddf78497b4bccee375ee14c4e4085c5e15b00813d28de2684eb9379d241177f34ac22e4d39eabc86cd6487ada194b75f243461eb6d3aa2261ca2a513ae7a1dcf4f4cb00f59b31bf4a8ae4cd13edeff5c51c897b3930a201d485b882747b03ef05d3303d6753ceb6e793bb6f38c1bb1f6104e792ca449318e624d86bfc3333dbd8e66cc68ebcbb41b66cd5937587fff41a37043bbc4624012bd78783cd4e57ee4bea7822a63bdb7c10805a128c39f7cf1580fb96579acdbed360f84f3e695a348e99ddba430eef7811216ac22338900ba4707327374b3bddf32176a5974459ab4fdbd8d741e244d34dd881bbe83785da1fc03e7b15743838d6b6b35d42c0c7d9c0eaca24cdf7f582b2490cc733d0f6e1cf44ca6bf31cdf6bfc41e070483781445ca4e02389a07397ef844574bdbef8a74bbc9c1e4746ec8551b7769bda793c192070437960ec29260665648ea7ed9d126df11e012c73ac1059379a1fefad5cd4eb0176a3990f22fa55655b600f713ec0df9a924c70bf92793ff2b4cae6885feb999097d13baafa414f068ca8b85ae2c6296df8b1f83c80529df9a348934afec7508aa1b1f76a0dfe5da2d4373a642def4e4e74010c100d39157636f14184b27ba0f3649cac36b8e7e2678b418e5cfb8624e1e240fa1fa995b893640f446ee61a6c7e46b852e7c77468da26e305642137a4cf498bea636e66ced63f138ccb06bbff8d843e137d72564cc8dadabac8a11354839770fb1998e0249567dce9da8573475cad0dddb70030d0ee5fb859dfe24f7f524d5aa5eda1cccf828e4dd5dec4a587bdd9acd9d59dd48ba632bfd666e013af7421b28a0386cad14ba2d5a047a2bbf2e63a994cf862e46f3b83e85f75733e2feb83b3cc7835a7e6e8de2da227f0726c027e66ea1b87ff50886d8fe332fe512fdfaf4ea5e6cd5b0c7957c6905936d7bbf46ded4c29fccadd82c6b736833fc3e3da05dbe1996be283152548b33d5432c27e8cdb54dbc7f4cdd1e66eb3fca4137f88852fe03f4f9f0bbad28875c237d36c90a870fdb56060028e27d9974362005270b902ff77e9f24cef5ef3325c526d211cf1efc7c5e07fe729e8cc4d839b1c3cfa24dcd9e03c46b64418184314fd30ad323dda7fea92aa028f578b147ae52ae3bb83e4581894f4514793f7fcb28b312b57298f3ceac0eea5513d76845bb9e466c638ee20120d748a3f0375809d40a1fe7a99eeaa7f853913dd12d6a696287100bc512db52c635e2650abcc20e1b9cfe2100f0d544010252c2c5d9cec9ace3c2f0920c6acd6a1d9b6c7244709204b1ec272590f3bcf0cd3c07107feb42d6ca3c9d9f69a61f93a560177a2b66492572bc5597d9fea0494c048df7634b9f2fe34cc55cbfd9be75507e6829bcdf712e83da3175ac1dadb819ea598638ae2578960416542a0ad7d08fe59a5d7ba24950ab38af321b06c0d754695202798575f4ba1bc951efe00d4fff5f51d1a2950fffe3b10a097d01392c81ead4286a6753e9b21118f7238f929804b3e669f9cf9fb9552a92974d5cc1f8dfcce772b995b1de9300174e313f2ab518fc4e565c9428b17b872ea044c6c9368593d6519bd3e21b0952595ea94084360aace7ab9fcb12c0a70ceadc92fe5b65d344d850805ac02303921306bb5faf60cdfa7ba79327ab04056f909b5f99b49ab2d7fe886faaeea33fb93e325e413c199dd1f6347a84656e85e8903734392c3ddaa918560022bd8d08716490d491720ab7aa9270d185caa656b364bbbb51822e6a59053127ffff563171d526500a7a7368d18fd5ff3e4182f4455af528ecaa948e6811f5c0d3e6459ee8d90cf034ad8eff95cba68dbd6ac910e20487173d9c7c9ccc6dc8ccd26f4137dc495d078106231d4d980cafb68ad1207b2b90070ee5a8982d9654036df5cfbe7c2622c734db612d9ec2c6b5ef5ae8b0a4df363abd9d22b38b8adb1b24ddda753b396c7de2da8da1e9e557e5cd23b515ec762706a7e9aed633a2605ce769756ed2c519222487aaaae7ce17c04b738345b914bbfa79fbbe4b230e531fd8e3395a61c31f7d50ba9be366c825e0698ee8b31752cd1cf6399fbacbb323aed3f6fc7e91bdb312970f52103fa3d5180e3e5a7b298255662892745d7a606c3fab32ae694745611678cbafb9d6cb49b1b9f4a14258a7662a1cfb47bf7ff1ffc132150bcf81e4c49b38704ff4a5e23d6c19f968f1e470b2fb907de9937d9d2ef22cdd4e05e64eb450c5a2eceaf4f62a983e00e32b6941e57aa539101d66d3d0bac53f10e536df45aadedf758e228b12064cbe90f85dbe4139980c3fca7f914c5c3be414f48a06bf16380d9c82156d3d602b24b19b7f34a67db70f5c7876124fbf39a6d5d63ed3a9b6a94fee62bcad9c2ffc90be90017a0275f42d5777826a87ad822a16835d0755eb253f04aa99795af7489a5ec0791207e64697403fb9c85409c284983b0c760c0d912c444c926752eec1949e09696e40b17dfcd2a6f890342fe83141fc9e203db50589607ed921f393dabf480e09d2950adb138e77a86f3af4906d246a709af5a766368929a5b46c843690aaf46fb928fdb7665af91cfbe26019a701da567555547d9b259425ee7eb4bcd323f16a91fa15e2e41d45f0361e1a87943264f09fa1eff52891f19d4cc31efc582356303bf83245736ddda0285be5ec924d79d16aae85e7170bc596162f09b6f50506f9012deca2b49a68ffde2a1fdf7c5c8dd4dc4c2783ea1caa1082b1f63a1ad750f1cedaa8ac41d81bf900a0fa25bc5f2ac634413741554af64a591067086aeabb528332138857f2903564848fc5130f89f9e59feab0d4393a1501ae213d77aa74b1337ca3f7400277ef02c44a48370370ce7290753918a7ca6500508fa36b76fb014a2aa7a0b3d4837d3c31dc871409b9c1195ff5c566f6f53fde4fa47379104bcd4db7fbe0f5e144dcd953308b331f3ca212dbbffd19869aacf213f09e74123b5cbbdb7de6f1f8aff4922e19f75b3c7b46dbb872e182ade41149e7d80f38d69b1c56c9ceeb3cd811f39d1e05340827a54b04c730a2957803bfdd8475ef458431fa84663ef3d0aa7962b5185bd7050aeb45ad61e38f9faf9f5f1a665810c297c5dfca56f160a3f7837de13d87254af00e203769b98811d00a970b06fdb8c6a4bce9176dd943711fba9786a55c5b2d6f64c211a97a1114da07fd62d4bfb486be8ecea06", 0x1000, 0x40000, &(0x7f0000000000)={0x11, 0xf7, 0x0, 0x1, 0x8, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x26}}, 0x14) (async)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x2, 0x3e}, @l2cap_cid_signaling={{0x3a}, [@l2cap_move_chan_cfm={{0x10, 0x3f, 0x4}, {0x1000, 0x2e2}}, @l2cap_conf_rsp={{0x5, 0x7, 0x9}, {0x5, 0xfff9, 0x0, [@l2cap_conf_fcs={0x5, 0x1}]}}, @l2cap_conf_req={{0x4, 0x7, 0x19}, {0xffff, 0x7f, [@l2cap_conf_ews={0x7, 0x2, 0x1}, @l2cap_conf_flushto={0x2, 0x2, 0x7}, @l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_fcs={0x5, 0x1, 0x1}]}}, @l2cap_disconn_rsp={{0x7, 0x0, 0x4}, {0x4, 0x38}}]}}, 0x43) (async)

[ 2325.827566][T32731] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2325.835545][T32731] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2325.843621][T32731] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2325.851599][T32731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2325.859584][T32731] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2325.868105][T32731]  </TASK>
13:51:34 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 58)

13:51:34 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x2000000000000)

13:51:34 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="c155"], 0x8)

13:51:34 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe800000000000000000fffffff000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:34 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES16, @ANYRESOCT=0x0, @ANYRES16], 0x26)

13:51:34 executing program 4:
syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYRESOCT=0x0, @ANYRES16], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0xa7, 0x8}, {0x0, 0x6, 0x2, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xfe}, "1723f6458368c1b4933184e44c35bb066cdcceed497bc1da0766ad51abbc6ed6c406d1f74e2d87eba82353ae79a86895c748d438d402d4d29d38d90f222b6ab3a244aaca52fc18bdbafee779fceb4ca1c5881357953d4e0988271b20a4bf9ec1381770c6b1941a77d189dc07ad71136f2d5000779f33f13ebeccd3297abc40c5859a6f49de4230a994e70c62bdf1bb881f42e2c083f6269f051d709ea2a608cba79bb4ef321378fbb3d00dc8660e975690280b16c54206c5952970cbb773188dec891558b95f460f43443487b9530ba948ec3f22afafa2177e94355c3ca2ee85be058250f6e60b8002b71db53e2e16b77de183e7a0227afc3d5cc47d62ac"}, 0x102)
syz_emit_vhci(&(0x7f0000000200)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x2, 0x4}, {0x7f, 0x2}}}}, 0x11)

13:51:34 executing program 3:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCADDRT(r2, 0x890b, &(0x7f0000000040)={0x0, @l2tp={0x2, 0x0, @empty, 0x80000}, @l2={0x1f, 0x6, @any, 0x992}, @nl=@unspec, 0x700, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)='veth0_macvtap\x00', 0x0, 0x0, 0x114})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f00000003c0)={0x0, ""/256, 0x0, 0x0, <r3=>0x0})
recvmsg(r1, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000001840)=""/91, 0x5b}, {&(0x7f00000018c0)=""/80, 0x50}], 0x2, &(0x7f0000001940)=""/34, 0x22}, 0x2002)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000280)={"e6696328276c80ede1cbb140551427cb", r3, 0x0, {0x0, 0x3}, {0x0, 0x8007}, 0x28e, [0x0, 0x0, 0x0, 0x10008, 0x0, 0x4, 0x0, 0x0, 0x0, 0x80, 0x100, 0x78, 0x3, 0x0, 0xfffffffffffffff8]})
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r2, 0x84009422, &(0x7f0000001e00)={0x0, 0x0, {0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000840)={{r1}, r3, 0x3, @unused=[0x0, 0x6, 0x70000000, 0xffb], @devid=r4})
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r0, 0x5000943f, &(0x7f0000000100)={{r0}, 0x0, 0x2, @unused=[0x8000000000000001, 0x0, 0x5, 0x5], @devid=r4})
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYRES16=r0], 0x91f7b1380e30135c)

13:51:34 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe800000000000000000000000fc00bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2326.052799][T32757] FAULT_INJECTION: forcing a failure.
[ 2326.052799][T32757] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2326.095399][T32757] CPU: 0 PID: 32757 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2326.105899][T32757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2326.116164][T32757] Call Trace:
[ 2326.119466][T32757]  <TASK>
[ 2326.122427][T32757]  dump_stack_lvl+0xcd/0x134
[ 2326.127062][T32757]  should_fail.cold+0x5/0xa
[ 2326.131676][T32757]  _copy_from_user+0x2a/0x170
[ 2326.136399][T32757]  input_event_from_user+0x131/0x3a0
13:51:34 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES16, @ANYRESOCT=0x0, @ANYRES16], 0x26)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES16, @ANYRESOCT=0x0, @ANYRES16], 0x26) (async)

13:51:34 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES16, @ANYRESOCT=0x0, @ANYRES16], 0x26)

[ 2326.141723][T32757]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2326.147580][T32757]  evdev_write+0x356/0x760
[ 2326.152063][T32757]  ? evdev_read+0xe30/0xe30
[ 2326.156592][T32757]  ? apparmor_file_permission+0x264/0x4e0
[ 2326.162354][T32757]  ? bpf_lsm_file_permission+0x5/0x10
[ 2326.167779][T32757]  ? security_file_permission+0xab/0xd0
[ 2326.173373][T32757]  vfs_write+0x2d7/0xdd0
[ 2326.177740][T32757]  ? evdev_read+0xe30/0xe30
[ 2326.182287][T32757]  ? vfs_read+0x930/0x930
[ 2326.186681][T32757]  ? __fget_files+0x26a/0x440
[ 2326.191411][T32757]  ? __fget_light+0xe5/0x270
13:51:34 executing program 1:
r0 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r0, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010)
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r4}]}, 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_LINK={0x8, 0x1, r4}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
write$P9_RLOPEN(r0, &(0x7f0000000040)={0x18, 0xd, 0x2, {{0x1, 0x2, 0x8}, 0x2}}, 0x18)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

[ 2326.196048][T32757]  ksys_write+0x1e8/0x250
[ 2326.200419][T32757]  ? __ia32_sys_read+0xb0/0xb0
[ 2326.205218][T32757]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2326.211154][T32757]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2326.217104][T32757]  do_syscall_64+0x35/0xb0
[ 2326.221554][T32757]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2326.227490][T32757] RIP: 0033:0x7eff6688a649
[ 2326.231959][T32757] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2326.252568][T32757] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2326.261020][T32757] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2326.261041][T32757] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2326.261059][T32757] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2326.285096][T32757] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
13:51:34 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe800000000000000000fffffffc00bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2326.293098][T32757] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2326.301125][T32757]  </TASK>
[ 2326.304923][T15356] Bluetooth: Unexpected continuation frame (len 16)
13:51:34 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 59)

13:51:34 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x4000000000000)

13:51:34 executing program 1:
r0 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r0, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010)
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r4}]}, 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_LINK={0x8, 0x1, r4}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
write$P9_RLOPEN(r0, &(0x7f0000000040)={0x18, 0xd, 0x2, {{0x1, 0x2, 0x8}, 0x2}}, 0x18)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200) (async)
sendmsg$nl_route(r0, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010) (async)
socket(0x10, 0x2, 0x0) (async)
write(r1, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32) (async)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$packet(0x11, 0x3, 0x300) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) (async)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r4}]}, 0x34}}, 0x0) (async)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_LINK={0x8, 0x1, r4}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10) (async)
write$P9_RLOPEN(r0, &(0x7f0000000040)={0x18, 0xd, 0x2, {{0x1, 0x2, 0x8}, 0x2}}, 0x18) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)

13:51:34 executing program 4:
syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYRESOCT=0x0, @ANYRES16], 0x8) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0xa7, 0x8}, {0x0, 0x6, 0x2, 0x3f}}}}, 0x15) (async)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xfe}, "1723f6458368c1b4933184e44c35bb066cdcceed497bc1da0766ad51abbc6ed6c406d1f74e2d87eba82353ae79a86895c748d438d402d4d29d38d90f222b6ab3a244aaca52fc18bdbafee779fceb4ca1c5881357953d4e0988271b20a4bf9ec1381770c6b1941a77d189dc07ad71136f2d5000779f33f13ebeccd3297abc40c5859a6f49de4230a994e70c62bdf1bb881f42e2c083f6269f051d709ea2a608cba79bb4ef321378fbb3d00dc8660e975690280b16c54206c5952970cbb773188dec891558b95f460f43443487b9530ba948ec3f22afafa2177e94355c3ca2ee85be058250f6e60b8002b71db53e2e16b77de183e7a0227afc3d5cc47d62ac"}, 0x102) (async)
syz_emit_vhci(&(0x7f0000000200)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x2, 0x4}, {0x7f, 0x2}}}}, 0x11)

13:51:34 executing program 3:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCADDRT(r2, 0x890b, &(0x7f0000000040)={0x0, @l2tp={0x2, 0x0, @empty, 0x80000}, @l2={0x1f, 0x6, @any, 0x992}, @nl=@unspec, 0x700, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)='veth0_macvtap\x00', 0x0, 0x0, 0x114})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f00000003c0)={0x0, ""/256, 0x0, 0x0, <r3=>0x0})
recvmsg(r1, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000001840)=""/91, 0x5b}, {&(0x7f00000018c0)=""/80, 0x50}], 0x2, &(0x7f0000001940)=""/34, 0x22}, 0x2002)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000280)={"e6696328276c80ede1cbb140551427cb", r3, 0x0, {0x0, 0x3}, {0x0, 0x8007}, 0x28e, [0x0, 0x0, 0x0, 0x10008, 0x0, 0x4, 0x0, 0x0, 0x0, 0x80, 0x100, 0x78, 0x3, 0x0, 0xfffffffffffffff8]})
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r2, 0x84009422, &(0x7f0000001e00)={0x0, 0x0, {0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000840)={{r1}, r3, 0x3, @unused=[0x0, 0x6, 0x70000000, 0xffb], @devid=r4})
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r0, 0x5000943f, &(0x7f0000000100)={{r0}, 0x0, 0x2, @unused=[0x8000000000000001, 0x0, 0x5, 0x5], @devid=r4})
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYRES16=r0], 0x91f7b1380e30135c)
syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01) (async)
accept$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c) (async)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
ioctl$sock_SIOCADDRT(r2, 0x890b, &(0x7f0000000040)={0x0, @l2tp={0x2, 0x0, @empty, 0x80000}, @l2={0x1f, 0x6, @any, 0x992}, @nl=@unspec, 0x700, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)='veth0_macvtap\x00', 0x0, 0x0, 0x114}) (async)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f00000003c0)) (async)
recvmsg(r1, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000001840)=""/91, 0x5b}, {&(0x7f00000018c0)=""/80, 0x50}], 0x2, &(0x7f0000001940)=""/34, 0x22}, 0x2002) (async)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000280)={"e6696328276c80ede1cbb140551427cb", r3, 0x0, {0x0, 0x3}, {0x0, 0x8007}, 0x28e, [0x0, 0x0, 0x0, 0x10008, 0x0, 0x4, 0x0, 0x0, 0x0, 0x80, 0x100, 0x78, 0x3, 0x0, 0xfffffffffffffff8]}) (async)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r2, 0x84009422, &(0x7f0000001e00)={0x0, 0x0, {0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}}) (async)
ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000840)={{r1}, r3, 0x3, @unused=[0x0, 0x6, 0x70000000, 0xffb], @devid=r4}) (async)
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r0, 0x5000943f, &(0x7f0000000100)={{r0}, 0x0, 0x2, @unused=[0x8000000000000001, 0x0, 0x5, 0x5], @devid=r4}) (async)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800) (async)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYRES16=r0], 0x91f7b1380e30135c) (async)

13:51:34 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000001ffd00bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2326.411628][T15356] Bluetooth: Unexpected continuation frame (len 16)
[ 2326.415342][  T319] __nla_validate_parse: 14 callbacks suppressed
[ 2326.415367][  T319] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'.
13:51:34 executing program 4:
syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYRESOCT=0x0, @ANYRES16], 0x8) (async, rerun: 32)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2) (async, rerun: 32)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0xa7, 0x8}, {0x0, 0x6, 0x2, 0x3f}}}}, 0x15) (async, rerun: 32)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xfe}, "1723f6458368c1b4933184e44c35bb066cdcceed497bc1da0766ad51abbc6ed6c406d1f74e2d87eba82353ae79a86895c748d438d402d4d29d38d90f222b6ab3a244aaca52fc18bdbafee779fceb4ca1c5881357953d4e0988271b20a4bf9ec1381770c6b1941a77d189dc07ad71136f2d5000779f33f13ebeccd3297abc40c5859a6f49de4230a994e70c62bdf1bb881f42e2c083f6269f051d709ea2a608cba79bb4ef321378fbb3d00dc8660e975690280b16c54206c5952970cbb773188dec891558b95f460f43443487b9530ba948ec3f22afafa2177e94355c3ca2ee85be058250f6e60b8002b71db53e2e16b77de183e7a0227afc3d5cc47d62ac"}, 0x102) (async, rerun: 32)
syz_emit_vhci(&(0x7f0000000200)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x2, 0x4}, {0x7f, 0x2}}}}, 0x11)

13:51:34 executing program 1:
r0 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r0, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010)
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0) (async)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r4}]}, 0x34}}, 0x0) (async)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_LINK={0x8, 0x1, r4}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10) (async)
write$P9_RLOPEN(r0, &(0x7f0000000040)={0x18, 0xd, 0x2, {{0x1, 0x2, 0x8}, 0x2}}, 0x18)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

[ 2326.458988][  T324] FAULT_INJECTION: forcing a failure.
[ 2326.458988][  T324] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2326.478323][  T319] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2326.490649][  T324] CPU: 0 PID: 324 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2326.500952][  T324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2326.511307][  T324] Call Trace:
[ 2326.514606][  T324]  <TASK>
[ 2326.517540][  T324]  dump_stack_lvl+0xcd/0x134
[ 2326.522155][  T324]  should_fail.cold+0x5/0xa
[ 2326.526711][  T324]  _copy_from_user+0x2a/0x170
[ 2326.531608][  T324]  input_event_from_user+0x131/0x3a0
[ 2326.536963][  T324]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2326.542801][  T324]  evdev_write+0x356/0x760
[ 2326.547246][  T324]  ? evdev_read+0xe30/0xe30
[ 2326.551851][  T324]  ? apparmor_file_permission+0x264/0x4e0
[ 2326.557602][  T324]  ? bpf_lsm_file_permission+0x5/0x10
[ 2326.563084][  T324]  ? security_file_permission+0xab/0xd0
[ 2326.568655][  T324]  vfs_write+0x2d7/0xdd0
[ 2326.573000][  T324]  ? evdev_read+0xe30/0xe30
[ 2326.577535][  T324]  ? vfs_read+0x930/0x930
[ 2326.581921][  T324]  ? __fget_files+0x26a/0x440
[ 2326.586631][  T324]  ? __fget_light+0xe5/0x270
[ 2326.591248][  T324]  ksys_write+0x1e8/0x250
[ 2326.595598][  T324]  ? __ia32_sys_read+0xb0/0xb0
[ 2326.600468][  T324]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2326.606480][  T324]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2326.612431][  T324]  do_syscall_64+0x35/0xb0
[ 2326.616923][  T324]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2326.622846][  T324] RIP: 0033:0x7eff6688a649
[ 2326.627278][  T324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2326.647081][  T324] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
13:51:35 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe800000000000000000000080fe00bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2326.655528][  T324] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2326.663510][  T324] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2326.671492][  T324] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2326.679561][  T324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2326.687544][  T324] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2326.695670][  T324]  </TASK>
13:51:35 executing program 1:
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000000c0)=0x4, 0x1f)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x3, 0x3c}, @l2cap_cid_signaling={{0x38}, [@l2cap_create_chan_req={{0xc, 0x81, 0x5}, {0x3, 0x100, 0x3d}}, @l2cap_conf_rsp={{0x5, 0x8, 0xd}, {0xfe00, 0x6, 0x3, [@l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_flushto={0x2, 0x2, 0x5}]}}, @l2cap_conf_rsp={{0x5, 0x1, 0x6}, {0x0, 0x401, 0x7}}, @l2cap_conn_req={{0x2, 0x4, 0x4}, {0x0, 0x8010}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x7f, 0x2}, {0x6}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x52, 0x2}, {0x9}}]}}, 0x41)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

13:51:35 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[], 0x8)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x1f}, "a0817fb23742d8395d7b67dcc159537b9b3428f5b72be0a7eb2518d9379ffc"}, 0x23)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

13:51:35 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x40030000000000)

13:51:35 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 60)

13:51:35 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[], 0x8)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x1f}, "a0817fb23742d8395d7b67dcc159537b9b3428f5b72be0a7eb2518d9379ffc"}, 0x23)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[], 0x8) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x1f}, "a0817fb23742d8395d7b67dcc159537b9b3428f5b72be0a7eb2518d9379ffc"}, 0x23) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2) (async)

13:51:35 executing program 1:
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000000c0)=0x4, 0x1f)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x3, 0x3c}, @l2cap_cid_signaling={{0x38}, [@l2cap_create_chan_req={{0xc, 0x81, 0x5}, {0x3, 0x100, 0x3d}}, @l2cap_conf_rsp={{0x5, 0x8, 0xd}, {0xfe00, 0x6, 0x3, [@l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_flushto={0x2, 0x2, 0x5}]}}, @l2cap_conf_rsp={{0x5, 0x1, 0x6}, {0x0, 0x401, 0x7}}, @l2cap_conn_req={{0x2, 0x4, 0x4}, {0x0, 0x8010}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x7f, 0x2}, {0x6}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x52, 0x2}, {0x9}}]}}, 0x41) (async)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

13:51:35 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000c0fe00bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:35 executing program 3:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCADDRT(r2, 0x890b, &(0x7f0000000040)={0x0, @l2tp={0x2, 0x0, @empty, 0x80000}, @l2={0x1f, 0x6, @any, 0x992}, @nl=@unspec, 0x700, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)='veth0_macvtap\x00', 0x0, 0x0, 0x114})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f00000003c0)={0x0, ""/256, 0x0, 0x0, <r3=>0x0})
recvmsg(r1, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000001840)=""/91, 0x5b}, {&(0x7f00000018c0)=""/80, 0x50}], 0x2, &(0x7f0000001940)=""/34, 0x22}, 0x2002)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000280)={"e6696328276c80ede1cbb140551427cb", r3, 0x0, {0x0, 0x3}, {0x0, 0x8007}, 0x28e, [0x0, 0x0, 0x0, 0x10008, 0x0, 0x4, 0x0, 0x0, 0x0, 0x80, 0x100, 0x78, 0x3, 0x0, 0xfffffffffffffff8]})
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r2, 0x84009422, &(0x7f0000001e00)={0x0, 0x0, {0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000840)={{r1}, r3, 0x3, @unused=[0x0, 0x6, 0x70000000, 0xffb], @devid=r4})
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r0, 0x5000943f, &(0x7f0000000100)={{r0}, 0x0, 0x2, @unused=[0x8000000000000001, 0x0, 0x5, 0x5], @devid=r4})
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYRES16=r0], 0x91f7b1380e30135c)
syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01) (async)
accept$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x1c) (async)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
ioctl$sock_SIOCADDRT(r2, 0x890b, &(0x7f0000000040)={0x0, @l2tp={0x2, 0x0, @empty, 0x80000}, @l2={0x1f, 0x6, @any, 0x992}, @nl=@unspec, 0x700, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)='veth0_macvtap\x00', 0x0, 0x0, 0x114}) (async)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f00000003c0)) (async)
recvmsg(r1, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000001840)=""/91, 0x5b}, {&(0x7f00000018c0)=""/80, 0x50}], 0x2, &(0x7f0000001940)=""/34, 0x22}, 0x2002) (async)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000280)={"e6696328276c80ede1cbb140551427cb", r3, 0x0, {0x0, 0x3}, {0x0, 0x8007}, 0x28e, [0x0, 0x0, 0x0, 0x10008, 0x0, 0x4, 0x0, 0x0, 0x0, 0x80, 0x100, 0x78, 0x3, 0x0, 0xfffffffffffffff8]}) (async)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r2, 0x84009422, &(0x7f0000001e00)={0x0, 0x0, {0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}}) (async)
ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000840)={{r1}, r3, 0x3, @unused=[0x0, 0x6, 0x70000000, 0xffb], @devid=r4}) (async)
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r0, 0x5000943f, &(0x7f0000000100)={{r0}, 0x0, 0x2, @unused=[0x8000000000000001, 0x0, 0x5, 0x5], @devid=r4}) (async)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800) (async)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYRES16=r0], 0x91f7b1380e30135c) (async)

13:51:35 executing program 1:
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000000c0)=0x4, 0x1f) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x3, 0x3c}, @l2cap_cid_signaling={{0x38}, [@l2cap_create_chan_req={{0xc, 0x81, 0x5}, {0x3, 0x100, 0x3d}}, @l2cap_conf_rsp={{0x5, 0x8, 0xd}, {0xfe00, 0x6, 0x3, [@l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_flushto={0x2, 0x2, 0x5}]}}, @l2cap_conf_rsp={{0x5, 0x1, 0x6}, {0x0, 0x401, 0x7}}, @l2cap_conn_req={{0x2, 0x4, 0x4}, {0x0, 0x8010}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x7f, 0x2}, {0x6}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x52, 0x2}, {0x9}}]}}, 0x41) (async, rerun: 64)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2) (rerun: 64)

[ 2326.817258][  T356] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2326.835952][  T356] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
13:51:35 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe800000000000000000000000ff00bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:35 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[], 0x8)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x1f}, "a0817fb23742d8395d7b67dcc159537b9b3428f5b72be0a7eb2518d9379ffc"}, 0x23) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

[ 2326.918893][  T376] FAULT_INJECTION: forcing a failure.
[ 2326.918893][  T376] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2326.977124][  T376] CPU: 0 PID: 376 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2326.987445][  T376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2326.997541][  T376] Call Trace:
[ 2327.000851][  T376]  <TASK>
[ 2327.003812][  T376]  dump_stack_lvl+0xcd/0x134
[ 2327.008440][  T376]  should_fail.cold+0x5/0xa
[ 2327.013094][  T376]  _copy_from_user+0x2a/0x170
[ 2327.017823][  T376]  input_event_from_user+0x131/0x3a0
13:51:35 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0xf0ffffffffffff)

13:51:35 executing program 1:
ioctl$SIOCGSTAMP(0xffffffffffffffff, 0x8906, &(0x7f0000000040))
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000080)=0xfffffffffffff000, 0xffffffffffffffff)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x15}, @l2cap_cid_signaling={{0x11}, [@l2cap_create_chan_req={{0xc, 0xa0, 0x5}, {0x7, 0x8, 0x8}}, @l2cap_move_chan_cfm={{0x10, 0x5, 0x4}, {0x9ed, 0x81}}]}}, 0x1a)

13:51:35 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0000bd8d3abbdd7401b28db03e2730b1d3ddc524f64e9fd350be79b7ea937c28088bfeace3713c371c17b00735c086d84400693da73e4ed9b0d6c47a196de3d2a8beb58e"], 0x8)

[ 2327.023179][  T376]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2327.029054][  T376]  evdev_write+0x356/0x760
[ 2327.033516][  T376]  ? evdev_read+0xe30/0xe30
[ 2327.038064][  T376]  ? apparmor_file_permission+0x264/0x4e0
[ 2327.043816][  T376]  ? bpf_lsm_file_permission+0x5/0x10
[ 2327.049245][  T376]  ? security_file_permission+0xab/0xd0
[ 2327.054914][  T376]  vfs_write+0x2d7/0xdd0
[ 2327.059231][  T376]  ? evdev_read+0xe30/0xe30
[ 2327.063832][  T376]  ? vfs_read+0x930/0x930
[ 2327.068246][  T376]  ? __fget_files+0x26a/0x440
[ 2327.072979][  T376]  ? __fget_light+0xe5/0x270
[ 2327.077619][  T376]  ksys_write+0x1e8/0x250
[ 2327.083212][  T376]  ? __ia32_sys_read+0xb0/0xb0
[ 2327.088096][  T376]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2327.094023][  T376]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2327.099964][  T376]  do_syscall_64+0x35/0xb0
[ 2327.104422][  T376]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2327.110339][  T376] RIP: 0033:0x7eff6688a649
[ 2327.114768][  T376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2327.135438][  T376] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2327.143885][  T376] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2327.151865][  T376] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2327.159855][  T376] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2327.167837][  T376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
13:51:35 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0000bd8d3abbdd7401b28db03e2730b1d3ddc524f64e9fd350be79b7ea937c28088bfeace3713c371c17b00735c086d84400693da73e4ed9b0d6c47a196de3d2a8beb58e"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0000bd8d3abbdd7401b28db03e2730b1d3ddc524f64e9fd350be79b7ea937c28088bfeace3713c371c17b00735c086d84400693da73e4ed9b0d6c47a196de3d2a8beb58e"], 0x8) (async)

[ 2327.175817][  T376] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2327.183815][  T376]  </TASK>
13:51:35 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 61)

13:51:35 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000088a8ffff00bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:35 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x100000000000000)

13:51:35 executing program 3:
ioctl$UI_END_FF_ERASE(0xffffffffffffffff, 0x400c55cb, &(0x7f0000000040)={0xb, 0x40, 0x3ff})
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)

13:51:35 executing program 1:
ioctl$SIOCGSTAMP(0xffffffffffffffff, 0x8906, &(0x7f0000000040))
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000080)=0xfffffffffffff000, 0xffffffffffffffff)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x15}, @l2cap_cid_signaling={{0x11}, [@l2cap_create_chan_req={{0xc, 0xa0, 0x5}, {0x7, 0x8, 0x8}}, @l2cap_move_chan_cfm={{0x10, 0x5, 0x4}, {0x9ed, 0x81}}]}}, 0x1a)
ioctl$SIOCGSTAMP(0xffffffffffffffff, 0x8906, &(0x7f0000000040)) (async)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000080)=0xfffffffffffff000, 0xffffffffffffffff) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x15}, @l2cap_cid_signaling={{0x11}, [@l2cap_create_chan_req={{0xc, 0xa0, 0x5}, {0x7, 0x8, 0x8}}, @l2cap_move_chan_cfm={{0x10, 0x5, 0x4}, {0x9ed, 0x81}}]}}, 0x1a) (async)

13:51:35 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0000bd8d3abbdd7401b28db03e2730b1d3ddc524f64e9fd350be79b7ea937c28088bfeace3713c371c17b00735c086d84400693da73e4ed9b0d6c47a196de3d2a8beb58e"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0000bd8d3abbdd7401b28db03e2730b1d3ddc524f64e9fd350be79b7ea937c28088bfeace3713c371c17b00735c086d84400693da73e4ed9b0d6c47a196de3d2a8beb58e"], 0x8) (async)

13:51:35 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000f0ffff00bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:35 executing program 3:
ioctl$UI_END_FF_ERASE(0xffffffffffffffff, 0x400c55cb, &(0x7f0000000040)={0xb, 0x40, 0x3ff}) (async, rerun: 32)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa) (rerun: 32)

13:51:35 executing program 1:
ioctl$SIOCGSTAMP(0xffffffffffffffff, 0x8906, &(0x7f0000000040))
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000080)=0xfffffffffffff000, 0xffffffffffffffff)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x15}, @l2cap_cid_signaling={{0x11}, [@l2cap_create_chan_req={{0xc, 0xa0, 0x5}, {0x7, 0x8, 0x8}}, @l2cap_move_chan_cfm={{0x10, 0x5, 0x4}, {0x9ed, 0x81}}]}}, 0x1a)
ioctl$SIOCGSTAMP(0xffffffffffffffff, 0x8906, &(0x7f0000000040)) (async)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000080)=0xfffffffffffff000, 0xffffffffffffffff) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x15}, @l2cap_cid_signaling={{0x11}, [@l2cap_create_chan_req={{0xc, 0xa0, 0x5}, {0x7, 0x8, 0x8}}, @l2cap_move_chan_cfm={{0x10, 0x5, 0x4}, {0x9ed, 0x81}}]}}, 0x1a) (async)

[ 2327.295934][  T397] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2327.323788][  T406] FAULT_INJECTION: forcing a failure.
[ 2327.323788][  T406] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2327.357581][  T406] CPU: 1 PID: 406 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2327.366752][  T397] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2327.367868][  T406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2327.367888][  T406] Call Trace:
[ 2327.367898][  T406]  <TASK>
[ 2327.367909][  T406]  dump_stack_lvl+0xcd/0x134
[ 2327.398051][  T406]  should_fail.cold+0x5/0xa
[ 2327.402658][  T406]  _copy_from_user+0x2a/0x170
13:51:35 executing program 3:
ioctl$UI_END_FF_ERASE(0xffffffffffffffff, 0x400c55cb, &(0x7f0000000040)={0xb, 0x40, 0x3ff})
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
ioctl$UI_END_FF_ERASE(0xffffffffffffffff, 0x400c55cb, &(0x7f0000000040)={0xb, 0x40, 0x3ff}) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa) (async)

13:51:35 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x39}, @l2cap_cid_signaling={{0x35}, [@l2cap_move_chan_rsp={{0xf, 0xff, 0x4}, {0x7, 0x9aa}}, @l2cap_info_rsp={{0xb, 0x80, 0x1d}, {0xfff, 0x0, "156c0dd2b8420cad013799ed1f8a5e7d577bb1451a31edb856"}}, @l2cap_conn_rsp={{0x3, 0x1f, 0x8}, {0x80, 0x7, 0x1000, 0x21}}]}}, 0x3e)

13:51:35 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x39}, @l2cap_cid_signaling={{0x35}, [@l2cap_move_chan_rsp={{0xf, 0xff, 0x4}, {0x7, 0x9aa}}, @l2cap_info_rsp={{0xb, 0x80, 0x1d}, {0xfff, 0x0, "156c0dd2b8420cad013799ed1f8a5e7d577bb1451a31edb856"}}, @l2cap_conn_rsp={{0x3, 0x1f, 0x8}, {0x80, 0x7, 0x1000, 0x21}}]}}, 0x3e)

[ 2327.407477][  T406]  input_event_from_user+0x131/0x3a0
[ 2327.412811][  T406]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2327.418684][  T406]  evdev_write+0x356/0x760
[ 2327.423149][  T406]  ? evdev_read+0xe30/0xe30
[ 2327.427691][  T406]  ? apparmor_file_permission+0x264/0x4e0
[ 2327.433460][  T406]  ? bpf_lsm_file_permission+0x5/0x10
[ 2327.438877][  T406]  ? security_file_permission+0xab/0xd0
[ 2327.444474][  T406]  vfs_write+0x2d7/0xdd0
[ 2327.448768][  T406]  ? evdev_read+0xe30/0xe30
[ 2327.453320][  T406]  ? vfs_read+0x930/0x930
[ 2327.457712][  T406]  ? __fget_files+0x26a/0x440
[ 2327.462450][  T406]  ? __fget_light+0xe5/0x270
[ 2327.467085][  T406]  ksys_write+0x1e8/0x250
[ 2327.471494][  T406]  ? __ia32_sys_read+0xb0/0xb0
[ 2327.477262][  T406]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2327.483210][  T406]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2327.489132][  T406]  do_syscall_64+0x35/0xb0
[ 2327.493552][  T406]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2327.499469][  T406] RIP: 0033:0x7eff6688a649
[ 2327.503892][  T406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2327.523529][  T406] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2327.531980][  T406] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2327.540025][  T406] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2327.547997][  T406] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
13:51:35 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 62)

13:51:35 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa) (async, rerun: 64)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x39}, @l2cap_cid_signaling={{0x35}, [@l2cap_move_chan_rsp={{0xf, 0xff, 0x4}, {0x7, 0x9aa}}, @l2cap_info_rsp={{0xb, 0x80, 0x1d}, {0xfff, 0x0, "156c0dd2b8420cad013799ed1f8a5e7d577bb1451a31edb856"}}, @l2cap_conn_rsp={{0x3, 0x1f, 0x8}, {0x80, 0x7, 0x1000, 0x21}}]}}, 0x3e) (rerun: 64)

[ 2327.555970][  T406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2327.563973][  T406] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2327.571954][  T406]  </TASK>
13:51:35 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x200000000000000)

13:51:35 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRESDEC], 0x8)

13:51:35 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000007fffffff00bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:35 executing program 1:
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1, 0x43}, @l2cap_cid_signaling={{0x3f}, [@l2cap_move_chan_cfm_rsp={{0x11, 0x6, 0x2}, {0x6000}}, @l2cap_cmd_rej_unk={{0x1, 0x2, 0x2}, {0x9}}, @l2cap_create_chan_req={{0xc, 0x80, 0x5}, {0x6, 0xa74, 0x95}}, @l2cap_disconn_req={{0x6, 0x4, 0x4}, {0x52f9, 0x7}}, @l2cap_create_chan_rsp={{0xd, 0xf4, 0x8}, {0x4, 0x101, 0xfff8, 0x2830}}, @l2cap_move_chan_rsp={{0xf, 0x6, 0x4}, {0x0, 0x3}}, @l2cap_move_chan_rsp={{0xf, 0x4, 0x4}, {0x81, 0xffff}}, @l2cap_info_req={{0xa, 0xfd, 0x2}, {0x1}}]}}, 0x48)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x1, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_req={{0x6, 0x20, 0x4}, {0x6549, 0x7fff}}}}, 0x11)

13:51:35 executing program 3:
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000040)={<r0=>0x0, 0x9}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000000c0)={r0, 0xc815, 0x10}, 0xc)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="042e07006a21ec230000"], 0xa)

[ 2327.657217][  T430] FAULT_INJECTION: forcing a failure.
[ 2327.657217][  T430] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2327.670666][  T430] CPU: 1 PID: 430 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2327.680950][  T430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2327.691474][  T430] Call Trace:
[ 2327.694783][  T430]  <TASK>
[ 2327.697789][  T430]  dump_stack_lvl+0xcd/0x134
[ 2327.702440][  T430]  should_fail.cold+0x5/0xa
[ 2327.707000][  T430]  _copy_from_user+0x2a/0x170
[ 2327.711729][  T430]  input_event_from_user+0x131/0x3a0
[ 2327.716687][  T437] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2327.717037][  T430]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2327.717089][  T430]  evdev_write+0x356/0x760
[ 2327.717121][  T430]  ? evdev_read+0xe30/0xe30
[ 2327.741025][  T430]  ? apparmor_file_permission+0x264/0x4e0
[ 2327.746771][  T430]  ? bpf_lsm_file_permission+0x5/0x10
[ 2327.752157][  T430]  ? security_file_permission+0xab/0xd0
[ 2327.757723][  T430]  vfs_write+0x2d7/0xdd0
[ 2327.761979][  T430]  ? evdev_read+0xe30/0xe30
[ 2327.766496][  T430]  ? vfs_read+0x930/0x930
[ 2327.770842][  T430]  ? __fget_files+0x26a/0x440
[ 2327.775565][  T430]  ? __fget_light+0xe5/0x270
[ 2327.780175][  T430]  ksys_write+0x1e8/0x250
[ 2327.784520][  T430]  ? __ia32_sys_read+0xb0/0xb0
[ 2327.789299][  T430]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2327.795215][  T430]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2327.801133][  T430]  do_syscall_64+0x35/0xb0
[ 2327.805563][  T430]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2327.811507][  T430] RIP: 0033:0x7eff6688a649
[ 2327.816388][  T430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2327.836094][  T430] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2327.844517][  T430] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
13:51:36 executing program 1:
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1, 0x43}, @l2cap_cid_signaling={{0x3f}, [@l2cap_move_chan_cfm_rsp={{0x11, 0x6, 0x2}, {0x6000}}, @l2cap_cmd_rej_unk={{0x1, 0x2, 0x2}, {0x9}}, @l2cap_create_chan_req={{0xc, 0x80, 0x5}, {0x6, 0xa74, 0x95}}, @l2cap_disconn_req={{0x6, 0x4, 0x4}, {0x52f9, 0x7}}, @l2cap_create_chan_rsp={{0xd, 0xf4, 0x8}, {0x4, 0x101, 0xfff8, 0x2830}}, @l2cap_move_chan_rsp={{0xf, 0x6, 0x4}, {0x0, 0x3}}, @l2cap_move_chan_rsp={{0xf, 0x4, 0x4}, {0x81, 0xffff}}, @l2cap_info_req={{0xa, 0xfd, 0x2}, {0x1}}]}}, 0x48) (async, rerun: 32)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x1, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_req={{0x6, 0x20, 0x4}, {0x6549, 0x7fff}}}}, 0x11) (rerun: 32)

[ 2327.852770][  T430] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2327.860751][  T430] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2327.868816][  T430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2327.876808][  T430] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2327.884915][  T430]  </TASK>
13:51:36 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRESDEC], 0x8)

13:51:36 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000009effffff00bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2327.913048][  T437] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
13:51:36 executing program 1:
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1, 0x43}, @l2cap_cid_signaling={{0x3f}, [@l2cap_move_chan_cfm_rsp={{0x11, 0x6, 0x2}, {0x6000}}, @l2cap_cmd_rej_unk={{0x1, 0x2, 0x2}, {0x9}}, @l2cap_create_chan_req={{0xc, 0x80, 0x5}, {0x6, 0xa74, 0x95}}, @l2cap_disconn_req={{0x6, 0x4, 0x4}, {0x52f9, 0x7}}, @l2cap_create_chan_rsp={{0xd, 0xf4, 0x8}, {0x4, 0x101, 0xfff8, 0x2830}}, @l2cap_move_chan_rsp={{0xf, 0x6, 0x4}, {0x0, 0x3}}, @l2cap_move_chan_rsp={{0xf, 0x4, 0x4}, {0x81, 0xffff}}, @l2cap_info_req={{0xa, 0xfd, 0x2}, {0x1}}]}}, 0x48) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x1, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_req={{0x6, 0x20, 0x4}, {0x6549, 0x7fff}}}}, 0x11)

13:51:36 executing program 3:
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000040)={<r0=>0x0, 0x9}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000000c0)={r0, 0xc815, 0x10}, 0xc)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="042e07006a21ec230000"], 0xa)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000040)={0x0, 0x9}, &(0x7f0000000080)=0x8) (async)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000000c0)={r0, 0xc815, 0x10}, 0xc) (async)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="042e07006a21ec230000"], 0xa) (async)

13:51:36 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 63)

13:51:36 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRESDEC], 0x8)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRESDEC], 0x8) (async)

13:51:36 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x300000000000000)

13:51:36 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[], 0x8)

13:51:36 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe800000000000000000f0ffffff00bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:36 executing program 1:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800)
ioctl$BTRFS_IOC_QGROUP_LIMIT(r0, 0x8030942b, &(0x7f0000000040)={0x1, {0x20, 0xe0bc, 0x2, 0x100009, 0x7}})
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

[ 2328.104782][  T460] FAULT_INJECTION: forcing a failure.
[ 2328.104782][  T460] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2328.110059][  T465] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2328.126139][  T460] CPU: 0 PID: 460 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2328.137620][  T460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2328.147726][  T460] Call Trace:
[ 2328.151187][  T460]  <TASK>
[ 2328.154212][  T460]  dump_stack_lvl+0xcd/0x134
[ 2328.158913][  T460]  should_fail.cold+0x5/0xa
[ 2328.163433][  T460]  _copy_from_user+0x2a/0x170
[ 2328.168163][  T460]  input_event_from_user+0x131/0x3a0
[ 2328.173492][  T460]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2328.179419][  T460]  evdev_write+0x356/0x760
[ 2328.183856][  T460]  ? evdev_read+0xe30/0xe30
[ 2328.188367][  T460]  ? apparmor_file_permission+0x264/0x4e0
[ 2328.194107][  T460]  ? bpf_lsm_file_permission+0x5/0x10
[ 2328.199924][  T460]  ? security_file_permission+0xab/0xd0
[ 2328.205583][  T460]  vfs_write+0x2d7/0xdd0
[ 2328.209854][  T460]  ? evdev_read+0xe30/0xe30
[ 2328.214384][  T460]  ? vfs_read+0x930/0x930
[ 2328.218734][  T460]  ? __fget_files+0x26a/0x440
[ 2328.223449][  T460]  ? __fget_light+0xe5/0x270
[ 2328.228150][  T460]  ksys_write+0x1e8/0x250
[ 2328.232498][  T460]  ? __ia32_sys_read+0xb0/0xb0
[ 2328.237307][  T460]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2328.243249][  T460]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2328.249205][  T460]  do_syscall_64+0x35/0xb0
[ 2328.253655][  T460]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2328.259839][  T460] RIP: 0033:0x7eff6688a649
[ 2328.264352][  T460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2328.284145][  T460] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2328.292571][  T460] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
13:51:36 executing program 3:
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000040)={<r0=>0x0, 0x9}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000000c0)={r0, 0xc815, 0x10}, 0xc) (async)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="042e07006a21ec230000"], 0xa)

13:51:36 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe800000000000000000fcffffff00bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:36 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[], 0x8)
syz_emit_vhci(&(0x7f0000000140)=ANY=[], 0x8) (async)

[ 2328.300553][  T460] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2328.308537][  T460] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2328.316517][  T460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2328.324578][  T460] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2328.332579][  T460]  </TASK>
13:51:36 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[], 0x8)
syz_emit_vhci(&(0x7f0000000140)=ANY=[], 0x8) (async)

13:51:36 executing program 1:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800) (async, rerun: 64)
ioctl$BTRFS_IOC_QGROUP_LIMIT(r0, 0x8030942b, &(0x7f0000000040)={0x1, {0x20, 0xe0bc, 0x2, 0x100009, 0x7}}) (async, rerun: 64)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

13:51:36 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x0, @none}}}, 0xffffffffffffff90)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x0, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_ecred_conn_req={{0x17, 0x1, 0xa}, {0x0, 0x20, 0x0, 0x4, [0x4]}}}}, 0x17)

[ 2328.351842][  T465] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
13:51:36 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 64)

13:51:36 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000002000000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2328.476298][  T488] FAULT_INJECTION: forcing a failure.
[ 2328.476298][  T488] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2328.513441][  T488] CPU: 1 PID: 488 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2328.523757][  T488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2328.534031][  T488] Call Trace:
[ 2328.537402][  T488]  <TASK>
[ 2328.540337][  T488]  dump_stack_lvl+0xcd/0x134
[ 2328.545032][  T488]  should_fail.cold+0x5/0xa
[ 2328.549549][  T488]  _copy_from_user+0x2a/0x170
[ 2328.554271][  T488]  input_event_from_user+0x131/0x3a0
[ 2328.559572][  T488]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2328.565406][  T488]  evdev_write+0x356/0x760
[ 2328.569857][  T488]  ? evdev_read+0xe30/0xe30
[ 2328.574747][  T488]  ? apparmor_file_permission+0x264/0x4e0
[ 2328.580516][  T488]  ? bpf_lsm_file_permission+0x5/0x10
[ 2328.586002][  T488]  ? security_file_permission+0xab/0xd0
[ 2328.591573][  T488]  vfs_write+0x2d7/0xdd0
[ 2328.595819][  T488]  ? evdev_read+0xe30/0xe30
[ 2328.600346][  T488]  ? vfs_read+0x930/0x930
[ 2328.604681][  T488]  ? __fget_files+0x26a/0x440
[ 2328.609392][  T488]  ? __fget_light+0xe5/0x270
[ 2328.614002][  T488]  ksys_write+0x1e8/0x250
[ 2328.618333][  T488]  ? __ia32_sys_read+0xb0/0xb0
[ 2328.623204][  T488]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2328.629135][  T488]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2328.635066][  T488]  do_syscall_64+0x35/0xb0
[ 2328.639510][  T488]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2328.645421][  T488] RIP: 0033:0x7eff6688a649
[ 2328.649846][  T488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
13:51:37 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x400000000000000)

13:51:37 executing program 4:
open(&(0x7f0000000000)='./file0\x00', 0x28000, 0x80)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)

13:51:37 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x0, @none}}}, 0xffffffffffffff90)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x0, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_ecred_conn_req={{0x17, 0x1, 0xa}, {0x0, 0x20, 0x0, 0x4, [0x4]}}}}, 0x17)

13:51:37 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000003000000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:37 executing program 4:
open(&(0x7f0000000000)='./file0\x00', 0x28000, 0x80)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
open(&(0x7f0000000000)='./file0\x00', 0x28000, 0x80) (async)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (async)

[ 2328.669811][  T488] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2328.678235][  T488] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2328.686233][  T488] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2328.694228][  T488] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2328.702232][  T488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2328.710331][  T488] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2328.718358][  T488]  </TASK>
13:51:37 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 65)

13:51:37 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x0, @none}}}, 0xffffffffffffff90)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x0, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_ecred_conn_req={{0x17, 0x1, 0xa}, {0x0, 0x20, 0x0, 0x4, [0x4]}}}}, 0x17)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x0, @none}}}, 0xffffffffffffff90) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x0, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_ecred_conn_req={{0x17, 0x1, 0xa}, {0x0, 0x20, 0x0, 0x4, [0x4]}}}}, 0x17) (async)

13:51:37 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000004000000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2328.904058][  T504] FAULT_INJECTION: forcing a failure.
[ 2328.904058][  T504] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2328.921222][  T504] CPU: 1 PID: 504 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2328.931487][  T504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2328.941644][  T504] Call Trace:
[ 2328.944990][  T504]  <TASK>
[ 2328.947938][  T504]  dump_stack_lvl+0xcd/0x134
[ 2328.952553][  T504]  should_fail.cold+0x5/0xa
[ 2328.957062][  T504]  _copy_from_user+0x2a/0x170
[ 2328.961758][  T504]  input_event_from_user+0x131/0x3a0
[ 2328.967162][  T504]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2328.973005][  T504]  evdev_write+0x356/0x760
[ 2328.977448][  T504]  ? evdev_read+0xe30/0xe30
[ 2328.981964][  T504]  ? apparmor_file_permission+0x264/0x4e0
[ 2328.987787][  T504]  ? bpf_lsm_file_permission+0x5/0x10
[ 2328.993170][  T504]  ? security_file_permission+0xab/0xd0
[ 2328.998770][  T504]  vfs_write+0x2d7/0xdd0
[ 2329.003033][  T504]  ? evdev_read+0xe30/0xe30
[ 2329.007540][  T504]  ? vfs_read+0x930/0x930
[ 2329.011874][  T504]  ? __fget_files+0x26a/0x440
[ 2329.017339][  T504]  ? __fget_light+0xe5/0x270
[ 2329.021928][  T504]  ksys_write+0x1e8/0x250
[ 2329.026257][  T504]  ? __ia32_sys_read+0xb0/0xb0
[ 2329.031026][  T504]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2329.036935][  T504]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2329.042945][  T504]  do_syscall_64+0x35/0xb0
[ 2329.047371][  T504]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2329.053400][  T504] RIP: 0033:0x7eff6688a649
[ 2329.057816][  T504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2329.077613][  T504] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2329.086051][  T504] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2329.094024][  T504] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2329.101997][  T504] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2329.110062][  T504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2329.118118][  T504] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2329.126101][  T504]  </TASK>
13:51:37 executing program 1:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800) (async)
ioctl$BTRFS_IOC_QGROUP_LIMIT(r0, 0x8030942b, &(0x7f0000000040)={0x1, {0x20, 0xe0bc, 0x2, 0x100009, 0x7}}) (async, rerun: 64)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (rerun: 64)

13:51:37 executing program 4:
open(&(0x7f0000000000)='./file0\x00', 0x28000, 0x80) (async)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)

13:51:37 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x500000000000000)

13:51:37 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000005000000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:37 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="0300000000000015e25ddd6d4c5ae7113104d2f85ef8cb7a383ed72be863c2e71832baac40f819f0bc579c374fa4812e1bbb8810b3e579555852c4b17320005efc71143f90f2f5b72b0f8b41ae744c"], 0xa)

13:51:37 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 66)

13:51:37 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="0300000000000015e25ddd6d4c5ae7113104d2f85ef8cb7a383ed72be863c2e71832baac40f819f0bc579c374fa4812e1bbb8810b3e579555852c4b17320005efc71143f90f2f5b72b0f8b41ae744c"], 0xa)

13:51:37 executing program 4:
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r0=>0x0})
sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, 0x0, 0x200, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r0}, @val={0xc, 0x99, {0x4, 0x38}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x71}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x4000)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYRES64=0x0], 0x8)

13:51:37 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000006000000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:37 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x600000000000000)

13:51:37 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="0300000000000015e25ddd6d4c5ae7113104d2f85ef8cb7a383ed72be863c2e71832baac40f819f0bc579c374fa4812e1bbb8810b3e579555852c4b17320005efc71143f90f2f5b72b0f8b41ae744c"], 0xa)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="0300000000000015e25ddd6d4c5ae7113104d2f85ef8cb7a383ed72be863c2e71832baac40f819f0bc579c374fa4812e1bbb8810b3e579555852c4b17320005efc71143f90f2f5b72b0f8b41ae744c"], 0xa) (async)

13:51:37 executing program 4:
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r0=>0x0})
sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, 0x0, 0x200, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r0}, @val={0xc, 0x99, {0x4, 0x38}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x71}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x4000) (async)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYRES64=0x0], 0x8)

13:51:37 executing program 1:
r0 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r0, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="54000000700000022dbd7000fddbdf2507000000", @ANYRES32=0x0, @ANYBLOB="0c000180060002000a0000000c00018005000300010000000c0001800800010003000c00018008000100520003000000000000000000000000000000d3a35a8083027f0a5fd986ea298a27d4dadb289426e1d4b636bed4004c38a25cb66509b1cc4d8bda"], 0x54}}, 0xe010)
splice(r0, &(0x7f0000000080)=0x7, r0, &(0x7f0000000180)=0x378, 0x80000000, 0xe)
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8}]}, 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8}, @GTPA_LINK={0x8}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_POOL_GET(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x44, r4, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}, {0x6}}]}, 0x44}}, 0x0)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x94, r4, 0x100, 0x70bd27, 0x25dfdbff, {}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @handle=@pci={{0x8}, {0x11}}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}, @handle=@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_PORT_INDEX={0x8}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x3}]}, 0x94}}, 0x8000)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r6=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000001000000000000000000000bb08000500", @ANYRES32=r6, @ANYBLOB], 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_LINK={0x8, 0x1, r6}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
pidfd_getfd(r0, 0xffffffffffffffff, 0x0)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x120}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)

[ 2329.300902][  T531] FAULT_INJECTION: forcing a failure.
[ 2329.300902][  T531] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2329.351181][  T531] CPU: 1 PID: 531 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2329.361498][  T531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2329.371589][  T531] Call Trace:
[ 2329.374898][  T531]  <TASK>
[ 2329.377859][  T531]  dump_stack_lvl+0xcd/0x134
[ 2329.382501][  T531]  should_fail.cold+0x5/0xa
[ 2329.387056][  T531]  _copy_from_user+0x2a/0x170
[ 2329.391788][  T531]  input_event_from_user+0x131/0x3a0
[ 2329.397127][  T531]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2329.402990][  T531]  evdev_write+0x356/0x760
[ 2329.407438][  T531]  ? evdev_read+0xe30/0xe30
[ 2329.411950][  T531]  ? apparmor_file_permission+0x264/0x4e0
[ 2329.417686][  T531]  ? bpf_lsm_file_permission+0x5/0x10
[ 2329.423074][  T531]  ? security_file_permission+0xab/0xd0
[ 2329.430252][  T531]  vfs_write+0x2d7/0xdd0
[ 2329.434527][  T531]  ? evdev_read+0xe30/0xe30
[ 2329.439070][  T531]  ? vfs_read+0x930/0x930
[ 2329.443427][  T531]  ? __fget_files+0x26a/0x440
[ 2329.448133][  T531]  ? __fget_light+0xe5/0x270
[ 2329.452743][  T531]  ksys_write+0x1e8/0x250
[ 2329.457085][  T531]  ? __ia32_sys_read+0xb0/0xb0
[ 2329.461864][  T531]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2329.467777][  T531]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2329.473696][  T531]  do_syscall_64+0x35/0xb0
[ 2329.478129][  T531]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2329.484036][  T531] RIP: 0033:0x7eff6688a649
[ 2329.488465][  T531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2329.508101][  T531] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2329.516532][  T531] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2329.524626][  T531] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2329.532605][  T531] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2329.540600][  T531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
13:51:37 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000007000000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:37 executing program 4:
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r0=>0x0})
sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, 0x0, 0x200, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r0}, @val={0xc, 0x99, {0x4, 0x38}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x71}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x4000)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYRES64=0x0], 0x8)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'}) (async)
sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, 0x0, 0x200, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r0}, @val={0xc, 0x99, {0x4, 0x38}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x71}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x4000) (async)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYRES64=0x0], 0x8) (async)

13:51:37 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04a81b5a0a197fefc00a"], 0xa)

13:51:37 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x700000000000000)

[ 2329.548581][  T531] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2329.556619][  T531]  </TASK>
13:51:37 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 67)

13:51:37 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000008000000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:37 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04a81b5a0a197fefc00a"], 0xa)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04a81b5a0a197fefc00a"], 0xa) (async)

13:51:37 executing program 1:
r0 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r0, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="54000000700000022dbd7000fddbdf2507000000", @ANYRES32=0x0, @ANYBLOB="0c000180060002000a0000000c00018005000300010000000c0001800800010003000c00018008000100520003000000000000000000000000000000d3a35a8083027f0a5fd986ea298a27d4dadb289426e1d4b636bed4004c38a25cb66509b1cc4d8bda"], 0x54}}, 0xe010) (async)
splice(r0, &(0x7f0000000080)=0x7, r0, &(0x7f0000000180)=0x378, 0x80000000, 0xe) (async, rerun: 64)
r1 = socket(0x10, 0x2, 0x0) (rerun: 64)
write(r1, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8}]}, 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8}, @GTPA_LINK={0x8}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_POOL_GET(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x44, r4, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}, {0x6}}]}, 0x44}}, 0x0) (async)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x94, r4, 0x100, 0x70bd27, 0x25dfdbff, {}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @handle=@pci={{0x8}, {0x11}}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}, @handle=@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_PORT_INDEX={0x8}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x3}]}, 0x94}}, 0x8000)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r6=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000001000000000000000000000bb08000500", @ANYRES32=r6, @ANYBLOB], 0x34}}, 0x0) (async)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_LINK={0x8, 0x1, r6}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10) (async)
pidfd_getfd(r0, 0xffffffffffffffff, 0x0)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x120}, 0x2) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)

13:51:37 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES32=0x0], 0x8)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_version={{0xc, 0x8}, {0x4, 0xc9, 0x0, 0xfffa, 0x2}}}, 0xb)

13:51:37 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04a81b5a0a197fefc00a"], 0xa)

13:51:37 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000009000000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2329.702443][  T560] FAULT_INJECTION: forcing a failure.
[ 2329.702443][  T560] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2329.747648][  T560] CPU: 1 PID: 560 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2329.758046][  T560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2329.768136][  T560] Call Trace:
[ 2329.771436][  T560]  <TASK>
[ 2329.774397][  T560]  dump_stack_lvl+0xcd/0x134
[ 2329.779039][  T560]  should_fail.cold+0x5/0xa
[ 2329.783595][  T560]  _copy_from_user+0x2a/0x170
[ 2329.788328][  T560]  input_event_from_user+0x131/0x3a0
13:51:38 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x800000000000000)

13:51:38 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES32=0x0], 0x8) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_version={{0xc, 0x8}, {0x4, 0xc9, 0x0, 0xfffa, 0x2}}}, 0xb)

13:51:38 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @extended_inquiry_info={{}, {0x0, [{@none, 0x81, 0xdb, "cbec8b", 0x9, 0x7f, "78bf8917ac0e56c7a3ae5982b0d08266a5344810998019a0eaf0122c3ec0edabad6b40ee7a38ad2d0afa220f1ad5436f0eaa0f3a6951455cf48240f20959268e889fb941b665075c9429f467d78cd8a5459aef4aed969c9660bbf828fdf5cd97d5622b865feb8a1d720547dad86ee79d26f9553bbc59eaa005b897608d9b77e96512fa3ccf0b8c999c0be9e769d36457bd5df6c8f0a3ec05b956dbd73d7ebfb2b2ccd4295c1ce92b3d613d1da70d00154f5b44f9189844d6ebdd94406dac5e51ea6cb9f4d647ab1b872cc3a6ebbad9d43718a40f0d9fc8ee584d9cb8a2e2937003d1507f3fe5a33de5ccdb806a458b9f"}]}}}, 0xa)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_reconf_req={{0x19, 0x7, 0x8}, {0x9, 0x9, [0x9, 0xb]}}}}, 0x15)

[ 2329.793655][  T560]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2329.799684][  T560]  evdev_write+0x356/0x760
[ 2329.804141][  T560]  ? evdev_read+0xe30/0xe30
[ 2329.808680][  T560]  ? apparmor_file_permission+0x264/0x4e0
[ 2329.814453][  T560]  ? bpf_lsm_file_permission+0x5/0x10
[ 2329.819868][  T560]  ? security_file_permission+0xab/0xd0
[ 2329.825484][  T560]  vfs_write+0x2d7/0xdd0
[ 2329.829793][  T560]  ? evdev_read+0xe30/0xe30
[ 2329.834688][  T560]  ? vfs_read+0x930/0x930
[ 2329.839066][  T560]  ? __fget_files+0x26a/0x440
[ 2329.843787][  T560]  ? __fget_light+0xe5/0x270
[ 2329.848404][  T560]  ksys_write+0x1e8/0x250
[ 2329.852745][  T560]  ? __ia32_sys_read+0xb0/0xb0
[ 2329.857535][  T560]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2329.863463][  T560]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2329.870250][  T560]  do_syscall_64+0x35/0xb0
[ 2329.874691][  T560]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2329.880614][  T560] RIP: 0033:0x7eff6688a649
[ 2329.885052][  T560] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2329.904701][  T560] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2329.913137][  T560] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2329.921118][  T560] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2329.929369][  T560] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2329.937345][  T560] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
13:51:38 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES32=0x0], 0x8) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_version={{0xc, 0x8}, {0x4, 0xc9, 0x0, 0xfffa, 0x2}}}, 0xb)

13:51:38 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe800000000000000000000a000000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2329.945349][  T560] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2329.953907][  T560]  </TASK>
13:51:38 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 68)

13:51:38 executing program 1:
r0 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r0, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="54000000700000022dbd7000fddbdf2507000000", @ANYRES32=0x0, @ANYBLOB="0c000180060002000a0000000c00018005000300010000000c0001800800010003000c00018008000100520003000000000000000000000000000000d3a35a8083027f0a5fd986ea298a27d4dadb289426e1d4b636bed4004c38a25cb66509b1cc4d8bda"], 0x54}}, 0xe010)
splice(r0, &(0x7f0000000080)=0x7, r0, &(0x7f0000000180)=0x378, 0x80000000, 0xe)
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32) (async)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) (async, rerun: 64)
r2 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8}]}, 0x34}}, 0x0) (async)
sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8}, @GTPA_LINK={0x8}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) (rerun: 64)
sendmsg$DEVLINK_CMD_SB_POOL_GET(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x44, r4, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}, {0x6}}]}, 0x44}}, 0x0)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x94, r4, 0x100, 0x70bd27, 0x25dfdbff, {}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @handle=@pci={{0x8}, {0x11}}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}, @handle=@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_PORT_INDEX={0x8}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x3}]}, 0x94}}, 0x8000) (async)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r6=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000001000000000000000000000bb08000500", @ANYRES32=r6, @ANYBLOB], 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_LINK={0x8, 0x1, r6}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
pidfd_getfd(r0, 0xffffffffffffffff, 0x0) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x120}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)

13:51:38 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @extended_inquiry_info={{}, {0x0, [{@none, 0x81, 0xdb, "cbec8b", 0x9, 0x7f, "78bf8917ac0e56c7a3ae5982b0d08266a5344810998019a0eaf0122c3ec0edabad6b40ee7a38ad2d0afa220f1ad5436f0eaa0f3a6951455cf48240f20959268e889fb941b665075c9429f467d78cd8a5459aef4aed969c9660bbf828fdf5cd97d5622b865feb8a1d720547dad86ee79d26f9553bbc59eaa005b897608d9b77e96512fa3ccf0b8c999c0be9e769d36457bd5df6c8f0a3ec05b956dbd73d7ebfb2b2ccd4295c1ce92b3d613d1da70d00154f5b44f9189844d6ebdd94406dac5e51ea6cb9f4d647ab1b872cc3a6ebbad9d43718a40f0d9fc8ee584d9cb8a2e2937003d1507f3fe5a33de5ccdb806a458b9f"}]}}}, 0xa)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_reconf_req={{0x19, 0x7, 0x8}, {0x9, 0x9, [0x9, 0xb]}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @extended_inquiry_info={{}, {0x0, [{@none, 0x81, 0xdb, "cbec8b", 0x9, 0x7f, "78bf8917ac0e56c7a3ae5982b0d08266a5344810998019a0eaf0122c3ec0edabad6b40ee7a38ad2d0afa220f1ad5436f0eaa0f3a6951455cf48240f20959268e889fb941b665075c9429f467d78cd8a5459aef4aed969c9660bbf828fdf5cd97d5622b865feb8a1d720547dad86ee79d26f9553bbc59eaa005b897608d9b77e96512fa3ccf0b8c999c0be9e769d36457bd5df6c8f0a3ec05b956dbd73d7ebfb2b2ccd4295c1ce92b3d613d1da70d00154f5b44f9189844d6ebdd94406dac5e51ea6cb9f4d647ab1b872cc3a6ebbad9d43718a40f0d9fc8ee584d9cb8a2e2937003d1507f3fe5a33de5ccdb806a458b9f"}]}}}, 0xa) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_reconf_req={{0x19, 0x7, 0x8}, {0x9, 0x9, [0x9, 0xb]}}}}, 0x15) (async)

13:51:38 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe800000000000000000000c000000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:38 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe800000000000000000000e000000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:38 executing program 4:
r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc2}, &(0x7f0000000080)={0x0, "4d9d5e22f69f71fdaeb257cc432a503e8937e4630148c80579f5883b8138e82ed42d0cdb5a36c8e02486effcb8f6f17780fb15e0a3848c3ec761cff9c813fc17", 0x25}, 0x48, 0x0)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="04b2f9ceb6a10176eded9d333ac305100d0eac8ad453f56e4b9f6cfd7d8b29bf627f64ccd90100fb9feb4a9f07b69b5762e39157cf6c3b5b68a92c047a2e8107112ae80ce08d97e32802c7202b31abdc7873696359924b7711fa3b5e5ec2b267ffe9f1c1bbb0c3a499459fb403b1e137d7f705c5f790cfdb215ed6157f9c639d58f9f953fd86226f5f38d1ae609ea602d5ea308240607a8f76d598b2736ccd8d0be3dd5b"], 0x8)
keyctl$KEYCTL_MOVE(0x1e, r0, 0xffffffffffffffff, r0, 0x1)

13:51:38 executing program 4:
r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc2}, &(0x7f0000000080)={0x0, "4d9d5e22f69f71fdaeb257cc432a503e8937e4630148c80579f5883b8138e82ed42d0cdb5a36c8e02486effcb8f6f17780fb15e0a3848c3ec761cff9c813fc17", 0x25}, 0x48, 0x0)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="04b2f9ceb6a10176eded9d333ac305100d0eac8ad453f56e4b9f6cfd7d8b29bf627f64ccd90100fb9feb4a9f07b69b5762e39157cf6c3b5b68a92c047a2e8107112ae80ce08d97e32802c7202b31abdc7873696359924b7711fa3b5e5ec2b267ffe9f1c1bbb0c3a499459fb403b1e137d7f705c5f790cfdb215ed6157f9c639d58f9f953fd86226f5f38d1ae609ea602d5ea308240607a8f76d598b2736ccd8d0be3dd5b"], 0x8)
keyctl$KEYCTL_MOVE(0x1e, r0, 0xffffffffffffffff, r0, 0x1)

[ 2330.111605][  T596] FAULT_INJECTION: forcing a failure.
[ 2330.111605][  T596] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2330.150794][  T596] CPU: 0 PID: 596 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
13:51:38 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x900000000000000)

13:51:38 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @extended_inquiry_info={{}, {0x0, [{@none, 0x81, 0xdb, "cbec8b", 0x9, 0x7f, "78bf8917ac0e56c7a3ae5982b0d08266a5344810998019a0eaf0122c3ec0edabad6b40ee7a38ad2d0afa220f1ad5436f0eaa0f3a6951455cf48240f20959268e889fb941b665075c9429f467d78cd8a5459aef4aed969c9660bbf828fdf5cd97d5622b865feb8a1d720547dad86ee79d26f9553bbc59eaa005b897608d9b77e96512fa3ccf0b8c999c0be9e769d36457bd5df6c8f0a3ec05b956dbd73d7ebfb2b2ccd4295c1ce92b3d613d1da70d00154f5b44f9189844d6ebdd94406dac5e51ea6cb9f4d647ab1b872cc3a6ebbad9d43718a40f0d9fc8ee584d9cb8a2e2937003d1507f3fe5a33de5ccdb806a458b9f"}]}}}, 0xa) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_reconf_req={{0x19, 0x7, 0x8}, {0x9, 0x9, [0x9, 0xb]}}}}, 0x15)

13:51:38 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe800000000000000000000f000000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:38 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

[ 2330.161116][  T596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2330.171213][  T596] Call Trace:
[ 2330.174516][  T596]  <TASK>
[ 2330.177591][  T596]  dump_stack_lvl+0xcd/0x134
[ 2330.182231][  T596]  should_fail.cold+0x5/0xa
[ 2330.186844][  T596]  _copy_from_user+0x2a/0x170
[ 2330.191587][  T596]  input_event_from_user+0x131/0x3a0
[ 2330.196927][  T596]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2330.203063][  T596]  evdev_write+0x356/0x760
[ 2330.207643][  T596]  ? evdev_read+0xe30/0xe30
13:51:38 executing program 3:
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x3, 0x3, 0x103}, @l2cap_cid_signaling={{0xff}, [@l2cap_info_rsp={{0xb, 0x2, 0xe0}, {0x3f, 0x6, "43fed84eed50096b9edb890549418f444a5604394fd9bcea95e00039851e5943b1e03ae3822493026af6dbfeb724c689226cca44541283a991e158a94f95cc859a6a049f090bd28f833d4efeac4349f701b59aeb9ba720d9d848a55354d9217a055f0e1bd67dc55610268e531f3d00ed6b85b46b899ce4cd5208f8f5791d8efdecf9f6104ee2e639872cb14065cf724f238b89f48ea71c773448be14e797097bf97118c0cc9bb4858dc6a029c6db3797191dac3c95fa61e04a49c79937515b015a96c9f26f833c15be521cfceaac1e47716ad3d0a4b2a843e1b469be"}}, @l2cap_create_chan_rsp={{0xd, 0x9, 0x8}, {0xfff, 0xbb, 0x2, 0x40}}, @l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x1, 0x7}}, @l2cap_conn_req={{0x2, 0x20, 0x4}, {0x4, 0x7}}]}}, 0x108)

[ 2330.212261][  T596]  ? apparmor_file_permission+0x264/0x4e0
[ 2330.218036][  T596]  ? bpf_lsm_file_permission+0x5/0x10
[ 2330.223637][  T596]  ? security_file_permission+0xab/0xd0
[ 2330.229422][  T596]  vfs_write+0x2d7/0xdd0
[ 2330.233709][  T596]  ? evdev_read+0xe30/0xe30
[ 2330.238296][  T596]  ? vfs_read+0x930/0x930
[ 2330.242684][  T596]  ? __fget_files+0x26a/0x440
[ 2330.247839][  T596]  ? __fget_light+0xe5/0x270
[ 2330.252481][  T596]  ksys_write+0x1e8/0x250
[ 2330.256858][  T596]  ? __ia32_sys_read+0xb0/0xb0
[ 2330.261668][  T596]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2330.267967][  T596]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2330.273931][  T596]  do_syscall_64+0x35/0xb0
[ 2330.278440][  T596]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2330.284370][  T596] RIP: 0033:0x7eff6688a649
[ 2330.288821][  T596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2330.308704][  T596] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2330.317146][  T596] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2330.325236][  T596] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2330.333247][  T596] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2330.341248][  T596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2330.349246][  T596] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2330.357256][  T596]  </TASK>
13:51:38 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 69)

13:51:38 executing program 3:
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x3, 0x3, 0x103}, @l2cap_cid_signaling={{0xff}, [@l2cap_info_rsp={{0xb, 0x2, 0xe0}, {0x3f, 0x6, "43fed84eed50096b9edb890549418f444a5604394fd9bcea95e00039851e5943b1e03ae3822493026af6dbfeb724c689226cca44541283a991e158a94f95cc859a6a049f090bd28f833d4efeac4349f701b59aeb9ba720d9d848a55354d9217a055f0e1bd67dc55610268e531f3d00ed6b85b46b899ce4cd5208f8f5791d8efdecf9f6104ee2e639872cb14065cf724f238b89f48ea71c773448be14e797097bf97118c0cc9bb4858dc6a029c6db3797191dac3c95fa61e04a49c79937515b015a96c9f26f833c15be521cfceaac1e47716ad3d0a4b2a843e1b469be"}}, @l2cap_create_chan_rsp={{0xd, 0x9, 0x8}, {0xfff, 0xbb, 0x2, 0x40}}, @l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x1, 0x7}}, @l2cap_conn_req={{0x2, 0x20, 0x4}, {0x4, 0x7}}]}}, 0x108)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x3, 0x3, 0x103}, @l2cap_cid_signaling={{0xff}, [@l2cap_info_rsp={{0xb, 0x2, 0xe0}, {0x3f, 0x6, "43fed84eed50096b9edb890549418f444a5604394fd9bcea95e00039851e5943b1e03ae3822493026af6dbfeb724c689226cca44541283a991e158a94f95cc859a6a049f090bd28f833d4efeac4349f701b59aeb9ba720d9d848a55354d9217a055f0e1bd67dc55610268e531f3d00ed6b85b46b899ce4cd5208f8f5791d8efdecf9f6104ee2e639872cb14065cf724f238b89f48ea71c773448be14e797097bf97118c0cc9bb4858dc6a029c6db3797191dac3c95fa61e04a49c79937515b015a96c9f26f833c15be521cfceaac1e47716ad3d0a4b2a843e1b469be"}}, @l2cap_create_chan_rsp={{0xd, 0x9, 0x8}, {0xfff, 0xbb, 0x2, 0x40}}, @l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x1, 0x7}}, @l2cap_conn_req={{0x2, 0x20, 0x4}, {0x4, 0x7}}]}}, 0x108) (async)

13:51:38 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2) (async)

13:51:38 executing program 4:
r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc2}, &(0x7f0000000080)={0x0, "4d9d5e22f69f71fdaeb257cc432a503e8937e4630148c80579f5883b8138e82ed42d0cdb5a36c8e02486effcb8f6f17780fb15e0a3848c3ec761cff9c813fc17", 0x25}, 0x48, 0x0)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="04b2f9ceb6a10176eded9d333ac305100d0eac8ad453f56e4b9f6cfd7d8b29bf627f64ccd90100fb9feb4a9f07b69b5762e39157cf6c3b5b68a92c047a2e8107112ae80ce08d97e32802c7202b31abdc7873696359924b7711fa3b5e5ec2b267ffe9f1c1bbb0c3a499459fb403b1e137d7f705c5f790cfdb215ed6157f9c639d58f9f953fd86226f5f38d1ae609ea602d5ea308240607a8f76d598b2736ccd8d0be3dd5b"], 0x8) (async)
keyctl$KEYCTL_MOVE(0x1e, r0, 0xffffffffffffffff, r0, 0x1)

13:51:38 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000010000000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:38 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0xa00000000000000)

13:51:38 executing program 3:
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x3, 0x3, 0x103}, @l2cap_cid_signaling={{0xff}, [@l2cap_info_rsp={{0xb, 0x2, 0xe0}, {0x3f, 0x6, "43fed84eed50096b9edb890549418f444a5604394fd9bcea95e00039851e5943b1e03ae3822493026af6dbfeb724c689226cca44541283a991e158a94f95cc859a6a049f090bd28f833d4efeac4349f701b59aeb9ba720d9d848a55354d9217a055f0e1bd67dc55610268e531f3d00ed6b85b46b899ce4cd5208f8f5791d8efdecf9f6104ee2e639872cb14065cf724f238b89f48ea71c773448be14e797097bf97118c0cc9bb4858dc6a029c6db3797191dac3c95fa61e04a49c79937515b015a96c9f26f833c15be521cfceaac1e47716ad3d0a4b2a843e1b469be"}}, @l2cap_create_chan_rsp={{0xd, 0x9, 0x8}, {0xfff, 0xbb, 0x2, 0x40}}, @l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x1, 0x7}}, @l2cap_conn_req={{0x2, 0x20, 0x4}, {0x4, 0x7}}]}}, 0x108)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x3, 0x3, 0x103}, @l2cap_cid_signaling={{0xff}, [@l2cap_info_rsp={{0xb, 0x2, 0xe0}, {0x3f, 0x6, "43fed84eed50096b9edb890549418f444a5604394fd9bcea95e00039851e5943b1e03ae3822493026af6dbfeb724c689226cca44541283a991e158a94f95cc859a6a049f090bd28f833d4efeac4349f701b59aeb9ba720d9d848a55354d9217a055f0e1bd67dc55610268e531f3d00ed6b85b46b899ce4cd5208f8f5791d8efdecf9f6104ee2e639872cb14065cf724f238b89f48ea71c773448be14e797097bf97118c0cc9bb4858dc6a029c6db3797191dac3c95fa61e04a49c79937515b015a96c9f26f833c15be521cfceaac1e47716ad3d0a4b2a843e1b469be"}}, @l2cap_create_chan_rsp={{0xd, 0x9, 0x8}, {0xfff, 0xbb, 0x2, 0x40}}, @l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x1, 0x7}}, @l2cap_conn_req={{0x2, 0x20, 0x4}, {0x4, 0x7}}]}}, 0x108) (async)

13:51:38 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0c1f835582b06fb9612875556acdfd0000000000000000"], 0x8)

13:51:38 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2) (async)

13:51:38 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000024000000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2330.488735][  T628] FAULT_INJECTION: forcing a failure.
[ 2330.488735][  T628] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2330.526890][  T628] CPU: 0 PID: 628 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
13:51:38 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x0, 0xba}, @l2cap_cid_signaling={{0xb6}, [@l2cap_move_chan_req={{0xe, 0x2, 0x3}, {0x7, 0xcb}}, @l2cap_create_chan_req={{0xc, 0x80, 0x5}, {0x9, 0x7, 0x8}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x7, 0x2}, {0x9}}, @l2cap_info_rsp={{0xb, 0x7, 0x9c}, {0x1, 0x6, "aea759a77067ee14e2dde3f0f354a957ecd83f86d23f41828d17a34d3201d5585e1eeac405a272a9fc328fa50a9148cc5db9e534f85c79a4356a338796e9048a65306b420dfcd2768b40230b34d691ae6d017d220404179fb9b48c8eb1b7743b2450e4974c80c680453faaa86c13271dfe03f389a471e07b78d0f72b50086ac0d724460bd85fdf3856d5d9b375e6146b23bf57c927d8d5c8"}}]}}, 0xbf)
syz_emit_vhci(&(0x7f0000000100)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x38}, "7d744f8331b39b5a5d498a12692d555c1c633a0d0a7f9c7707fa2e1bbef1246b309915334707a46a80d236aa35e7211bfa15d2f10464a304"}, 0x3c)

[ 2330.537373][  T628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2330.547721][  T628] Call Trace:
[ 2330.551034][  T628]  <TASK>
[ 2330.553996][  T628]  dump_stack_lvl+0xcd/0x134
[ 2330.558624][  T628]  should_fail.cold+0x5/0xa
[ 2330.563166][  T628]  _copy_from_user+0x2a/0x170
[ 2330.568091][  T628]  input_event_from_user+0x131/0x3a0
[ 2330.573850][  T628]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2330.579786][  T628]  evdev_write+0x356/0x760
[ 2330.584221][  T628]  ? evdev_read+0xe30/0xe30
[ 2330.588817][  T628]  ? apparmor_file_permission+0x264/0x4e0
[ 2330.594564][  T628]  ? bpf_lsm_file_permission+0x5/0x10
[ 2330.600059][  T628]  ? security_file_permission+0xab/0xd0
[ 2330.605638][  T628]  vfs_write+0x2d7/0xdd0
[ 2330.609898][  T628]  ? evdev_read+0xe30/0xe30
[ 2330.614436][  T628]  ? vfs_read+0x930/0x930
[ 2330.618795][  T628]  ? __fget_files+0x26a/0x440
[ 2330.624360][  T628]  ? __fget_light+0xe5/0x270
[ 2330.629069][  T628]  ksys_write+0x1e8/0x250
[ 2330.633510][  T628]  ? __ia32_sys_read+0xb0/0xb0
[ 2330.638378][  T628]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2330.644306][  T628]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2330.650241][  T628]  do_syscall_64+0x35/0xb0
[ 2330.654698][  T628]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2330.660610][  T628] RIP: 0033:0x7eff6688a649
[ 2330.665037][  T628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
13:51:39 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0c1f835582b06fb9612875556acdfd0000000000000000"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0c1f835582b06fb9612875556acdfd0000000000000000"], 0x8) (async)

[ 2330.684924][  T628] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2330.693348][  T628] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2330.701329][  T628] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2330.709315][  T628] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2330.717296][  T628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2330.725272][  T628] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2330.734658][  T628]  </TASK>
13:51:39 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 70)

13:51:39 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0xc00000000000000)

13:51:39 executing program 1:
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)

13:51:39 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000026000000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:39 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x0, 0xba}, @l2cap_cid_signaling={{0xb6}, [@l2cap_move_chan_req={{0xe, 0x2, 0x3}, {0x7, 0xcb}}, @l2cap_create_chan_req={{0xc, 0x80, 0x5}, {0x9, 0x7, 0x8}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x7, 0x2}, {0x9}}, @l2cap_info_rsp={{0xb, 0x7, 0x9c}, {0x1, 0x6, "aea759a77067ee14e2dde3f0f354a957ecd83f86d23f41828d17a34d3201d5585e1eeac405a272a9fc328fa50a9148cc5db9e534f85c79a4356a338796e9048a65306b420dfcd2768b40230b34d691ae6d017d220404179fb9b48c8eb1b7743b2450e4974c80c680453faaa86c13271dfe03f389a471e07b78d0f72b50086ac0d724460bd85fdf3856d5d9b375e6146b23bf57c927d8d5c8"}}]}}, 0xbf) (async)
syz_emit_vhci(&(0x7f0000000100)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x38}, "7d744f8331b39b5a5d498a12692d555c1c633a0d0a7f9c7707fa2e1bbef1246b309915334707a46a80d236aa35e7211bfa15d2f10464a304"}, 0x3c)

13:51:39 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0c1f835582b06fb9612875556acdfd0000000000000000"], 0x8)

13:51:39 executing program 1:
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)

13:51:39 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000028000000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:39 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x0, 0xba}, @l2cap_cid_signaling={{0xb6}, [@l2cap_move_chan_req={{0xe, 0x2, 0x3}, {0x7, 0xcb}}, @l2cap_create_chan_req={{0xc, 0x80, 0x5}, {0x9, 0x7, 0x8}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x7, 0x2}, {0x9}}, @l2cap_info_rsp={{0xb, 0x7, 0x9c}, {0x1, 0x6, "aea759a77067ee14e2dde3f0f354a957ecd83f86d23f41828d17a34d3201d5585e1eeac405a272a9fc328fa50a9148cc5db9e534f85c79a4356a338796e9048a65306b420dfcd2768b40230b34d691ae6d017d220404179fb9b48c8eb1b7743b2450e4974c80c680453faaa86c13271dfe03f389a471e07b78d0f72b50086ac0d724460bd85fdf3856d5d9b375e6146b23bf57c927d8d5c8"}}]}}, 0xbf)
syz_emit_vhci(&(0x7f0000000100)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x38}, "7d744f8331b39b5a5d498a12692d555c1c633a0d0a7f9c7707fa2e1bbef1246b309915334707a46a80d236aa35e7211bfa15d2f10464a304"}, 0x3c)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x0, 0xba}, @l2cap_cid_signaling={{0xb6}, [@l2cap_move_chan_req={{0xe, 0x2, 0x3}, {0x7, 0xcb}}, @l2cap_create_chan_req={{0xc, 0x80, 0x5}, {0x9, 0x7, 0x8}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x7, 0x2}, {0x9}}, @l2cap_info_rsp={{0xb, 0x7, 0x9c}, {0x1, 0x6, "aea759a77067ee14e2dde3f0f354a957ecd83f86d23f41828d17a34d3201d5585e1eeac405a272a9fc328fa50a9148cc5db9e534f85c79a4356a338796e9048a65306b420dfcd2768b40230b34d691ae6d017d220404179fb9b48c8eb1b7743b2450e4974c80c680453faaa86c13271dfe03f389a471e07b78d0f72b50086ac0d724460bd85fdf3856d5d9b375e6146b23bf57c927d8d5c8"}}]}}, 0xbf) (async)
syz_emit_vhci(&(0x7f0000000100)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x38}, "7d744f8331b39b5a5d498a12692d555c1c633a0d0a7f9c7707fa2e1bbef1246b309915334707a46a80d236aa35e7211bfa15d2f10464a304"}, 0x3c) (async)

13:51:39 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="316c0f7e8b00270881d17064ebe46b47a789ebe9a648d887f02f6c867754c1a1b4c4de00"/51], 0x8)

[ 2330.871784][  T657] FAULT_INJECTION: forcing a failure.
[ 2330.871784][  T657] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2330.922593][  T657] CPU: 0 PID: 657 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2330.932897][  T657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2330.943608][  T657] Call Trace:
[ 2330.946910][  T657]  <TASK>
[ 2330.949868][  T657]  dump_stack_lvl+0xcd/0x134
[ 2330.954592][  T657]  should_fail.cold+0x5/0xa
[ 2330.959132][  T657]  _copy_from_user+0x2a/0x170
[ 2330.963858][  T657]  input_event_from_user+0x131/0x3a0
13:51:39 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)

13:51:39 executing program 1:
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2) (async)

[ 2330.969180][  T657]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2330.975019][  T657]  evdev_write+0x356/0x760
[ 2330.979479][  T657]  ? evdev_read+0xe30/0xe30
[ 2330.984100][  T657]  ? apparmor_file_permission+0x264/0x4e0
[ 2330.989950][  T657]  ? bpf_lsm_file_permission+0x5/0x10
[ 2330.995363][  T657]  ? security_file_permission+0xab/0xd0
[ 2331.000957][  T657]  vfs_write+0x2d7/0xdd0
[ 2331.005236][  T657]  ? evdev_read+0xe30/0xe30
[ 2331.009777][  T657]  ? vfs_read+0x930/0x930
[ 2331.014156][  T657]  ? __fget_files+0x26a/0x440
[ 2331.018879][  T657]  ? __fget_light+0xe5/0x270
[ 2331.023554][  T657]  ksys_write+0x1e8/0x250
[ 2331.028176][  T657]  ? __ia32_sys_read+0xb0/0xb0
[ 2331.032953][  T657]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2331.038901][  T657]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2331.044850][  T657]  do_syscall_64+0x35/0xb0
[ 2331.049306][  T657]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2331.055235][  T657] RIP: 0033:0x7eff6688a649
[ 2331.059697][  T657] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2331.080400][  T657] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2331.088835][  T657] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2331.096841][  T657] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2331.104865][  T657] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2331.113071][  T657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
13:51:39 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 71)

13:51:39 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2) (async)

13:51:39 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000280)={{{@in6=@remote, @in=@local}}, {{@in6=@loopback}, 0x0, @in=@broadcast}}, &(0x7f0000000240)=0xe8)
read$snddsp(0xffffffffffffffff, &(0x7f0000000040)=""/159, 0x9f)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

13:51:39 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000060000000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:39 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="316c0f7e8b00270881d17064ebe46b47a789ebe9a648d887f02f6c867754c1a1b4c4de00"/51], 0x8)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="316c0f7e8b00270881d17064ebe46b47a789ebe9a648d887f02f6c867754c1a1b4c4de00"/51], 0x8) (async)

13:51:39 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0xe00000000000000)

[ 2331.121068][  T657] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2331.129096][  T657]  </TASK>
13:51:39 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2) (async)

13:51:39 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000280)={{{@in6=@remote, @in=@local}}, {{@in6=@loopback}, 0x0, @in=@broadcast}}, &(0x7f0000000240)=0xe8) (async)
read$snddsp(0xffffffffffffffff, &(0x7f0000000040)=""/159, 0x9f) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

13:51:39 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000087000000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:39 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="316c0f7e8b00270881d17064ebe46b47a789ebe9a648d887f02f6c867754c1a1b4c4de00"/51], 0x8)

13:51:39 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000280)={{{@in6=@remote, @in=@local}}, {{@in6=@loopback}, 0x0, @in=@broadcast}}, &(0x7f0000000240)=0xe8) (async)
read$snddsp(0xffffffffffffffff, &(0x7f0000000040)=""/159, 0x9f)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

[ 2331.248053][  T687] FAULT_INJECTION: forcing a failure.
[ 2331.248053][  T687] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2331.308230][  T687] CPU: 1 PID: 687 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2331.318542][  T687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2331.328630][  T687] Call Trace:
[ 2331.331937][  T687]  <TASK>
[ 2331.334904][  T687]  dump_stack_lvl+0xcd/0x134
[ 2331.339543][  T687]  should_fail.cold+0x5/0xa
[ 2331.344104][  T687]  _copy_from_user+0x2a/0x170
[ 2331.348838][  T687]  input_event_from_user+0x131/0x3a0
13:51:39 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000bd000000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2331.354171][  T687]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2331.360031][  T687]  evdev_write+0x356/0x760
[ 2331.364498][  T687]  ? evdev_read+0xe30/0xe30
[ 2331.369035][  T687]  ? apparmor_file_permission+0x264/0x4e0
[ 2331.374791][  T687]  ? bpf_lsm_file_permission+0x5/0x10
[ 2331.380195][  T687]  ? security_file_permission+0xab/0xd0
[ 2331.385782][  T687]  vfs_write+0x2d7/0xdd0
[ 2331.390054][  T687]  ? evdev_read+0xe30/0xe30
[ 2331.394561][  T687]  ? vfs_read+0x930/0x930
[ 2331.398908][  T687]  ? __fget_files+0x26a/0x440
[ 2331.403607][  T687]  ? __fget_light+0xe5/0x270
[ 2331.408274][  T687]  ksys_write+0x1e8/0x250
[ 2331.412687][  T687]  ? __ia32_sys_read+0xb0/0xb0
[ 2331.417549][  T687]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2331.423513][  T687]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2331.429421][  T687]  do_syscall_64+0x35/0xb0
[ 2331.433842][  T687]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2331.439737][  T687] RIP: 0033:0x7eff6688a649
[ 2331.444149][  T687] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2331.463949][  T687] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2331.472567][  T687] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2331.480565][  T687] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2331.488565][  T687] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2331.496564][  T687] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
13:51:39 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x41}, "883e9ac46d6fceffbf65fed53c488f3ee9655a3945457567ad27148546cdd8e0f84f11baaec6a05903c2602ef0356214e8c03368166d11c66aeb9c9b0acbbf621c"}, 0x45)

13:51:39 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000cb000000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:39 executing program 4:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRESHEX=r0, @ANYRES16=r0, @ANYRESDEC=r0], 0x8)

13:51:39 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0xf00000000000000)

13:51:39 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 72)

13:51:39 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0xd9, 0x8}, {0x4, 0xf000, 0x400}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x7f, 0x4}, {0x100, 0x23ba}}}}, 0x11)

[ 2331.504535][  T687] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2331.512626][  T687]  </TASK>
13:51:39 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0xd9, 0x8}, {0x4, 0xf000, 0x400}}}}, 0x15) (async)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x7f, 0x4}, {0x100, 0x23ba}}}}, 0x11)

[ 2331.557528][  T704] __nla_validate_parse: 18 callbacks suppressed
[ 2331.557549][  T704] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'.
13:51:39 executing program 4:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRESHEX=r0, @ANYRES16=r0, @ANYRESDEC=r0], 0x8)
syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01) (async)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800) (async)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRESHEX=r0, @ANYRES16=r0, @ANYRESDEC=r0], 0x8) (async)

[ 2331.601681][  T713] FAULT_INJECTION: forcing a failure.
[ 2331.601681][  T713] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2331.616310][  T704] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2331.626766][  T713] CPU: 1 PID: 713 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2331.637056][  T713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2331.647151][  T713] Call Trace:
[ 2331.650441][  T713]  <TASK>
[ 2331.653380][  T713]  dump_stack_lvl+0xcd/0x134
[ 2331.657998][  T713]  should_fail.cold+0x5/0xa
[ 2331.662519][  T713]  _copy_from_user+0x2a/0x170
[ 2331.667238][  T713]  input_event_from_user+0x131/0x3a0
[ 2331.672628][  T713]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2331.678721][  T713]  evdev_write+0x356/0x760
[ 2331.683169][  T713]  ? evdev_read+0xe30/0xe30
[ 2331.687682][  T713]  ? apparmor_file_permission+0x264/0x4e0
[ 2331.693423][  T713]  ? bpf_lsm_file_permission+0x5/0x10
[ 2331.698894][  T713]  ? security_file_permission+0xab/0xd0
[ 2331.704462][  T713]  vfs_write+0x2d7/0xdd0
[ 2331.708739][  T713]  ? evdev_read+0xe30/0xe30
[ 2331.713268][  T713]  ? vfs_read+0x930/0x930
[ 2331.717648][  T713]  ? __fget_files+0x26a/0x440
[ 2331.722369][  T713]  ? __fget_light+0xe5/0x270
[ 2331.727000][  T713]  ksys_write+0x1e8/0x250
[ 2331.731360][  T713]  ? __ia32_sys_read+0xb0/0xb0
[ 2331.736163][  T713]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2331.742103][  T713]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2331.748034][  T713]  do_syscall_64+0x35/0xb0
[ 2331.752475][  T713]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2331.758392][  T713] RIP: 0033:0x7eff6688a649
[ 2331.762817][  T713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2331.782452][  T713] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2331.790903][  T713] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
13:51:40 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async, rerun: 64)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x41}, "883e9ac46d6fceffbf65fed53c488f3ee9655a3945457567ad27148546cdd8e0f84f11baaec6a05903c2602ef0356214e8c03368166d11c66aeb9c9b0acbbf621c"}, 0x45) (rerun: 64)

13:51:40 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000e5000000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2331.798891][  T713] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2331.807222][  T713] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2331.815208][  T713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2331.823273][  T713] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2331.831273][  T713]  </TASK>
13:51:40 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x41}, "883e9ac46d6fceffbf65fed53c488f3ee9655a3945457567ad27148546cdd8e0f84f11baaec6a05903c2602ef0356214e8c03368166d11c66aeb9c9b0acbbf621c"}, 0x45)

13:51:40 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0xd9, 0x8}, {0x4, 0xf000, 0x400}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x7f, 0x4}, {0x100, 0x23ba}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0xd9, 0x8}, {0x4, 0xf000, 0x400}}}}, 0x15) (async)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x7f, 0x4}, {0x100, 0x23ba}}}}, 0x11) (async)

13:51:40 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x1000000000000000)

13:51:40 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 73)

13:51:40 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000f0000000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:40 executing program 1:
syz_emit_vhci(&(0x7f0000000240)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x17b}, "1a8fe942314c2f13971c4df4f6841f1a279f7395da634236e279dd4a826f20369487fd75eb4fd6bbb37b1d8ea9a0dc6715a20ed61c271d41da05210b56b4ca609b02d81ec6df05f6d264aae969c6b4040f93ccf20ba77657f11c5d27bf81742690186436f79379691f2704c7de60243b09b2965dd410d93c6344698a2cb60ffc31aa2885936667df78911801bf4ee2348b2da963556eac6b5e2d616f15f8eadb08955cfbd0f8f06c72ff3873ca83a614e0c4c19bd8dc9c33f5a307a6c8db92f7a012f01e68d8b9aeb32c7083a4b5687ced3d380887a40410c9ba9a542a568a59e868e860bc34d7e9a0c87ee68946410a334dc2f080ff430cb3a6cb61a407773ebe8957b0e52cd45ae1eb91cd3a0fabf12a7eb6f776162397795a02ec18d24caae2919d7ac17d98c887d700603b7fafe6d0d4edb7bb9d5ee369e92ccb802d592bbdb27197ef44a6dd96514ac1cc43c6f318fed8705e991b4df4230f54a9471cf9df10fa7adae1a9dcc98a13deae9e315aa5bc44fad4c2ad609834b0"}, 0x17f)

13:51:40 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB], 0xa)

13:51:40 executing program 4:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800) (async)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRESHEX=r0, @ANYRES16=r0, @ANYRESDEC=r0], 0x8)

[ 2331.989931][  T736] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2332.026461][  T747] FAULT_INJECTION: forcing a failure.
[ 2332.026461][  T747] name fail_usercopy, interval 1, probability 0, space 0, times 0
13:51:40 executing program 1:
syz_emit_vhci(&(0x7f0000000240)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x17b}, "1a8fe942314c2f13971c4df4f6841f1a279f7395da634236e279dd4a826f20369487fd75eb4fd6bbb37b1d8ea9a0dc6715a20ed61c271d41da05210b56b4ca609b02d81ec6df05f6d264aae969c6b4040f93ccf20ba77657f11c5d27bf81742690186436f79379691f2704c7de60243b09b2965dd410d93c6344698a2cb60ffc31aa2885936667df78911801bf4ee2348b2da963556eac6b5e2d616f15f8eadb08955cfbd0f8f06c72ff3873ca83a614e0c4c19bd8dc9c33f5a307a6c8db92f7a012f01e68d8b9aeb32c7083a4b5687ced3d380887a40410c9ba9a542a568a59e868e860bc34d7e9a0c87ee68946410a334dc2f080ff430cb3a6cb61a407773ebe8957b0e52cd45ae1eb91cd3a0fabf12a7eb6f776162397795a02ec18d24caae2919d7ac17d98c887d700603b7fafe6d0d4edb7bb9d5ee369e92ccb802d592bbdb27197ef44a6dd96514ac1cc43c6f318fed8705e991b4df4230f54a9471cf9df10fa7adae1a9dcc98a13deae9e315aa5bc44fad4c2ad609834b0"}, 0x17f)

13:51:40 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa) (async)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB], 0xa)

13:51:40 executing program 4:
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYRES32], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_features={{0xb, 0xb}, {0x9, 0xc9, "dd144ea0778fff99"}}}, 0xe)

13:51:40 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000fc000000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2332.030304][  T736] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
13:51:40 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa) (async)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB], 0xa)

[ 2332.111830][  T747] CPU: 0 PID: 747 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2332.122137][  T747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2332.132225][  T747] Call Trace:
[ 2332.135537][  T747]  <TASK>
[ 2332.138497][  T747]  dump_stack_lvl+0xcd/0x134
[ 2332.143139][  T747]  should_fail.cold+0x5/0xa
[ 2332.147693][  T747]  _copy_from_user+0x2a/0x170
[ 2332.152424][  T747]  input_event_from_user+0x131/0x3a0
[ 2332.157759][  T747]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2332.163630][  T747]  evdev_write+0x356/0x760
[ 2332.168095][  T747]  ? evdev_read+0xe30/0xe30
[ 2332.172636][  T747]  ? apparmor_file_permission+0x264/0x4e0
[ 2332.178420][  T747]  ? bpf_lsm_file_permission+0x5/0x10
[ 2332.183840][  T747]  ? security_file_permission+0xab/0xd0
[ 2332.189489][  T747]  vfs_write+0x2d7/0xdd0
[ 2332.193818][  T747]  ? evdev_read+0xe30/0xe30
[ 2332.198375][  T747]  ? vfs_read+0x930/0x930
[ 2332.202731][  T747]  ? __fget_files+0x26a/0x440
[ 2332.207470][  T747]  ? __fget_light+0xe5/0x270
[ 2332.212116][  T747]  ksys_write+0x1e8/0x250
[ 2332.216494][  T747]  ? __ia32_sys_read+0xb0/0xb0
[ 2332.221290][  T747]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2332.227232][  T747]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2332.233182][  T747]  do_syscall_64+0x35/0xb0
[ 2332.237652][  T747]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2332.243574][  T747] RIP: 0033:0x7eff6688a649
[ 2332.248006][  T747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2332.267629][  T747] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2332.276150][  T747] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2332.284134][  T747] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2332.292112][  T747] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2332.300111][  T747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
13:51:40 executing program 1:
syz_emit_vhci(&(0x7f0000000240)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x17b}, "1a8fe942314c2f13971c4df4f6841f1a279f7395da634236e279dd4a826f20369487fd75eb4fd6bbb37b1d8ea9a0dc6715a20ed61c271d41da05210b56b4ca609b02d81ec6df05f6d264aae969c6b4040f93ccf20ba77657f11c5d27bf81742690186436f79379691f2704c7de60243b09b2965dd410d93c6344698a2cb60ffc31aa2885936667df78911801bf4ee2348b2da963556eac6b5e2d616f15f8eadb08955cfbd0f8f06c72ff3873ca83a614e0c4c19bd8dc9c33f5a307a6c8db92f7a012f01e68d8b9aeb32c7083a4b5687ced3d380887a40410c9ba9a542a568a59e868e860bc34d7e9a0c87ee68946410a334dc2f080ff430cb3a6cb61a407773ebe8957b0e52cd45ae1eb91cd3a0fabf12a7eb6f776162397795a02ec18d24caae2919d7ac17d98c887d700603b7fafe6d0d4edb7bb9d5ee369e92ccb802d592bbdb27197ef44a6dd96514ac1cc43c6f318fed8705e991b4df4230f54a9471cf9df10fa7adae1a9dcc98a13deae9e315aa5bc44fad4c2ad609834b0"}, 0x17f)

13:51:40 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x6000000000000000)

[ 2332.308098][  T747] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2332.316114][  T747]  </TASK>
13:51:40 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 74)

13:51:40 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x2}}}, 0x4)

13:51:40 executing program 4:
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYRES32], 0x8) (async, rerun: 64)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_features={{0xb, 0xb}, {0x9, 0xc9, "dd144ea0778fff99"}}}, 0xe) (rerun: 64)

13:51:40 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000040010000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:40 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="04360700000000b2436ea8d659000000"], 0xa)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="02c8600a0006000502006f00c736acf4da5665a5b4f6bc0f81714ce3f8c3b44c166dd731f7ee5c506de9bae79c36f32a1d5d22d7c104b9367db888e37ede6409bb04605ef0d587c6ae6a320020dbb369aab53e7ec2091a466d45f72627fa678a50d02854474dd524166ec8154a1bca8c34ff7f000000000000fdc8661acc73012524b8759c2dc7fdc3f3a11fed0558c9684fa7f1269bf739b608"], 0xf)
syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x1, 0x1d8}, @l2cap_cid_signaling={{0x1d4}, [@l2cap_info_rsp={{0xb, 0x20, 0xa3}, {0x100, 0xa95e, "b91c0858c9ff709e19ae853fd531442601ec86908c26d72c26fa3667809e0b157a4f7170412c545e59dcdab330b0675a965eebf4750b6000140a3e8368b365d6743d06c40e1efefdc302eb96108447ad551856a0fe0560a645899a9efb3fd039d976624a9adfec59e4c955d97e80c19cbf6fcb4986efe85fd2b803389fd10cba27c45d462d20d8235973dd998ffef19898559027bbda63a2d84a5e1dc88ee2"}}, @l2cap_info_rsp={{0xb, 0xff, 0xcf}, {0xd7a1, 0x1, "f4d5046e965afca848c89ad8a10d4270e3d75f1a8e4f4e3d2421cdebe7b0250ae0cb832ae114cf432541794889a6c6782ebf47053b1161012dbb574e4e651f0b12d0bf5dd3b9df96cdba16b80d1decfaa8a917ef8a5b88b5ab937c41b66cf10f743026f51e36ac1b886e868fcbb8f2ec58ba17078ed77e8d227c37fd64e92aea589765689a30e243751e1c01ec30711bcb2e877a85b16e5d76bf14dd4fe502309698f3ce76496b22c2490ee4010c30f663ab159d0260cb96ea9c21a7562feb2e18bd5163a0ceb6386e5649"}}, @l2cap_create_chan_rsp={{0xd, 0x1a, 0x8}, {0x1f, 0x3, 0x0, 0x8}}, @l2cap_conn_req={{0x2, 0x1f, 0x4}, {0xffe1, 0x6e24}}, @l2cap_move_chan_rsp={{0xf, 0xc3, 0x4}, {0x2, 0x9}}, @l2cap_conf_req={{0x4, 0x6, 0x22}, {0xfffe, 0x6, [@l2cap_conf_flushto={0x2, 0x2, 0xe94}, @l2cap_conf_ews={0x7, 0x2, 0xe}, @l2cap_conf_flushto={0x2, 0x2, 0x4}, @l2cap_conf_mtu={0x1, 0x2, 0xfc01}, @l2cap_conf_mtu={0x1, 0x2, 0x4}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_flushto={0x2, 0x2, 0x1}]}}, @l2cap_conn_rsp={{0x3, 0x8, 0x8}, {0xe480, 0x55, 0xff, 0x704a}}, @l2cap_conn_rsp={{0x3, 0x5, 0x8}, {0x1ff, 0xffff, 0x8, 0x3ff}}]}}, 0x1dd)

[ 2332.371634][  T765] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2332.382054][  T765] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
13:51:40 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x2}}}, 0x4)

13:51:40 executing program 4:
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYRES32], 0x8) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_features={{0xb, 0xb}, {0x9, 0xc9, "dd144ea0778fff99"}}}, 0xe)

13:51:40 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000c6010000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:40 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="04360700000000b2436ea8d659000000"], 0xa)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="02c8600a0006000502006f00c736acf4da5665a5b4f6bc0f81714ce3f8c3b44c166dd731f7ee5c506de9bae79c36f32a1d5d22d7c104b9367db888e37ede6409bb04605ef0d587c6ae6a320020dbb369aab53e7ec2091a466d45f72627fa678a50d02854474dd524166ec8154a1bca8c34ff7f000000000000fdc8661acc73012524b8759c2dc7fdc3f3a11fed0558c9684fa7f1269bf739b608"], 0xf)
syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x1, 0x1d8}, @l2cap_cid_signaling={{0x1d4}, [@l2cap_info_rsp={{0xb, 0x20, 0xa3}, {0x100, 0xa95e, "b91c0858c9ff709e19ae853fd531442601ec86908c26d72c26fa3667809e0b157a4f7170412c545e59dcdab330b0675a965eebf4750b6000140a3e8368b365d6743d06c40e1efefdc302eb96108447ad551856a0fe0560a645899a9efb3fd039d976624a9adfec59e4c955d97e80c19cbf6fcb4986efe85fd2b803389fd10cba27c45d462d20d8235973dd998ffef19898559027bbda63a2d84a5e1dc88ee2"}}, @l2cap_info_rsp={{0xb, 0xff, 0xcf}, {0xd7a1, 0x1, "f4d5046e965afca848c89ad8a10d4270e3d75f1a8e4f4e3d2421cdebe7b0250ae0cb832ae114cf432541794889a6c6782ebf47053b1161012dbb574e4e651f0b12d0bf5dd3b9df96cdba16b80d1decfaa8a917ef8a5b88b5ab937c41b66cf10f743026f51e36ac1b886e868fcbb8f2ec58ba17078ed77e8d227c37fd64e92aea589765689a30e243751e1c01ec30711bcb2e877a85b16e5d76bf14dd4fe502309698f3ce76496b22c2490ee4010c30f663ab159d0260cb96ea9c21a7562feb2e18bd5163a0ceb6386e5649"}}, @l2cap_create_chan_rsp={{0xd, 0x1a, 0x8}, {0x1f, 0x3, 0x0, 0x8}}, @l2cap_conn_req={{0x2, 0x1f, 0x4}, {0xffe1, 0x6e24}}, @l2cap_move_chan_rsp={{0xf, 0xc3, 0x4}, {0x2, 0x9}}, @l2cap_conf_req={{0x4, 0x6, 0x22}, {0xfffe, 0x6, [@l2cap_conf_flushto={0x2, 0x2, 0xe94}, @l2cap_conf_ews={0x7, 0x2, 0xe}, @l2cap_conf_flushto={0x2, 0x2, 0x4}, @l2cap_conf_mtu={0x1, 0x2, 0xfc01}, @l2cap_conf_mtu={0x1, 0x2, 0x4}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_flushto={0x2, 0x2, 0x1}]}}, @l2cap_conn_rsp={{0x3, 0x8, 0x8}, {0xe480, 0x55, 0xff, 0x704a}}, @l2cap_conn_rsp={{0x3, 0x5, 0x8}, {0x1ff, 0xffff, 0x8, 0x3ff}}]}}, 0x1dd)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="04360700000000b2436ea8d659000000"], 0xa) (async)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="02c8600a0006000502006f00c736acf4da5665a5b4f6bc0f81714ce3f8c3b44c166dd731f7ee5c506de9bae79c36f32a1d5d22d7c104b9367db888e37ede6409bb04605ef0d587c6ae6a320020dbb369aab53e7ec2091a466d45f72627fa678a50d02854474dd524166ec8154a1bca8c34ff7f000000000000fdc8661acc73012524b8759c2dc7fdc3f3a11fed0558c9684fa7f1269bf739b608"], 0xf) (async)
syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x1, 0x1d8}, @l2cap_cid_signaling={{0x1d4}, [@l2cap_info_rsp={{0xb, 0x20, 0xa3}, {0x100, 0xa95e, "b91c0858c9ff709e19ae853fd531442601ec86908c26d72c26fa3667809e0b157a4f7170412c545e59dcdab330b0675a965eebf4750b6000140a3e8368b365d6743d06c40e1efefdc302eb96108447ad551856a0fe0560a645899a9efb3fd039d976624a9adfec59e4c955d97e80c19cbf6fcb4986efe85fd2b803389fd10cba27c45d462d20d8235973dd998ffef19898559027bbda63a2d84a5e1dc88ee2"}}, @l2cap_info_rsp={{0xb, 0xff, 0xcf}, {0xd7a1, 0x1, "f4d5046e965afca848c89ad8a10d4270e3d75f1a8e4f4e3d2421cdebe7b0250ae0cb832ae114cf432541794889a6c6782ebf47053b1161012dbb574e4e651f0b12d0bf5dd3b9df96cdba16b80d1decfaa8a917ef8a5b88b5ab937c41b66cf10f743026f51e36ac1b886e868fcbb8f2ec58ba17078ed77e8d227c37fd64e92aea589765689a30e243751e1c01ec30711bcb2e877a85b16e5d76bf14dd4fe502309698f3ce76496b22c2490ee4010c30f663ab159d0260cb96ea9c21a7562feb2e18bd5163a0ceb6386e5649"}}, @l2cap_create_chan_rsp={{0xd, 0x1a, 0x8}, {0x1f, 0x3, 0x0, 0x8}}, @l2cap_conn_req={{0x2, 0x1f, 0x4}, {0xffe1, 0x6e24}}, @l2cap_move_chan_rsp={{0xf, 0xc3, 0x4}, {0x2, 0x9}}, @l2cap_conf_req={{0x4, 0x6, 0x22}, {0xfffe, 0x6, [@l2cap_conf_flushto={0x2, 0x2, 0xe94}, @l2cap_conf_ews={0x7, 0x2, 0xe}, @l2cap_conf_flushto={0x2, 0x2, 0x4}, @l2cap_conf_mtu={0x1, 0x2, 0xfc01}, @l2cap_conf_mtu={0x1, 0x2, 0x4}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_flushto={0x2, 0x2, 0x1}]}}, @l2cap_conn_rsp={{0x3, 0x8, 0x8}, {0xe480, 0x55, 0xff, 0x704a}}, @l2cap_conn_rsp={{0x3, 0x5, 0x8}, {0x1ff, 0xffff, 0x8, 0x3ff}}]}}, 0x1dd) (async)

13:51:40 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x6558000000000000)

13:51:40 executing program 4:
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$KVM_SET_XCRS(r0, 0x4188aea7, &(0x7f0000000040)={0x8, 0x6, [{0xfff, 0x0, 0x5}, {0x1ff, 0x0, 0x89f9}, {0x8, 0x0, 0x1f}, {0xcda3, 0x0, 0x7ff}, {0x40, 0x0, 0x5}, {0x7fff, 0x0, 0x28e}, {0x2, 0x0, 0xcb0}, {0xba, 0x0, 0x7}]})
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x7, 0x4}, {0xffff, 0x6}}}}, 0x11)

[ 2332.536764][  T780] FAULT_INJECTION: forcing a failure.
[ 2332.536764][  T780] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2332.539274][  T787] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2332.567877][  T780] CPU: 1 PID: 780 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2332.575369][T15356] Bluetooth: Unexpected continuation frame (len 12)
[ 2332.578164][  T780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2332.578184][  T780] Call Trace:
[ 2332.578193][  T780]  <TASK>
[ 2332.578205][  T780]  dump_stack_lvl+0xcd/0x134
[ 2332.595582][  T787] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2332.598159][  T780]  should_fail.cold+0x5/0xa
[ 2332.598205][  T780]  _copy_from_user+0x2a/0x170
[ 2332.624140][  T780]  input_event_from_user+0x131/0x3a0
[ 2332.629474][  T780]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2332.635335][  T780]  evdev_write+0x356/0x760
[ 2332.639791][  T780]  ? evdev_read+0xe30/0xe30
[ 2332.644325][  T780]  ? apparmor_file_permission+0x264/0x4e0
[ 2332.650048][  T780]  ? bpf_lsm_file_permission+0x5/0x10
[ 2332.655678][  T780]  ? security_file_permission+0xab/0xd0
[ 2332.661249][  T780]  vfs_write+0x2d7/0xdd0
[ 2332.665496][  T780]  ? evdev_read+0xe30/0xe30
[ 2332.670031][  T780]  ? vfs_read+0x930/0x930
[ 2332.674480][  T780]  ? __fget_files+0x26a/0x440
[ 2332.679220][  T780]  ? __fget_light+0xe5/0x270
13:51:41 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="04360700000000b2436ea8d659000000"], 0xa) (async)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="02c8600a0006000502006f00c736acf4da5665a5b4f6bc0f81714ce3f8c3b44c166dd731f7ee5c506de9bae79c36f32a1d5d22d7c104b9367db888e37ede6409bb04605ef0d587c6ae6a320020dbb369aab53e7ec2091a466d45f72627fa678a50d02854474dd524166ec8154a1bca8c34ff7f000000000000fdc8661acc73012524b8759c2dc7fdc3f3a11fed0558c9684fa7f1269bf739b608"], 0xf)
syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x1, 0x1d8}, @l2cap_cid_signaling={{0x1d4}, [@l2cap_info_rsp={{0xb, 0x20, 0xa3}, {0x100, 0xa95e, "b91c0858c9ff709e19ae853fd531442601ec86908c26d72c26fa3667809e0b157a4f7170412c545e59dcdab330b0675a965eebf4750b6000140a3e8368b365d6743d06c40e1efefdc302eb96108447ad551856a0fe0560a645899a9efb3fd039d976624a9adfec59e4c955d97e80c19cbf6fcb4986efe85fd2b803389fd10cba27c45d462d20d8235973dd998ffef19898559027bbda63a2d84a5e1dc88ee2"}}, @l2cap_info_rsp={{0xb, 0xff, 0xcf}, {0xd7a1, 0x1, "f4d5046e965afca848c89ad8a10d4270e3d75f1a8e4f4e3d2421cdebe7b0250ae0cb832ae114cf432541794889a6c6782ebf47053b1161012dbb574e4e651f0b12d0bf5dd3b9df96cdba16b80d1decfaa8a917ef8a5b88b5ab937c41b66cf10f743026f51e36ac1b886e868fcbb8f2ec58ba17078ed77e8d227c37fd64e92aea589765689a30e243751e1c01ec30711bcb2e877a85b16e5d76bf14dd4fe502309698f3ce76496b22c2490ee4010c30f663ab159d0260cb96ea9c21a7562feb2e18bd5163a0ceb6386e5649"}}, @l2cap_create_chan_rsp={{0xd, 0x1a, 0x8}, {0x1f, 0x3, 0x0, 0x8}}, @l2cap_conn_req={{0x2, 0x1f, 0x4}, {0xffe1, 0x6e24}}, @l2cap_move_chan_rsp={{0xf, 0xc3, 0x4}, {0x2, 0x9}}, @l2cap_conf_req={{0x4, 0x6, 0x22}, {0xfffe, 0x6, [@l2cap_conf_flushto={0x2, 0x2, 0xe94}, @l2cap_conf_ews={0x7, 0x2, 0xe}, @l2cap_conf_flushto={0x2, 0x2, 0x4}, @l2cap_conf_mtu={0x1, 0x2, 0xfc01}, @l2cap_conf_mtu={0x1, 0x2, 0x4}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_flushto={0x2, 0x2, 0x1}]}}, @l2cap_conn_rsp={{0x3, 0x8, 0x8}, {0xe480, 0x55, 0xff, 0x704a}}, @l2cap_conn_rsp={{0x3, 0x5, 0x8}, {0x1ff, 0xffff, 0x8, 0x3ff}}]}}, 0x1dd)

[ 2332.683841][  T780]  ksys_write+0x1e8/0x250
[ 2332.688177][  T780]  ? __ia32_sys_read+0xb0/0xb0
[ 2332.692940][  T780]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2332.698925][  T780]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2332.704849][  T780]  do_syscall_64+0x35/0xb0
[ 2332.709265][  T780]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2332.715157][  T780] RIP: 0033:0x7eff6688a649
[ 2332.719570][  T780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2332.739189][  T780] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2332.747631][  T780] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2332.755617][  T780] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2332.763596][  T780] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2332.771588][  T780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2332.779573][  T780] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2332.787579][  T780]  </TASK>
13:51:41 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x2}}}, 0x4)

13:51:41 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x1, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_conn_req={{0x17, 0x7, 0x10}, {0x3f, 0xfffb, 0x6, 0x9, [0x4, 0x3ff, 0x7, 0x7]}}}}, 0x1d)

13:51:41 executing program 4:
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$KVM_SET_XCRS(r0, 0x4188aea7, &(0x7f0000000040)={0x8, 0x6, [{0xfff, 0x0, 0x5}, {0x1ff, 0x0, 0x89f9}, {0x8, 0x0, 0x1f}, {0xcda3, 0x0, 0x7ff}, {0x40, 0x0, 0x5}, {0x7fff, 0x0, 0x28e}, {0x2, 0x0, 0xcb0}, {0xba, 0x0, 0x7}]})
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x7, 0x4}, {0xffff, 0x6}}}}, 0x11)

13:51:41 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000af020000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:41 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 75)

13:51:41 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x8100000000000000)

13:51:41 executing program 4:
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$KVM_SET_XCRS(r0, 0x4188aea7, &(0x7f0000000040)={0x8, 0x6, [{0xfff, 0x0, 0x5}, {0x1ff, 0x0, 0x89f9}, {0x8, 0x0, 0x1f}, {0xcda3, 0x0, 0x7ff}, {0x40, 0x0, 0x5}, {0x7fff, 0x0, 0x28e}, {0x2, 0x0, 0xcb0}, {0xba, 0x0, 0x7}]}) (async, rerun: 64)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (async, rerun: 64)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x7, 0x4}, {0xffff, 0x6}}}}, 0x11)

13:51:41 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x4, &(0x7f0000000080)=<r1=>0x0)
ftruncate(r0, 0x81fd)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x2, 0x0, 0x1299})
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'wg1\x00'})
io_cancel(0x0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0xd, 0x1, 0xffffffffffffffff, &(0x7f0000000240)="e90a01b37a031f37a79cad67ad7afaf5e8726b9b85c78a609bb0e1728937ace32d5a730fe3d9acb1d7a8415bf5870ca566a17b7f1d53d3bc42c8dc7a72a563ad98e7fd1cc64b4587a8cde8c9d42d9e9018dc4dfebc40a930a1b902dc31733c27e42aaa9989f3e306611bdc74144004444802110c95763553c43c5a760bf5a175de20a479cd2be173122290d1dc844fd2bb2abef6dd94fb797b36b13ec248e3bac599c905d4ce26a3bf257eaf790c7769c29b2a2507ce3ea4239c9a43869a220bbf68bf7a4e9bbd990956d3a34cc256383b28bf6cc14e6242e6cc890b84a3c63f0341ff052e67bd78165962ddad6ba0a895d08dfe712b2f26a7aacb76669c7163ba7f7584bfe9f2ba6fe2fc0a1aef9cf3da5971b329b45054d0017a5c3ee4846c6e7539db7ac9f0e9eb2470ffdcd469dc11c75e245f4b0c4b4705a37a66ca0e639880", 0x142, 0x0, 0x0, 0x2}, &(0x7f0000000100))

13:51:41 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x1, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_conn_req={{0x17, 0x7, 0x10}, {0x3f, 0xfffb, 0x6, 0x9, [0x4, 0x3ff, 0x7, 0x7]}}}}, 0x1d)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x1, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_conn_req={{0x17, 0x7, 0x10}, {0x3f, 0xfffb, 0x6, 0x9, [0x4, 0x3ff, 0x7, 0x7]}}}}, 0x1d) (async)

[ 2332.879267][T15356] Bluetooth: Unexpected continuation frame (len 12)
[ 2332.880766][  T804] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'.
13:51:41 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x1, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_conn_req={{0x17, 0x7, 0x10}, {0x3f, 0xfffb, 0x6, 0x9, [0x4, 0x3ff, 0x7, 0x7]}}}}, 0x1d)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x1, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_conn_req={{0x17, 0x7, 0x10}, {0x3f, 0xfffb, 0x6, 0x9, [0x4, 0x3ff, 0x7, 0x7]}}}}, 0x1d) (async)

[ 2332.946939][  T811] FAULT_INJECTION: forcing a failure.
[ 2332.946939][  T811] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2332.962191][  T804] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2332.971829][T15356] Bluetooth: Unexpected continuation frame (len 12)
[ 2332.990224][  T811] CPU: 1 PID: 811 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2333.000545][  T811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2333.010638][  T811] Call Trace:
[ 2333.013947][  T811]  <TASK>
[ 2333.016912][  T811]  dump_stack_lvl+0xcd/0x134
[ 2333.021552][  T811]  should_fail.cold+0x5/0xa
[ 2333.026108][  T811]  _copy_from_user+0x2a/0x170
[ 2333.030836][  T811]  input_event_from_user+0x131/0x3a0
[ 2333.036164][  T811]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2333.042024][  T811]  evdev_write+0x356/0x760
[ 2333.046495][  T811]  ? evdev_read+0xe30/0xe30
[ 2333.051023][  T811]  ? apparmor_file_permission+0x264/0x4e0
[ 2333.056777][  T811]  ? bpf_lsm_file_permission+0x5/0x10
[ 2333.062179][  T811]  ? security_file_permission+0xab/0xd0
[ 2333.067772][  T811]  vfs_write+0x2d7/0xdd0
[ 2333.072040][  T811]  ? evdev_read+0xe30/0xe30
[ 2333.076569][  T811]  ? vfs_read+0x930/0x930
[ 2333.080942][  T811]  ? __fget_files+0x26a/0x440
[ 2333.085664][  T811]  ? __fget_light+0xe5/0x270
[ 2333.090283][  T811]  ksys_write+0x1e8/0x250
[ 2333.094636][  T811]  ? __ia32_sys_read+0xb0/0xb0
[ 2333.099527][  T811]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2333.105467][  T811]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2333.111403][  T811]  do_syscall_64+0x35/0xb0
[ 2333.115843][  T811]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2333.121756][  T811] RIP: 0033:0x7eff6688a649
[ 2333.126203][  T811] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
13:51:41 executing program 4:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$EVIOCSKEYCODE_V2(0xffffffffffffffff, 0x40284504, &(0x7f0000000140)={0x11, 0xd, 0x4, 0x3, "b48c808f3c53846e7d470de70726802d70fe7dd93407a39b14b4a8457c06b271"})
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
splice(r1, &(0x7f0000000080)=0x3, r0, &(0x7f0000000100), 0x3, 0x9)
write$char_usb(r0, &(0x7f0000000280)="e2", 0x1)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES32=r0], 0x8)
r2 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r2, &(0x7f0000000040)="e2", 0x1800)
ioctl$EVIOCGKEY(r2, 0x80404518, &(0x7f0000000180)=""/233)

13:51:41 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="04412ec9"], 0x4)
syz_emit_vhci(&(0x7f0000000180)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x65}, "bca5d83bd3752454c4a8ebae56e35196bccf10678b57309ed8b72232c72ad0d801d0a70bed7816b35e7df111e6975fe752f703e6d9fd7b5a43b1caafe7dfb25e20987385bbc9d9d8bf7e1b3731216457775d4db431179d4a0989af0c5e20538b056216d343"}, 0x69)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x8a}, "3584a1e014c5ceab9dd1e9038892112a22e2e287f8b83393e42a6da4211261c4625c8e2cdc5ee9794f1e68adf5ad8ff471b2177d1dbac666d19c9da8485ca9e88e6a28d9ab46fb24a2a1a81eb7ae83ac282a7fa9dedc4afe24e482cabf7401450699ec19e9ac500b2342db662adbed4f8a2969107010ebab49fa45633ee29b196df83801e6e1fd237889"}, 0x8e)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_request={{0x31, 0x6}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}}}, 0x9)

13:51:41 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa) (async)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="04412ec9"], 0x4) (async)
syz_emit_vhci(&(0x7f0000000180)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x65}, "bca5d83bd3752454c4a8ebae56e35196bccf10678b57309ed8b72232c72ad0d801d0a70bed7816b35e7df111e6975fe752f703e6d9fd7b5a43b1caafe7dfb25e20987385bbc9d9d8bf7e1b3731216457775d4db431179d4a0989af0c5e20538b056216d343"}, 0x69)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x8a}, "3584a1e014c5ceab9dd1e9038892112a22e2e287f8b83393e42a6da4211261c4625c8e2cdc5ee9794f1e68adf5ad8ff471b2177d1dbac666d19c9da8485ca9e88e6a28d9ab46fb24a2a1a81eb7ae83ac282a7fa9dedc4afe24e482cabf7401450699ec19e9ac500b2342db662adbed4f8a2969107010ebab49fa45633ee29b196df83801e6e1fd237889"}, 0x8e)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2) (async)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_request={{0x31, 0x6}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}}}, 0x9)

[ 2333.145829][  T811] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2333.154260][  T811] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2333.162243][  T811] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2333.170315][  T811] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2333.178415][  T811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2333.186533][  T811] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2333.194988][  T811]  </TASK>
13:51:41 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 76)

13:51:41 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000) (async)
io_setup(0x4, &(0x7f0000000080)=<r1=>0x0) (async)
ftruncate(r0, 0x81fd)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x2, 0x0, 0x1299}) (async)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}]) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'wg1\x00'})
io_cancel(0x0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0xd, 0x1, 0xffffffffffffffff, &(0x7f0000000240)="e90a01b37a031f37a79cad67ad7afaf5e8726b9b85c78a609bb0e1728937ace32d5a730fe3d9acb1d7a8415bf5870ca566a17b7f1d53d3bc42c8dc7a72a563ad98e7fd1cc64b4587a8cde8c9d42d9e9018dc4dfebc40a930a1b902dc31733c27e42aaa9989f3e306611bdc74144004444802110c95763553c43c5a760bf5a175de20a479cd2be173122290d1dc844fd2bb2abef6dd94fb797b36b13ec248e3bac599c905d4ce26a3bf257eaf790c7769c29b2a2507ce3ea4239c9a43869a220bbf68bf7a4e9bbd990956d3a34cc256383b28bf6cc14e6242e6cc890b84a3c63f0341ff052e67bd78165962ddad6ba0a895d08dfe712b2f26a7aacb76669c7163ba7f7584bfe9f2ba6fe2fc0a1aef9cf3da5971b329b45054d0017a5c3ee4846c6e7539db7ac9f0e9eb2470ffdcd469dc11c75e245f4b0c4b4705a37a66ca0e639880", 0x142, 0x0, 0x0, 0x2}, &(0x7f0000000100))

13:51:41 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000030000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:41 executing program 4:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01) (async)
ioctl$EVIOCSKEYCODE_V2(0xffffffffffffffff, 0x40284504, &(0x7f0000000140)={0x11, 0xd, 0x4, 0x3, "b48c808f3c53846e7d470de70726802d70fe7dd93407a39b14b4a8457c06b271"}) (async)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
splice(r1, &(0x7f0000000080)=0x3, r0, &(0x7f0000000100), 0x3, 0x9) (async)
write$char_usb(r0, &(0x7f0000000280)="e2", 0x1) (async)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES32=r0], 0x8)
r2 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r2, &(0x7f0000000040)="e2", 0x1800) (async)
ioctl$EVIOCGKEY(r2, 0x80404518, &(0x7f0000000180)=""/233)

[ 2333.224696][T15356] Bluetooth: hci8: SCO packet for unknown connection handle 0
[ 2333.300644][T15356] Bluetooth: hci8: SCO packet for unknown connection handle 0
[ 2333.306505][  T842] FAULT_INJECTION: forcing a failure.
[ 2333.306505][  T842] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2333.332729][  T842] CPU: 0 PID: 842 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2333.343064][  T842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2333.353159][  T842] Call Trace:
[ 2333.356453][  T842]  <TASK>
[ 2333.359398][  T842]  dump_stack_lvl+0xcd/0x134
[ 2333.364038][  T842]  should_fail.cold+0x5/0xa
[ 2333.368592][  T842]  _copy_from_user+0x2a/0x170
[ 2333.373311][  T842]  input_event_from_user+0x131/0x3a0
[ 2333.378641][  T842]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2333.384479][  T842]  evdev_write+0x356/0x760
[ 2333.388916][  T842]  ? evdev_read+0xe30/0xe30
[ 2333.393431][  T842]  ? apparmor_file_permission+0x264/0x4e0
[ 2333.399258][  T842]  ? bpf_lsm_file_permission+0x5/0x10
[ 2333.404649][  T842]  ? security_file_permission+0xab/0xd0
[ 2333.410221][  T842]  vfs_write+0x2d7/0xdd0
[ 2333.414485][  T842]  ? evdev_read+0xe30/0xe30
[ 2333.419006][  T842]  ? vfs_read+0x930/0x930
[ 2333.423362][  T842]  ? __fget_files+0x26a/0x440
[ 2333.428059][  T842]  ? __fget_light+0xe5/0x270
[ 2333.432675][  T842]  ksys_write+0x1e8/0x250
[ 2333.437019][  T842]  ? __ia32_sys_read+0xb0/0xb0
[ 2333.441883][  T842]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2333.447798][  T842]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2333.453715][  T842]  do_syscall_64+0x35/0xb0
[ 2333.458174][  T842]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2333.464102][  T842] RIP: 0033:0x7eff6688a649
[ 2333.468550][  T842] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2333.488207][  T842] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
13:51:41 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="04412ec9"], 0x4)
syz_emit_vhci(&(0x7f0000000180)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x65}, "bca5d83bd3752454c4a8ebae56e35196bccf10678b57309ed8b72232c72ad0d801d0a70bed7816b35e7df111e6975fe752f703e6d9fd7b5a43b1caafe7dfb25e20987385bbc9d9d8bf7e1b3731216457775d4db431179d4a0989af0c5e20538b056216d343"}, 0x69)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x8a}, "3584a1e014c5ceab9dd1e9038892112a22e2e287f8b83393e42a6da4211261c4625c8e2cdc5ee9794f1e68adf5ad8ff471b2177d1dbac666d19c9da8485ca9e88e6a28d9ab46fb24a2a1a81eb7ae83ac282a7fa9dedc4afe24e482cabf7401450699ec19e9ac500b2342db662adbed4f8a2969107010ebab49fa45633ee29b196df83801e6e1fd237889"}, 0x8e)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_request={{0x31, 0x6}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}}}, 0x9)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa) (async)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="04412ec9"], 0x4) (async)
syz_emit_vhci(&(0x7f0000000180)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x65}, "bca5d83bd3752454c4a8ebae56e35196bccf10678b57309ed8b72232c72ad0d801d0a70bed7816b35e7df111e6975fe752f703e6d9fd7b5a43b1caafe7dfb25e20987385bbc9d9d8bf7e1b3731216457775d4db431179d4a0989af0c5e20538b056216d343"}, 0x69) (async)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x8a}, "3584a1e014c5ceab9dd1e9038892112a22e2e287f8b83393e42a6da4211261c4625c8e2cdc5ee9794f1e68adf5ad8ff471b2177d1dbac666d19c9da8485ca9e88e6a28d9ab46fb24a2a1a81eb7ae83ac282a7fa9dedc4afe24e482cabf7401450699ec19e9ac500b2342db662adbed4f8a2969107010ebab49fa45633ee29b196df83801e6e1fd237889"}, 0x8e) (async)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2) (async)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_request={{0x31, 0x6}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}}}, 0x9) (async)

13:51:41 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x88a8ffff00000000)

13:51:41 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000050000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2333.496660][  T842] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2333.506900][  T842] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2333.514881][  T842] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2333.522886][  T842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2333.530867][  T842] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2333.538885][  T842]  </TASK>
13:51:41 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 77)

13:51:41 executing program 4:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$EVIOCSKEYCODE_V2(0xffffffffffffffff, 0x40284504, &(0x7f0000000140)={0x11, 0xd, 0x4, 0x3, "b48c808f3c53846e7d470de70726802d70fe7dd93407a39b14b4a8457c06b271"})
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
splice(r1, &(0x7f0000000080)=0x3, r0, &(0x7f0000000100), 0x3, 0x9)
write$char_usb(r0, &(0x7f0000000280)="e2", 0x1) (async)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES32=r0], 0x8) (async)
r2 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r2, &(0x7f0000000040)="e2", 0x1800) (async)
ioctl$EVIOCGKEY(r2, 0x80404518, &(0x7f0000000180)=""/233)

13:51:41 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x4, &(0x7f0000000080)=<r1=>0x0)
ftruncate(r0, 0x81fd)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x2, 0x0, 0x1299})
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'wg1\x00'})
io_cancel(0x0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0xd, 0x1, 0xffffffffffffffff, &(0x7f0000000240)="e90a01b37a031f37a79cad67ad7afaf5e8726b9b85c78a609bb0e1728937ace32d5a730fe3d9acb1d7a8415bf5870ca566a17b7f1d53d3bc42c8dc7a72a563ad98e7fd1cc64b4587a8cde8c9d42d9e9018dc4dfebc40a930a1b902dc31733c27e42aaa9989f3e306611bdc74144004444802110c95763553c43c5a760bf5a175de20a479cd2be173122290d1dc844fd2bb2abef6dd94fb797b36b13ec248e3bac599c905d4ce26a3bf257eaf790c7769c29b2a2507ce3ea4239c9a43869a220bbf68bf7a4e9bbd990956d3a34cc256383b28bf6cc14e6242e6cc890b84a3c63f0341ff052e67bd78165962ddad6ba0a895d08dfe712b2f26a7aacb76669c7163ba7f7584bfe9f2ba6fe2fc0a1aef9cf3da5971b329b45054d0017a5c3ee4846c6e7539db7ac9f0e9eb2470ffdcd469dc11c75e245f4b0c4b4705a37a66ca0e639880", 0x142, 0x0, 0x0, 0x2}, &(0x7f0000000100))
creat(&(0x7f0000000000)='./bus\x00', 0x0) (async)
fcntl$setstatus(r0, 0x4, 0x6000) (async)
io_setup(0x4, &(0x7f0000000080)) (async)
ftruncate(r0, 0x81fd) (async)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x2, 0x0, 0x1299}) (async)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}]) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'wg1\x00'}) (async)
io_cancel(0x0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0xd, 0x1, 0xffffffffffffffff, &(0x7f0000000240)="e90a01b37a031f37a79cad67ad7afaf5e8726b9b85c78a609bb0e1728937ace32d5a730fe3d9acb1d7a8415bf5870ca566a17b7f1d53d3bc42c8dc7a72a563ad98e7fd1cc64b4587a8cde8c9d42d9e9018dc4dfebc40a930a1b902dc31733c27e42aaa9989f3e306611bdc74144004444802110c95763553c43c5a760bf5a175de20a479cd2be173122290d1dc844fd2bb2abef6dd94fb797b36b13ec248e3bac599c905d4ce26a3bf257eaf790c7769c29b2a2507ce3ea4239c9a43869a220bbf68bf7a4e9bbd990956d3a34cc256383b28bf6cc14e6242e6cc890b84a3c63f0341ff052e67bd78165962ddad6ba0a895d08dfe712b2f26a7aacb76669c7163ba7f7584bfe9f2ba6fe2fc0a1aef9cf3da5971b329b45054d0017a5c3ee4846c6e7539db7ac9f0e9eb2470ffdcd469dc11c75e245f4b0c4b4705a37a66ca0e639880", 0x142, 0x0, 0x0, 0x2}, &(0x7f0000000100)) (async)

13:51:41 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@any, "a89044"}}}, 0xd)

13:51:41 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000060000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:42 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x9effffff00000000)

[ 2333.639660][T15356] Bluetooth: hci8: SCO packet for unknown connection handle 0
[ 2333.656378][  T865] FAULT_INJECTION: forcing a failure.
[ 2333.656378][  T865] name fail_usercopy, interval 1, probability 0, space 0, times 0
13:51:42 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000070000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2333.710339][  T865] CPU: 1 PID: 865 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2333.720651][  T865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2333.730747][  T865] Call Trace:
[ 2333.734280][  T865]  <TASK>
[ 2333.737427][  T865]  dump_stack_lvl+0xcd/0x134
[ 2333.742068][  T865]  should_fail.cold+0x5/0xa
[ 2333.746626][  T865]  _copy_from_user+0x2a/0x170
[ 2333.751313][  T865]  input_event_from_user+0x131/0x3a0
[ 2333.756623][  T865]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2333.762468][  T865]  evdev_write+0x356/0x760
[ 2333.766932][  T865]  ? evdev_read+0xe30/0xe30
[ 2333.771452][  T865]  ? apparmor_file_permission+0x264/0x4e0
[ 2333.777257][  T865]  ? bpf_lsm_file_permission+0x5/0x10
[ 2333.782631][  T865]  ? security_file_permission+0xab/0xd0
[ 2333.788188][  T865]  vfs_write+0x2d7/0xdd0
[ 2333.792441][  T865]  ? evdev_read+0xe30/0xe30
[ 2333.796943][  T865]  ? vfs_read+0x930/0x930
[ 2333.801275][  T865]  ? __fget_files+0x26a/0x440
[ 2333.805955][  T865]  ? __fget_light+0xe5/0x270
[ 2333.810563][  T865]  ksys_write+0x1e8/0x250
[ 2333.814913][  T865]  ? __ia32_sys_read+0xb0/0xb0
[ 2333.819728][  T865]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2333.825648][  T865]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2333.831575][  T865]  do_syscall_64+0x35/0xb0
[ 2333.836272][  T865]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2333.842189][  T865] RIP: 0033:0x7eff6688a649
[ 2333.846699][  T865] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2333.866337][  T865] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2333.874769][  T865] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2333.882848][  T865] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2333.890853][  T865] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2333.898835][  T865] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
13:51:42 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@any, "a89044"}}}, 0xd)

13:51:42 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000090000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:42 executing program 4:
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff}, './file0\x00'})
ioctl$KVM_ASSIGN_SET_MSIX_NR(r0, 0x4008ae73, &(0x7f0000000180)={0xffff46ed, 0x8})
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xc9}, "691a363f8278050b6db677ae5a478f91c7d4e1dca8b8f84e61f4b175ef118c873f45f7427135d0dab569b861fd92451bf444c80fc4e52a406c4541d5252977c992dc05b71f691e30602031fc4cc72dce8489475ee51e6a06fac3fb2bccd2396223b7e3af2c768956c190c450113555d43520766265b6281567f44fe9b77963ca648e06ba8068eda57e2ca9a3d8a81f7d3cebcd8cdedaf55f6a4605f329ece4a53d5998b291cc8f83f6feece2bb6890fe1467b8168e1c4d3799068ef479bb28631087ee9a83fc13dd9e"}, 0xcd)

[ 2333.906832][  T865] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2333.914817][  T865]  </TASK>
13:51:42 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@any, "a89044"}}}, 0xd)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@any, "a89044"}}}, 0xd) (async)

13:51:42 executing program 1:
ioctl$VIDIOC_STREAMON(0xffffffffffffffff, 0x40045612, &(0x7f0000000000)=0x7)
syz_open_dev$cec(&(0x7f0000000040), 0x3, 0x2)

13:51:42 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 78)

13:51:42 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000000a0000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:42 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0xf0ffffff00000000)

13:51:42 executing program 4:
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff}, './file0\x00'})
ioctl$KVM_ASSIGN_SET_MSIX_NR(r0, 0x4008ae73, &(0x7f0000000180)={0xffff46ed, 0x8}) (async)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xc9}, "691a363f8278050b6db677ae5a478f91c7d4e1dca8b8f84e61f4b175ef118c873f45f7427135d0dab569b861fd92451bf444c80fc4e52a406c4541d5252977c992dc05b71f691e30602031fc4cc72dce8489475ee51e6a06fac3fb2bccd2396223b7e3af2c768956c190c450113555d43520766265b6281567f44fe9b77963ca648e06ba8068eda57e2ca9a3d8a81f7d3cebcd8cdedaf55f6a4605f329ece4a53d5998b291cc8f83f6feece2bb6890fe1467b8168e1c4d3799068ef479bb28631087ee9a83fc13dd9e"}, 0xcd)

13:51:42 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000000c0000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:42 executing program 1:
ioctl$VIDIOC_STREAMON(0xffffffffffffffff, 0x40045612, &(0x7f0000000000)=0x7) (async)
syz_open_dev$cec(&(0x7f0000000040), 0x3, 0x2)

13:51:42 executing program 3:
r0 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r0, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f00000002c0)=@bridge_newvlan={0x58, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0x10, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_TUNNEL_INFO={0xc, 0x4, 0x0, 0x1, @BRIDGE_VLANDB_TINFO_ID={0x8, 0x1, 0xbc}}}]}, 0x58}}, 0xe010)
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r4=>0x0})
write(0xffffffffffffffff, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32)
recvmmsg(0xffffffffffffffff, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r7}]}, 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8}, @GTPA_LINK={0x8, 0x1, r7}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)=@RTM_DELMDB={0x78, 0x55, 0x10, 0x70bd2a, 0x25dfdbfe, {}, [@MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x0, 0x3, 0x0, {@ip4=@multicast2}}}, @MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x1, 0x2, 0x4, {@in6_addr=@private1, 0x800}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r7, 0x0, 0x3, 0x1, {@in6_addr=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x800}, 0x4000000)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r4}]}, 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_LINK={0x8, 0x1, r4}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000100)={0x0, 0xb8, &(0x7f0000000040)=[@in6={0xa, 0x4e21, 0xfffffff9, @dev={0xfe, 0x80, '\x00', 0x14}, 0x4}, @in6={0xa, 0x4e23, 0xea, @local, 0x1}, @in6={0xa, 0x4e23, 0x0, @local, 0x7}, @in={0x2, 0x4e21, @multicast1}, @in6={0xa, 0x4e21, 0x1, @ipv4={'\x00', '\xff\xff', @local}, 0x2}, @in6={0xa, 0x4e20, 0x2, @empty, 0x7}, @in6={0xa, 0x4e21, 0x0, @loopback, 0x9}]}, &(0x7f0000000140)=0x10)
ioctl$SCSI_IOCTL_GET_PCI(0xffffffffffffffff, 0x5387, &(0x7f0000000000))

[ 2334.076099][  T906] FAULT_INJECTION: forcing a failure.
[ 2334.076099][  T906] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2334.122241][  T906] CPU: 0 PID: 906 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2334.132560][  T906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2334.143080][  T906] Call Trace:
[ 2334.146375][  T906]  <TASK>
[ 2334.149333][  T906]  dump_stack_lvl+0xcd/0x134
[ 2334.153973][  T906]  should_fail.cold+0x5/0xa
[ 2334.158510][  T906]  _copy_from_user+0x2a/0x170
[ 2334.163298][  T906]  input_event_from_user+0x131/0x3a0
[ 2334.168639][  T906]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2334.174520][  T906]  evdev_write+0x356/0x760
[ 2334.178978][  T906]  ? evdev_read+0xe30/0xe30
[ 2334.183518][  T906]  ? apparmor_file_permission+0x264/0x4e0
[ 2334.189294][  T906]  ? bpf_lsm_file_permission+0x5/0x10
[ 2334.194710][  T906]  ? security_file_permission+0xab/0xd0
[ 2334.200396][  T906]  vfs_write+0x2d7/0xdd0
[ 2334.204666][  T906]  ? evdev_read+0xe30/0xe30
[ 2334.209206][  T906]  ? vfs_read+0x930/0x930
[ 2334.213654][  T906]  ? __fget_files+0x26a/0x440
[ 2334.218368][  T906]  ? __fget_light+0xe5/0x270
[ 2334.223323][  T906]  ksys_write+0x1e8/0x250
[ 2334.227667][  T906]  ? __ia32_sys_read+0xb0/0xb0
[ 2334.232450][  T906]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2334.238375][  T906]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2334.244409][  T906]  do_syscall_64+0x35/0xb0
[ 2334.248846][  T906]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2334.254758][  T906] RIP: 0033:0x7eff6688a649
[ 2334.259210][  T906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2334.278933][  T906] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2334.287365][  T906] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2334.295366][  T906] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2334.303363][  T906] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2334.311352][  T906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
13:51:42 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 79)

13:51:42 executing program 4:
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff}, './file0\x00'})
ioctl$KVM_ASSIGN_SET_MSIX_NR(r0, 0x4008ae73, &(0x7f0000000180)={0xffff46ed, 0x8})
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xc9}, "691a363f8278050b6db677ae5a478f91c7d4e1dca8b8f84e61f4b175ef118c873f45f7427135d0dab569b861fd92451bf444c80fc4e52a406c4541d5252977c992dc05b71f691e30602031fc4cc72dce8489475ee51e6a06fac3fb2bccd2396223b7e3af2c768956c190c450113555d43520766265b6281567f44fe9b77963ca648e06ba8068eda57e2ca9a3d8a81f7d3cebcd8cdedaf55f6a4605f329ece4a53d5998b291cc8f83f6feece2bb6890fe1467b8168e1c4d3799068ef479bb28631087ee9a83fc13dd9e"}, 0xcd)

13:51:42 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0xf439000000000000)

[ 2334.319348][  T906] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2334.327357][  T906]  </TASK>
13:51:42 executing program 1:
ioctl$VIDIOC_STREAMON(0xffffffffffffffff, 0x40045612, &(0x7f0000000000)=0x7) (async)
syz_open_dev$cec(&(0x7f0000000040), 0x3, 0x2)

13:51:42 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000000e0000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:42 executing program 4:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYRES16=r0, @ANYBLOB="341f24db2c68b048dfb8aa4d68e507b678e08382174b04e7e2d6024e3341797a309b2b17a380a547ec07f2ea8f8f1bfffaeead7e3ec44772197fcb2655cf85f749ec38c41eac9684647e6c0e34be15214af6e1748c98d5eb4f92e2f6a8ea233455c8c1000000", @ANYBLOB="ac2c9dc57a14a1a5e74234222ee1aea94630c39a4c9be72a587029d5510ae027250f30d7f4b99dbdbabe72a62d37e98fbcf9a6ed858bb8c34f0a8a64306cc4a0aeb146c51c6f817fa60f763cf3b3813422453d95f60f6c2ea0a97e65f805fe1d2736915779edb62e30c01ea665a127bd88f3993b854e62bce3fe4d1b56dd49f55b6d81261672ce09909fbbbf3a14a356d8c45b7705dd4dba824855d9aeb0bd8d6dd9d12409944f4a9939e41a02cd7a790346e8593f259a853c32b5250c29c599d9e9b43f1047f4ac82f9b5affcc3a53ca6af4337952f0f67c2575aab11e568293163959715fd955f61d80ad146e6", @ANYRESDEC=r0], 0x8)

13:51:42 executing program 3:
r0 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r0, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f00000002c0)=@bridge_newvlan={0x58, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0x10, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_TUNNEL_INFO={0xc, 0x4, 0x0, 0x1, @BRIDGE_VLANDB_TINFO_ID={0x8, 0x1, 0xbc}}}]}, 0x58}}, 0xe010) (async)
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0) (async)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r4=>0x0}) (async)
write(0xffffffffffffffff, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32)
recvmmsg(0xffffffffffffffff, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) (async)
r5 = socket$nl_route(0x10, 0x3, 0x0) (async)
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r7}]}, 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8}, @GTPA_LINK={0x8, 0x1, r7}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)=@RTM_DELMDB={0x78, 0x55, 0x10, 0x70bd2a, 0x25dfdbfe, {}, [@MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x0, 0x3, 0x0, {@ip4=@multicast2}}}, @MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x1, 0x2, 0x4, {@in6_addr=@private1, 0x800}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r7, 0x0, 0x3, 0x1, {@in6_addr=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x800}, 0x4000000) (async)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r4}]}, 0x34}}, 0x0) (async)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_LINK={0x8, 0x1, r4}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10) (async)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000100)={0x0, 0xb8, &(0x7f0000000040)=[@in6={0xa, 0x4e21, 0xfffffff9, @dev={0xfe, 0x80, '\x00', 0x14}, 0x4}, @in6={0xa, 0x4e23, 0xea, @local, 0x1}, @in6={0xa, 0x4e23, 0x0, @local, 0x7}, @in={0x2, 0x4e21, @multicast1}, @in6={0xa, 0x4e21, 0x1, @ipv4={'\x00', '\xff\xff', @local}, 0x2}, @in6={0xa, 0x4e20, 0x2, @empty, 0x7}, @in6={0xa, 0x4e21, 0x0, @loopback, 0x9}]}, &(0x7f0000000140)=0x10) (async)
ioctl$SCSI_IOCTL_GET_PCI(0xffffffffffffffff, 0x5387, &(0x7f0000000000))

[ 2334.415684][  T925] FAULT_INJECTION: forcing a failure.
[ 2334.415684][  T925] name fail_usercopy, interval 1, probability 0, space 0, times 0
13:51:42 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0xff03000000000000)

[ 2334.470655][  T925] CPU: 1 PID: 925 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2334.480967][  T925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2334.491058][  T925] Call Trace:
[ 2334.494372][  T925]  <TASK>
[ 2334.497337][  T925]  dump_stack_lvl+0xcd/0x134
[ 2334.501977][  T925]  should_fail.cold+0x5/0xa
[ 2334.506537][  T925]  _copy_from_user+0x2a/0x170
[ 2334.511263][  T925]  input_event_from_user+0x131/0x3a0
13:51:42 executing program 1:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="0431008aaaaaaaaa12"], 0x9b)

13:51:42 executing program 1:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="0431008aaaaaaaaa12"], 0x9b)

[ 2334.516617][  T925]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2334.516672][  T925]  evdev_write+0x356/0x760
[ 2334.516705][  T925]  ? evdev_read+0xe30/0xe30
[ 2334.516729][  T925]  ? apparmor_file_permission+0x264/0x4e0
[ 2334.516764][  T925]  ? bpf_lsm_file_permission+0x5/0x10
[ 2334.516792][  T925]  ? security_file_permission+0xab/0xd0
[ 2334.516830][  T925]  vfs_write+0x2d7/0xdd0
[ 2334.516859][  T925]  ? evdev_read+0xe30/0xe30
[ 2334.516885][  T925]  ? vfs_read+0x930/0x930
[ 2334.516920][  T925]  ? __fget_files+0x26a/0x440
[ 2334.516956][  T925]  ? __fget_light+0xe5/0x270
13:51:42 executing program 1:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="0431008aaaaaaaaa12"], 0x9b)

13:51:42 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x37}, "8c478fe079796e80efb8c35834427dbef24354c9647e8aff3cbd4056972a3605e684576651521305a9376854016256367b9c1cfeea5632"}, 0x3b)

[ 2334.516990][  T925]  ksys_write+0x1e8/0x250
[ 2334.517018][  T925]  ? __ia32_sys_read+0xb0/0xb0
[ 2334.517046][  T925]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2334.517080][  T925]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2334.517120][  T925]  do_syscall_64+0x35/0xb0
[ 2334.517149][  T925]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2334.517179][  T925] RIP: 0033:0x7eff6688a649
[ 2334.517209][  T925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2334.627272][  T925] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2334.635738][  T925] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2334.643919][  T925] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2334.651925][  T925] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2334.660196][  T925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
13:51:43 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 80)

13:51:43 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x37}, "8c478fe079796e80efb8c35834427dbef24354c9647e8aff3cbd4056972a3605e684576651521305a9376854016256367b9c1cfeea5632"}, 0x3b)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2) (async)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x37}, "8c478fe079796e80efb8c35834427dbef24354c9647e8aff3cbd4056972a3605e684576651521305a9376854016256367b9c1cfeea5632"}, 0x3b) (async)

13:51:43 executing program 3:
r0 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r0, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f00000002c0)=@bridge_newvlan={0x58, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0x10, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_TUNNEL_INFO={0xc, 0x4, 0x0, 0x1, @BRIDGE_VLANDB_TINFO_ID={0x8, 0x1, 0xbc}}}]}, 0x58}}, 0xe010)
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r4=>0x0})
write(0xffffffffffffffff, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32)
recvmmsg(0xffffffffffffffff, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r7}]}, 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8}, @GTPA_LINK={0x8, 0x1, r7}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)=@RTM_DELMDB={0x78, 0x55, 0x10, 0x70bd2a, 0x25dfdbfe, {}, [@MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x0, 0x3, 0x0, {@ip4=@multicast2}}}, @MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x1, 0x2, 0x4, {@in6_addr=@private1, 0x800}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r7, 0x0, 0x3, 0x1, {@in6_addr=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x800}, 0x4000000)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r4}]}, 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_LINK={0x8, 0x1, r4}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000100)={0x0, 0xb8, &(0x7f0000000040)=[@in6={0xa, 0x4e21, 0xfffffff9, @dev={0xfe, 0x80, '\x00', 0x14}, 0x4}, @in6={0xa, 0x4e23, 0xea, @local, 0x1}, @in6={0xa, 0x4e23, 0x0, @local, 0x7}, @in={0x2, 0x4e21, @multicast1}, @in6={0xa, 0x4e21, 0x1, @ipv4={'\x00', '\xff\xff', @local}, 0x2}, @in6={0xa, 0x4e20, 0x2, @empty, 0x7}, @in6={0xa, 0x4e21, 0x0, @loopback, 0x9}]}, &(0x7f0000000140)=0x10)
ioctl$SCSI_IOCTL_GET_PCI(0xffffffffffffffff, 0x5387, &(0x7f0000000000))
syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200) (async)
sendmsg$nl_route(r0, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f00000002c0)=@bridge_newvlan={0x58, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0x10, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_TUNNEL_INFO={0xc, 0x4, 0x0, 0x1, @BRIDGE_VLANDB_TINFO_ID={0x8, 0x1, 0xbc}}}]}, 0x58}}, 0xe010) (async)
socket(0x10, 0x2, 0x0) (async)
write(r1, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32) (async)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$packet(0x11, 0x3, 0x300) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) (async)
write(0xffffffffffffffff, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32) (async)
recvmmsg(0xffffffffffffffff, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$packet(0x11, 0x3, 0x300) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) (async)
sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r7}]}, 0x34}}, 0x0) (async)
sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8}, @GTPA_LINK={0x8, 0x1, r7}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)=@RTM_DELMDB={0x78, 0x55, 0x10, 0x70bd2a, 0x25dfdbfe, {}, [@MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x0, 0x3, 0x0, {@ip4=@multicast2}}}, @MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x1, 0x2, 0x4, {@in6_addr=@private1, 0x800}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r7, 0x0, 0x3, 0x1, {@in6_addr=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x800}, 0x4000000) (async)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r4}]}, 0x34}}, 0x0) (async)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_LINK={0x8, 0x1, r4}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10) (async)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000100)={0x0, 0xb8, &(0x7f0000000040)=[@in6={0xa, 0x4e21, 0xfffffff9, @dev={0xfe, 0x80, '\x00', 0x14}, 0x4}, @in6={0xa, 0x4e23, 0xea, @local, 0x1}, @in6={0xa, 0x4e23, 0x0, @local, 0x7}, @in={0x2, 0x4e21, @multicast1}, @in6={0xa, 0x4e21, 0x1, @ipv4={'\x00', '\xff\xff', @local}, 0x2}, @in6={0xa, 0x4e20, 0x2, @empty, 0x7}, @in6={0xa, 0x4e21, 0x0, @loopback, 0x9}]}, &(0x7f0000000140)=0x10) (async)
ioctl$SCSI_IOCTL_GET_PCI(0xffffffffffffffff, 0x5387, &(0x7f0000000000)) (async)

13:51:43 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0xffffff7f00000000)

13:51:43 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000000f0000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2334.668317][  T925] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2334.676329][  T925]  </TASK>
13:51:43 executing program 4:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800) (async)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYRES16=r0, @ANYBLOB="341f24db2c68b048dfb8aa4d68e507b678e08382174b04e7e2d6024e3341797a309b2b17a380a547ec07f2ea8f8f1bfffaeead7e3ec44772197fcb2655cf85f749ec38c41eac9684647e6c0e34be15214af6e1748c98d5eb4f92e2f6a8ea233455c8c1000000", @ANYBLOB="ac2c9dc57a14a1a5e74234222ee1aea94630c39a4c9be72a587029d5510ae027250f30d7f4b99dbdbabe72a62d37e98fbcf9a6ed858bb8c34f0a8a64306cc4a0aeb146c51c6f817fa60f763cf3b3813422453d95f60f6c2ea0a97e65f805fe1d2736915779edb62e30c01ea665a127bd88f3993b854e62bce3fe4d1b56dd49f55b6d81261672ce09909fbbbf3a14a356d8c45b7705dd4dba824855d9aeb0bd8d6dd9d12409944f4a9939e41a02cd7a790346e8593f259a853c32b5250c29c599d9e9b43f1047f4ac82f9b5affcc3a53ca6af4337952f0f67c2575aab11e568293163959715fd955f61d80ad146e6", @ANYRESDEC=r0], 0x8)

13:51:43 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x37}, "8c478fe079796e80efb8c35834427dbef24354c9647e8aff3cbd4056972a3605e684576651521305a9376854016256367b9c1cfeea5632"}, 0x3b)

13:51:43 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000fd1f0000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:43 executing program 1:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_LAST_MEMBER_INTVL={0xc, 0x2e, 0xfeffffffffffffff}]}}}]}, 0x40}}, 0x0)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

13:51:43 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=ANY=[], 0xa)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_reply={{0x32, 0x9}, {@none, 0x1, 0x8}}}, 0xc)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x16}, @l2cap_cid_le_signaling={{0x12}, @l2cap_ecred_reconf_req={{0x19, 0x20, 0xe}, {0x0, 0x36, [0x20, 0xff6e, 0xfff8, 0xfc01, 0xfe8]}}}}, 0x1b)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x38}, "e191ef04c101cc5d6cedccd52f519abb0e1412d5143cd943ee9fba5e93ca18276735b72c2062959da73d6a3dcb75e789e65525d572fe3afc"}, 0x3c)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xe8}, "0d2aa5c3cf91558fe90796b285e64c82c678da2df815983b8873a46b9290563dfa0495ff5eb149fbc356b7fbc854d1969b2166367e3993ae442d94f5b8e3872b8229d6717b5b42653eeb10835b592d3a127e807238bf541bd3c58fa312cefd711663b43eebceddfdab6b849afc611ef8f9ab92616c1b25f2b257129c9b66a62b50cf2970de1e14247398dd657479c34a0c950e4437bccc3b5f975e24b2c8b0bd74f2a02c0fbc0468cd3561eb0cb86732133483ad2fd8a75a3db97c4c9ef5f54563a915a70dd9660d4ae28fb13f97b8cbb138db18ab526c553bcf6e80825f9bec9c0a958b32fff3e1"}, 0xec)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x22}, "60f99db7f27d0c826994d1f184fc1e3a463a28dda77de65e3b91c376be3524e3e086"}, 0x26)

13:51:43 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0xffffffff00000000)

13:51:43 executing program 4:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYRES16=r0, @ANYBLOB="341f24db2c68b048dfb8aa4d68e507b678e08382174b04e7e2d6024e3341797a309b2b17a380a547ec07f2ea8f8f1bfffaeead7e3ec44772197fcb2655cf85f749ec38c41eac9684647e6c0e34be15214af6e1748c98d5eb4f92e2f6a8ea233455c8c1000000", @ANYBLOB="ac2c9dc57a14a1a5e74234222ee1aea94630c39a4c9be72a587029d5510ae027250f30d7f4b99dbdbabe72a62d37e98fbcf9a6ed858bb8c34f0a8a64306cc4a0aeb146c51c6f817fa60f763cf3b3813422453d95f60f6c2ea0a97e65f805fe1d2736915779edb62e30c01ea665a127bd88f3993b854e62bce3fe4d1b56dd49f55b6d81261672ce09909fbbbf3a14a356d8c45b7705dd4dba824855d9aeb0bd8d6dd9d12409944f4a9939e41a02cd7a790346e8593f259a853c32b5250c29c599d9e9b43f1047f4ac82f9b5affcc3a53ca6af4337952f0f67c2575aab11e568293163959715fd955f61d80ad146e6", @ANYRESDEC=r0], 0x8)
syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01) (async)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800) (async)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYRES16=r0, @ANYBLOB="341f24db2c68b048dfb8aa4d68e507b678e08382174b04e7e2d6024e3341797a309b2b17a380a547ec07f2ea8f8f1bfffaeead7e3ec44772197fcb2655cf85f749ec38c41eac9684647e6c0e34be15214af6e1748c98d5eb4f92e2f6a8ea233455c8c1000000", @ANYBLOB="ac2c9dc57a14a1a5e74234222ee1aea94630c39a4c9be72a587029d5510ae027250f30d7f4b99dbdbabe72a62d37e98fbcf9a6ed858bb8c34f0a8a64306cc4a0aeb146c51c6f817fa60f763cf3b3813422453d95f60f6c2ea0a97e65f805fe1d2736915779edb62e30c01ea665a127bd88f3993b854e62bce3fe4d1b56dd49f55b6d81261672ce09909fbbbf3a14a356d8c45b7705dd4dba824855d9aeb0bd8d6dd9d12409944f4a9939e41a02cd7a790346e8593f259a853c32b5250c29c599d9e9b43f1047f4ac82f9b5affcc3a53ca6af4337952f0f67c2575aab11e568293163959715fd955f61d80ad146e6", @ANYRESDEC=r0], 0x8) (async)

[ 2334.788227][T15356] Bluetooth: hci8: SCO packet for unknown connection handle 1024
[ 2334.852646][  T982] FAULT_INJECTION: forcing a failure.
[ 2334.852646][  T982] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2334.913908][  T982] CPU: 0 PID: 982 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2334.924395][  T982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2334.934479][  T982] Call Trace:
[ 2334.937791][  T982]  <TASK>
[ 2334.940751][  T982]  dump_stack_lvl+0xcd/0x134
[ 2334.945390][  T982]  should_fail.cold+0x5/0xa
[ 2334.949958][  T982]  _copy_from_user+0x2a/0x170
[ 2334.954858][  T982]  input_event_from_user+0x131/0x3a0
[ 2334.960189][  T982]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2334.966061][  T982]  evdev_write+0x356/0x760
[ 2334.970611][  T982]  ? evdev_read+0xe30/0xe30
[ 2334.975156][  T982]  ? apparmor_file_permission+0x264/0x4e0
[ 2334.980928][  T982]  ? bpf_lsm_file_permission+0x5/0x10
[ 2334.986444][  T982]  ? security_file_permission+0xab/0xd0
[ 2334.992038][  T982]  vfs_write+0x2d7/0xdd0
[ 2334.996349][  T982]  ? evdev_read+0xe30/0xe30
[ 2335.000884][  T982]  ? vfs_read+0x930/0x930
[ 2335.005241][  T982]  ? __fget_files+0x26a/0x440
[ 2335.009972][  T982]  ? __fget_light+0xe5/0x270
[ 2335.014600][  T982]  ksys_write+0x1e8/0x250
[ 2335.018969][  T982]  ? __ia32_sys_read+0xb0/0xb0
[ 2335.023925][  T982]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2335.029867][  T982]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2335.035961][  T982]  do_syscall_64+0x35/0xb0
[ 2335.040405][  T982]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2335.046400][  T982] RIP: 0033:0x7eff6688a649
[ 2335.050831][  T982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2335.070883][  T982] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2335.079310][  T982] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2335.087289][  T982] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2335.095283][  T982] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2335.103368][  T982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
13:51:43 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 81)

13:51:43 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000240000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:43 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=ANY=[], 0xa)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_reply={{0x32, 0x9}, {@none, 0x1, 0x8}}}, 0xc)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x16}, @l2cap_cid_le_signaling={{0x12}, @l2cap_ecred_reconf_req={{0x19, 0x20, 0xe}, {0x0, 0x36, [0x20, 0xff6e, 0xfff8, 0xfc01, 0xfe8]}}}}, 0x1b)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x38}, "e191ef04c101cc5d6cedccd52f519abb0e1412d5143cd943ee9fba5e93ca18276735b72c2062959da73d6a3dcb75e789e65525d572fe3afc"}, 0x3c)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xe8}, "0d2aa5c3cf91558fe90796b285e64c82c678da2df815983b8873a46b9290563dfa0495ff5eb149fbc356b7fbc854d1969b2166367e3993ae442d94f5b8e3872b8229d6717b5b42653eeb10835b592d3a127e807238bf541bd3c58fa312cefd711663b43eebceddfdab6b849afc611ef8f9ab92616c1b25f2b257129c9b66a62b50cf2970de1e14247398dd657479c34a0c950e4437bccc3b5f975e24b2c8b0bd74f2a02c0fbc0468cd3561eb0cb86732133483ad2fd8a75a3db97c4c9ef5f54563a915a70dd9660d4ae28fb13f97b8cbb138db18ab526c553bcf6e80825f9bec9c0a958b32fff3e1"}, 0xec)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x22}, "60f99db7f27d0c826994d1f184fc1e3a463a28dda77de65e3b91c376be3524e3e086"}, 0x26)
syz_emit_vhci(&(0x7f0000000040)=ANY=[], 0xa) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_reply={{0x32, 0x9}, {@none, 0x1, 0x8}}}, 0xc) (async)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x16}, @l2cap_cid_le_signaling={{0x12}, @l2cap_ecred_reconf_req={{0x19, 0x20, 0xe}, {0x0, 0x36, [0x20, 0xff6e, 0xfff8, 0xfc01, 0xfe8]}}}}, 0x1b) (async)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x38}, "e191ef04c101cc5d6cedccd52f519abb0e1412d5143cd943ee9fba5e93ca18276735b72c2062959da73d6a3dcb75e789e65525d572fe3afc"}, 0x3c) (async)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xe8}, "0d2aa5c3cf91558fe90796b285e64c82c678da2df815983b8873a46b9290563dfa0495ff5eb149fbc356b7fbc854d1969b2166367e3993ae442d94f5b8e3872b8229d6717b5b42653eeb10835b592d3a127e807238bf541bd3c58fa312cefd711663b43eebceddfdab6b849afc611ef8f9ab92616c1b25f2b257129c9b66a62b50cf2970de1e14247398dd657479c34a0c950e4437bccc3b5f975e24b2c8b0bd74f2a02c0fbc0468cd3561eb0cb86732133483ad2fd8a75a3db97c4c9ef5f54563a915a70dd9660d4ae28fb13f97b8cbb138db18ab526c553bcf6e80825f9bec9c0a958b32fff3e1"}, 0xec) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x22}, "60f99db7f27d0c826994d1f184fc1e3a463a28dda77de65e3b91c376be3524e3e086"}, 0x26) (async)

13:51:43 executing program 1:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_LAST_MEMBER_INTVL={0xc, 0x2e, 0xfeffffffffffffff}]}}}]}, 0x40}}, 0x0)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_LAST_MEMBER_INTVL={0xc, 0x2e, 0xfeffffffffffffff}]}}}]}, 0x40}}, 0x0) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)

13:51:43 executing program 5:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001fff00989800f082138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0xfffffffffffff000)

[ 2335.111352][  T982] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2335.119350][  T982]  </TASK>
13:51:43 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="1cb6"], 0x8)

13:51:43 executing program 1:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_LAST_MEMBER_INTVL={0xc, 0x2e, 0xfeffffffffffffff}]}}}]}, 0x40}}, 0x0) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

13:51:43 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=ANY=[], 0xa) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_reply={{0x32, 0x9}, {@none, 0x1, 0x8}}}, 0xc) (async)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x16}, @l2cap_cid_le_signaling={{0x12}, @l2cap_ecred_reconf_req={{0x19, 0x20, 0xe}, {0x0, 0x36, [0x20, 0xff6e, 0xfff8, 0xfc01, 0xfe8]}}}}, 0x1b)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x38}, "e191ef04c101cc5d6cedccd52f519abb0e1412d5143cd943ee9fba5e93ca18276735b72c2062959da73d6a3dcb75e789e65525d572fe3afc"}, 0x3c) (async)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xe8}, "0d2aa5c3cf91558fe90796b285e64c82c678da2df815983b8873a46b9290563dfa0495ff5eb149fbc356b7fbc854d1969b2166367e3993ae442d94f5b8e3872b8229d6717b5b42653eeb10835b592d3a127e807238bf541bd3c58fa312cefd711663b43eebceddfdab6b849afc611ef8f9ab92616c1b25f2b257129c9b66a62b50cf2970de1e14247398dd657479c34a0c950e4437bccc3b5f975e24b2c8b0bd74f2a02c0fbc0468cd3561eb0cb86732133483ad2fd8a75a3db97c4c9ef5f54563a915a70dd9660d4ae28fb13f97b8cbb138db18ab526c553bcf6e80825f9bec9c0a958b32fff3e1"}, 0xec)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x22}, "60f99db7f27d0c826994d1f184fc1e3a463a28dda77de65e3b91c376be3524e3e086"}, 0x26)

13:51:43 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000260000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:43 executing program 1:
add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="040e6e07c830ab"], 0x7)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x3, 0x65}, @l2cap_cid_signaling={{0x61}, [@l2cap_disconn_rsp={{0x7, 0x6, 0x4}, {0x7fff, 0x3}}, @l2cap_info_rsp={{0xb, 0x3f, 0x3f}, {0xfff, 0x6, "39bb2446b2b6a032b41f5285ab228a87eb4723b432161bfc352853b63950ed8bcef831da54143a48d64c4f2930a1085b95bd3f79d476c0104dcb62"}}, @l2cap_move_chan_rsp={{0xf, 0x3f, 0x4}, {0x1000, 0x8}}, @l2cap_cmd_rej_unk={{0x1, 0xff, 0x2}, {0x401}}, @l2cap_disconn_rsp={{0x7, 0x9, 0x4}, {0x1, 0x101}}]}}, 0x6a)

[ 2335.220756][ T1022] FAULT_INJECTION: forcing a failure.
[ 2335.220756][ T1022] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2335.266892][ T1022] CPU: 1 PID: 1022 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2335.277288][ T1022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2335.287403][ T1022] Call Trace:
[ 2335.290714][ T1022]  <TASK>
[ 2335.293676][ T1022]  dump_stack_lvl+0xcd/0x134
[ 2335.298406][ T1022]  should_fail.cold+0x5/0xa
[ 2335.302969][ T1022]  _copy_from_user+0x2a/0x170
[ 2335.307695][ T1022]  input_event_from_user+0x131/0x3a0
[ 2335.313027][ T1022]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2335.318894][ T1022]  evdev_write+0x356/0x760
[ 2335.323368][ T1022]  ? evdev_read+0xe30/0xe30
[ 2335.327905][ T1022]  ? apparmor_file_permission+0x264/0x4e0
[ 2335.333755][ T1022]  ? bpf_lsm_file_permission+0x5/0x10
[ 2335.339180][ T1022]  ? security_file_permission+0xab/0xd0
[ 2335.344781][ T1022]  vfs_write+0x2d7/0xdd0
[ 2335.349072][ T1022]  ? evdev_read+0xe30/0xe30
[ 2335.353704][ T1022]  ? vfs_read+0x930/0x930
[ 2335.358081][ T1022]  ? __fget_files+0x26a/0x440
[ 2335.362817][ T1022]  ? __fget_light+0xe5/0x270
[ 2335.367456][ T1022]  ksys_write+0x1e8/0x250
[ 2335.371835][ T1022]  ? __ia32_sys_read+0xb0/0xb0
[ 2335.376638][ T1022]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2335.382646][ T1022]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2335.388569][ T1022]  do_syscall_64+0x35/0xb0
[ 2335.393014][ T1022]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2335.398944][ T1022] RIP: 0033:0x7eff6688a649
[ 2335.403378][ T1022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2335.423087][ T1022] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2335.431519][ T1022] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2335.439503][ T1022] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2335.447500][ T1022] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2335.455512][ T1022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
13:51:43 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="1cb6"], 0x8)

13:51:43 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000280000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2335.463499][ T1022] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2335.471702][ T1022]  </TASK>
13:51:43 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 82)

13:51:43 executing program 1:
add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="040e6e07c830ab"], 0x7) (async)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x3, 0x65}, @l2cap_cid_signaling={{0x61}, [@l2cap_disconn_rsp={{0x7, 0x6, 0x4}, {0x7fff, 0x3}}, @l2cap_info_rsp={{0xb, 0x3f, 0x3f}, {0xfff, 0x6, "39bb2446b2b6a032b41f5285ab228a87eb4723b432161bfc352853b63950ed8bcef831da54143a48d64c4f2930a1085b95bd3f79d476c0104dcb62"}}, @l2cap_move_chan_rsp={{0xf, 0x3f, 0x4}, {0x1000, 0x8}}, @l2cap_cmd_rej_unk={{0x1, 0xff, 0x2}, {0x401}}, @l2cap_disconn_rsp={{0x7, 0x9, 0x4}, {0x1, 0x101}}]}}, 0x6a)

13:51:43 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="1cb6"], 0x8)

13:51:43 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000001400000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:43 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x6b}, "5692373776c7a97d5528541368c2b2858b59ccd0ecbe5f435ff05e95a34d766ebdf27bab36e8fc4fe433a51ece897ed97c812d99f602272ef7caece904db91e46aa12cae5d7f3891df9865babf473bfcab0bc41a3129d87c12f28e71110988c4944fe6dbb11b9fa04d5c17"}, 0x6f)

13:51:44 executing program 4:
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="6d5f1912b86dc75c353283153fc471e72ac3b7132cb52c5ab0889a58a0dd8d2aec58bf5683b6f192d2bff0384245790e123a0126aa038ab0fd2fe50126ef9ff7ce43e877dfebd15816f9ad65562eba7966", @ANYRESHEX], 0x8)

13:51:44 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000065580000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:44 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x6b}, "5692373776c7a97d5528541368c2b2858b59ccd0ecbe5f435ff05e95a34d766ebdf27bab36e8fc4fe433a51ece897ed97c812d99f602272ef7caece904db91e46aa12cae5d7f3891df9865babf473bfcab0bc41a3129d87c12f28e71110988c4944fe6dbb11b9fa04d5c17"}, 0x6f)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa) (async)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x6b}, "5692373776c7a97d5528541368c2b2858b59ccd0ecbe5f435ff05e95a34d766ebdf27bab36e8fc4fe433a51ece897ed97c812d99f602272ef7caece904db91e46aa12cae5d7f3891df9865babf473bfcab0bc41a3129d87c12f28e71110988c4944fe6dbb11b9fa04d5c17"}, 0x6f) (async)

13:51:44 executing program 1:
add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="040e6e07c830ab"], 0x7) (async)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x3, 0x65}, @l2cap_cid_signaling={{0x61}, [@l2cap_disconn_rsp={{0x7, 0x6, 0x4}, {0x7fff, 0x3}}, @l2cap_info_rsp={{0xb, 0x3f, 0x3f}, {0xfff, 0x6, "39bb2446b2b6a032b41f5285ab228a87eb4723b432161bfc352853b63950ed8bcef831da54143a48d64c4f2930a1085b95bd3f79d476c0104dcb62"}}, @l2cap_move_chan_rsp={{0xf, 0x3f, 0x4}, {0x1000, 0x8}}, @l2cap_cmd_rej_unk={{0x1, 0xff, 0x2}, {0x401}}, @l2cap_disconn_rsp={{0x7, 0x9, 0x4}, {0x1, 0x101}}]}}, 0x6a)

[ 2335.724125][ T1043] FAULT_INJECTION: forcing a failure.
[ 2335.724125][ T1043] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2335.806458][ T1043] CPU: 0 PID: 1043 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2335.816863][ T1043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2335.826954][ T1043] Call Trace:
[ 2335.830271][ T1043]  <TASK>
[ 2335.833235][ T1043]  dump_stack_lvl+0xcd/0x134
[ 2335.837875][ T1043]  should_fail.cold+0x5/0xa
[ 2335.842432][ T1043]  _copy_from_user+0x2a/0x170
[ 2335.847251][ T1043]  input_event_from_user+0x131/0x3a0
[ 2335.852588][ T1043]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2335.858459][ T1043]  evdev_write+0x356/0x760
[ 2335.863024][ T1043]  ? evdev_read+0xe30/0xe30
[ 2335.868085][ T1043]  ? apparmor_file_permission+0x264/0x4e0
[ 2335.873855][ T1043]  ? bpf_lsm_file_permission+0x5/0x10
[ 2335.879321][ T1043]  ? security_file_permission+0xab/0xd0
[ 2335.884947][ T1043]  vfs_write+0x2d7/0xdd0
[ 2335.889237][ T1043]  ? evdev_read+0xe30/0xe30
[ 2335.893876][ T1043]  ? vfs_read+0x930/0x930
[ 2335.898267][ T1043]  ? __fget_files+0x26a/0x440
[ 2335.902993][ T1043]  ? __fget_light+0xe5/0x270
[ 2335.907637][ T1043]  ksys_write+0x1e8/0x250
[ 2335.912001][ T1043]  ? __ia32_sys_read+0xb0/0xb0
[ 2335.916799][ T1043]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2335.922727][ T1043]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2335.928648][ T1043]  do_syscall_64+0x35/0xb0
[ 2335.933083][ T1043]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2335.938994][ T1043] RIP: 0033:0x7eff6688a649
[ 2335.943429][ T1043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2335.963067][ T1043] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2335.971605][ T1043] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2335.979597][ T1043] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2335.987579][ T1043] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2335.995576][ T1043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
13:51:44 executing program 1:
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00')
syz_emit_vhci(&(0x7f0000000240)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x1, 0x116}, @l2cap_cid_signaling={{0x112}, [@l2cap_conn_rsp={{0x3, 0x49, 0x8}, {0x200, 0x1, 0x7b9, 0x7}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}, {0x2, 0x7d}}, @l2cap_info_rsp={{0xb, 0x8, 0xd8}, {0x2583, 0x3, "e83f97cc54f64eb338a144309d29235495ea3e31221ce97b2d122977b08e9c01bb1a13475da70e723bc53b507e7726d8630f5358fd29af2bcce84c5dd734fc22ea355012743e453635e32eca5c4a5212c670a43d90b69be3da02e028816f0fc6df0d857fa3855ab5d857abb4af6daa9f37356dfacc68f4d2a2bad91f9a4b836c406aac2ff4ed99d3d70a20ddce73df1bb041a8a9a678ebd01aae833bf3d716e781a5125a64a9b01ad7a6f44ee78cf74292dd917651d4585786fd9d05d792be2398851dee92a8d647834a75875b44005e850ba91a"}}, @l2cap_create_chan_rsp={{0xd, 0xff, 0x8}, {0x7, 0x1, 0xfffd, 0x5}}, @l2cap_create_chan_req={{0xc, 0x1f, 0x5}, {0x9, 0xe6, 0x6}}, @l2cap_move_chan_cfm={{0x10, 0xfe, 0x4}, {0x3, 0x731}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x20, 0x2}, {0x1}}]}}, 0x11b)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
setxattr$trusted_overlay_origin(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), &(0x7f0000000140), 0x2, 0x2)

13:51:44 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000600000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:44 executing program 4:
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="6d5f1912b86dc75c353283153fc471e72ac3b7132cb52c5ab0889a58a0dd8d2aec58bf5683b6f192d2bff0384245790e123a0126aa038ab0fd2fe50126ef9ff7ce43e877dfebd15816f9ad65562eba7966", @ANYRESHEX], 0x8)

[ 2336.003563][ T1043] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2336.011650][ T1043]  </TASK>
13:51:44 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 83)

13:51:44 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000058650000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:44 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa) (async)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x6b}, "5692373776c7a97d5528541368c2b2858b59ccd0ecbe5f435ff05e95a34d766ebdf27bab36e8fc4fe433a51ece897ed97c812d99f602272ef7caece904db91e46aa12cae5d7f3891df9865babf473bfcab0bc41a3129d87c12f28e71110988c4944fe6dbb11b9fa04d5c17"}, 0x6f)

13:51:44 executing program 1:
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00')
syz_emit_vhci(&(0x7f0000000240)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x1, 0x116}, @l2cap_cid_signaling={{0x112}, [@l2cap_conn_rsp={{0x3, 0x49, 0x8}, {0x200, 0x1, 0x7b9, 0x7}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}, {0x2, 0x7d}}, @l2cap_info_rsp={{0xb, 0x8, 0xd8}, {0x2583, 0x3, "e83f97cc54f64eb338a144309d29235495ea3e31221ce97b2d122977b08e9c01bb1a13475da70e723bc53b507e7726d8630f5358fd29af2bcce84c5dd734fc22ea355012743e453635e32eca5c4a5212c670a43d90b69be3da02e028816f0fc6df0d857fa3855ab5d857abb4af6daa9f37356dfacc68f4d2a2bad91f9a4b836c406aac2ff4ed99d3d70a20ddce73df1bb041a8a9a678ebd01aae833bf3d716e781a5125a64a9b01ad7a6f44ee78cf74292dd917651d4585786fd9d05d792be2398851dee92a8d647834a75875b44005e850ba91a"}}, @l2cap_create_chan_rsp={{0xd, 0xff, 0x8}, {0x7, 0x1, 0xfffd, 0x5}}, @l2cap_create_chan_req={{0xc, 0x1f, 0x5}, {0x9, 0xe6, 0x6}}, @l2cap_move_chan_cfm={{0x10, 0xfe, 0x4}, {0x3, 0x731}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x20, 0x2}, {0x1}}]}}, 0x11b)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
setxattr$trusted_overlay_origin(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), &(0x7f0000000140), 0x2, 0x2)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00') (async)
syz_emit_vhci(&(0x7f0000000240)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x1, 0x116}, @l2cap_cid_signaling={{0x112}, [@l2cap_conn_rsp={{0x3, 0x49, 0x8}, {0x200, 0x1, 0x7b9, 0x7}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}, {0x2, 0x7d}}, @l2cap_info_rsp={{0xb, 0x8, 0xd8}, {0x2583, 0x3, "e83f97cc54f64eb338a144309d29235495ea3e31221ce97b2d122977b08e9c01bb1a13475da70e723bc53b507e7726d8630f5358fd29af2bcce84c5dd734fc22ea355012743e453635e32eca5c4a5212c670a43d90b69be3da02e028816f0fc6df0d857fa3855ab5d857abb4af6daa9f37356dfacc68f4d2a2bad91f9a4b836c406aac2ff4ed99d3d70a20ddce73df1bb041a8a9a678ebd01aae833bf3d716e781a5125a64a9b01ad7a6f44ee78cf74292dd917651d4585786fd9d05d792be2398851dee92a8d647834a75875b44005e850ba91a"}}, @l2cap_create_chan_rsp={{0xd, 0xff, 0x8}, {0x7, 0x1, 0xfffd, 0x5}}, @l2cap_create_chan_req={{0xc, 0x1f, 0x5}, {0x9, 0xe6, 0x6}}, @l2cap_move_chan_cfm={{0x10, 0xfe, 0x4}, {0x3, 0x731}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x20, 0x2}, {0x1}}]}}, 0x11b) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2) (async)
setxattr$trusted_overlay_origin(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), &(0x7f0000000140), 0x2, 0x2) (async)

13:51:44 executing program 4:
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="6d5f1912b86dc75c353283153fc471e72ac3b7132cb52c5ab0889a58a0dd8d2aec58bf5683b6f192d2bff0384245790e123a0126aa038ab0fd2fe50126ef9ff7ce43e877dfebd15816f9ad65562eba7966", @ANYRESHEX], 0x8)

13:51:44 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)

13:51:44 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x6, 0xc9, 0x4}}}, 0x7)

13:51:44 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000fe800000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:44 executing program 1:
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00')
syz_emit_vhci(&(0x7f0000000240)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x1, 0x116}, @l2cap_cid_signaling={{0x112}, [@l2cap_conn_rsp={{0x3, 0x49, 0x8}, {0x200, 0x1, 0x7b9, 0x7}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}, {0x2, 0x7d}}, @l2cap_info_rsp={{0xb, 0x8, 0xd8}, {0x2583, 0x3, "e83f97cc54f64eb338a144309d29235495ea3e31221ce97b2d122977b08e9c01bb1a13475da70e723bc53b507e7726d8630f5358fd29af2bcce84c5dd734fc22ea355012743e453635e32eca5c4a5212c670a43d90b69be3da02e028816f0fc6df0d857fa3855ab5d857abb4af6daa9f37356dfacc68f4d2a2bad91f9a4b836c406aac2ff4ed99d3d70a20ddce73df1bb041a8a9a678ebd01aae833bf3d716e781a5125a64a9b01ad7a6f44ee78cf74292dd917651d4585786fd9d05d792be2398851dee92a8d647834a75875b44005e850ba91a"}}, @l2cap_create_chan_rsp={{0xd, 0xff, 0x8}, {0x7, 0x1, 0xfffd, 0x5}}, @l2cap_create_chan_req={{0xc, 0x1f, 0x5}, {0x9, 0xe6, 0x6}}, @l2cap_move_chan_cfm={{0x10, 0xfe, 0x4}, {0x3, 0x731}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x20, 0x2}, {0x1}}]}}, 0x11b) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
setxattr$trusted_overlay_origin(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), &(0x7f0000000140), 0x2, 0x2)

[ 2336.204249][ T1077] FAULT_INJECTION: forcing a failure.
[ 2336.204249][ T1077] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2336.246533][ T1077] CPU: 0 PID: 1077 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2336.256926][ T1077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2336.267012][ T1077] Call Trace:
[ 2336.270321][ T1077]  <TASK>
[ 2336.273286][ T1077]  dump_stack_lvl+0xcd/0x134
[ 2336.277943][ T1077]  should_fail.cold+0x5/0xa
[ 2336.282504][ T1077]  _copy_from_user+0x2a/0x170
[ 2336.287325][ T1077]  input_event_from_user+0x131/0x3a0
[ 2336.292662][ T1077]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2336.298534][ T1077]  evdev_write+0x356/0x760
[ 2336.303089][ T1077]  ? evdev_read+0xe30/0xe30
[ 2336.307634][ T1077]  ? apparmor_file_permission+0x264/0x4e0
[ 2336.313409][ T1077]  ? bpf_lsm_file_permission+0x5/0x10
[ 2336.318828][ T1077]  ? security_file_permission+0xab/0xd0
[ 2336.324432][ T1077]  vfs_write+0x2d7/0xdd0
[ 2336.328716][ T1077]  ? evdev_read+0xe30/0xe30
[ 2336.333256][ T1077]  ? vfs_read+0x930/0x930
[ 2336.337649][ T1077]  ? __fget_files+0x26a/0x440
[ 2336.342374][ T1077]  ? __fget_light+0xe5/0x270
[ 2336.347009][ T1077]  ksys_write+0x1e8/0x250
[ 2336.351362][ T1077]  ? __ia32_sys_read+0xb0/0xb0
[ 2336.356158][ T1077]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2336.362095][ T1077]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2336.368036][ T1077]  do_syscall_64+0x35/0xb0
[ 2336.372489][ T1077]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2336.378425][ T1077] RIP: 0033:0x7eff6688a649
[ 2336.382869][ T1077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2336.402494][ T1077] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2336.410945][ T1077] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2336.418930][ T1077] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2336.426930][ T1077] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2336.434928][ T1077] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2336.442940][ T1077] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2336.450944][ T1077]  </TASK>
13:51:44 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x6, 0xc9, 0x4}}}, 0x7)

13:51:44 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2) (async)

13:51:44 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000810000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:44 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 84)

13:51:44 executing program 1:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYRES32], 0x88)
syz_emit_vhci(&(0x7f0000000140)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none, 0x1}}}, 0xd)
syz_emit_vhci(&(0x7f0000000200)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_reconf_req={{0x19, 0x5, 0x8}, {0x8, 0x0, [0x1f, 0x5]}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="04030b081002096d2e37b806000000000000bee9e16d3afb40c1b7c9c7734f2938b99241640e2d000080d80200000054adb8eff2d395dd5a72f2f037e730d7c696ef192610b918ea0f2a1a3c54a7000000a468000000000000000000"], 0xe)

13:51:44 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x6, 0xc9, 0x4}}}, 0x7)

[ 2336.564349][ T1092] FAULT_INJECTION: forcing a failure.
[ 2336.564349][ T1092] name fail_usercopy, interval 1, probability 0, space 0, times 0
13:51:44 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)

13:51:44 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000870000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:44 executing program 1:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYRES32], 0x88)
syz_emit_vhci(&(0x7f0000000140)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none, 0x1}}}, 0xd)
syz_emit_vhci(&(0x7f0000000200)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_reconf_req={{0x19, 0x5, 0x8}, {0x8, 0x0, [0x1f, 0x5]}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="04030b081002096d2e37b806000000000000bee9e16d3afb40c1b7c9c7734f2938b99241640e2d000080d80200000054adb8eff2d395dd5a72f2f037e730d7c696ef192610b918ea0f2a1a3c54a7000000a468000000000000000000"], 0xe)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYRES32], 0x88) (async)
syz_emit_vhci(&(0x7f0000000140)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2) (async)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_VENDOR_PKT, 0x2) (async)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none, 0x1}}}, 0xd) (async)
syz_emit_vhci(&(0x7f0000000200)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_reconf_req={{0x19, 0x5, 0x8}, {0x8, 0x0, [0x1f, 0x5]}}}}, 0x15) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2) (async)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="04030b081002096d2e37b806000000000000bee9e16d3afb40c1b7c9c7734f2938b99241640e2d000080d80200000054adb8eff2d395dd5a72f2f037e730d7c696ef192610b918ea0f2a1a3c54a7000000a468000000000000000000"], 0xe) (async)

[ 2336.641995][ T1092] CPU: 0 PID: 1092 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2336.652404][ T1092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2336.662497][ T1092] Call Trace:
[ 2336.665806][ T1092]  <TASK>
[ 2336.668764][ T1092]  dump_stack_lvl+0xcd/0x134
[ 2336.673402][ T1092]  should_fail.cold+0x5/0xa
[ 2336.678043][ T1092]  _copy_from_user+0x2a/0x170
[ 2336.682770][ T1092]  input_event_from_user+0x131/0x3a0
[ 2336.688101][ T1092]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2336.693971][ T1092]  evdev_write+0x356/0x760
[ 2336.698436][ T1092]  ? evdev_read+0xe30/0xe30
[ 2336.703065][ T1092]  ? apparmor_file_permission+0x264/0x4e0
[ 2336.708829][ T1092]  ? bpf_lsm_file_permission+0x5/0x10
[ 2336.714338][ T1092]  ? security_file_permission+0xab/0xd0
[ 2336.719943][ T1092]  vfs_write+0x2d7/0xdd0
[ 2336.724231][ T1092]  ? evdev_read+0xe30/0xe30
[ 2336.728759][ T1092]  ? vfs_read+0x930/0x930
[ 2336.733199][ T1092]  ? __fget_files+0x26a/0x440
[ 2336.737910][ T1092]  ? __fget_light+0xe5/0x270
[ 2336.742520][ T1092]  ksys_write+0x1e8/0x250
[ 2336.746884][ T1092]  ? __ia32_sys_read+0xb0/0xb0
[ 2336.751666][ T1092]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2336.758365][ T1092]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2336.764285][ T1092]  do_syscall_64+0x35/0xb0
[ 2336.768719][ T1092]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2336.774636][ T1092] RIP: 0033:0x7eff6688a649
[ 2336.779061][ T1092] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2336.798681][ T1092] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2336.807121][ T1092] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2336.815285][ T1092] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2336.823272][ T1092] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2336.831254][ T1092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
13:51:45 executing program 1:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYRES32], 0x88) (async, rerun: 32)
syz_emit_vhci(&(0x7f0000000140)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2) (rerun: 32)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2) (async)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_VENDOR_PKT, 0x2) (async)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none, 0x1}}}, 0xd)
syz_emit_vhci(&(0x7f0000000200)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_reconf_req={{0x19, 0x5, 0x8}, {0x8, 0x0, [0x1f, 0x5]}}}}, 0x15) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="04030b081002096d2e37b806000000000000bee9e16d3afb40c1b7c9c7734f2938b99241640e2d000080d80200000054adb8eff2d395dd5a72f2f037e730d7c696ef192610b918ea0f2a1a3c54a7000000a468000000000000000000"], 0xe)

13:51:45 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @inquiry_info={{0x2, 0x1}}}, 0x4)

13:51:45 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000002af0000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2336.839245][ T1092] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2336.847241][ T1092]  </TASK>
13:51:45 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @inquiry_info={{0x2, 0x1}}}, 0x4)

13:51:45 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0x0, 0x72}, "4f092f1301b45074d7c4d8e038abe9f1ec5f1ab1f7bc965e2bb5bedd821172906ea361d91469e3dca2a506ae1afceb137a897bf1990f4dc05d0c3b44a35a57a43334a7a02e421205e2d9d578792ea4e420c24e07b4e1f57b07d5099cba8df3324c2eeeb59572d1bba800652ddaf66940d631"}, 0x76)

13:51:45 executing program 1:
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="02c97000000000010004080080050093fe0100000207007de03520a0d1a774dd66e8cf5c04000389002400ffffffffffffffff00200225bd00000000800000008b0100002700001002000700020700000400cc0010220300000700"], 0xfffffdaf)

13:51:45 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 85)

13:51:45 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000bd0000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:45 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @inquiry_info={{0x2, 0x1}}}, 0x4)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @inquiry_info={{0x2, 0x1}}}, 0x4) (async)

13:51:45 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0x0, 0x72}, "4f092f1301b45074d7c4d8e038abe9f1ec5f1ab1f7bc965e2bb5bedd821172906ea361d91469e3dca2a506ae1afceb137a897bf1990f4dc05d0c3b44a35a57a43334a7a02e421205e2d9d578792ea4e420c24e07b4e1f57b07d5099cba8df3324c2eeeb59572d1bba800652ddaf66940d631"}, 0x76)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0x0, 0x72}, "4f092f1301b45074d7c4d8e038abe9f1ec5f1ab1f7bc965e2bb5bedd821172906ea361d91469e3dca2a506ae1afceb137a897bf1990f4dc05d0c3b44a35a57a43334a7a02e421205e2d9d578792ea4e420c24e07b4e1f57b07d5099cba8df3324c2eeeb59572d1bba800652ddaf66940d631"}, 0x76) (async)

13:51:45 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @HCI_EV_INQUIRY_COMPLETE={{0x1, 0x1}, 0x3f}}, 0x4)

13:51:45 executing program 1:
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="02c97000000000010004080080050093fe0100000207007de03520a0d1a774dd66e8cf5c04000389002400ffffffffffffffff00200225bd00000000800000008b0100002700001002000700020700000400cc0010220300000700"], 0xfffffdaf)

13:51:45 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0x0, 0x72}, "4f092f1301b45074d7c4d8e038abe9f1ec5f1ab1f7bc965e2bb5bedd821172906ea361d91469e3dca2a506ae1afceb137a897bf1990f4dc05d0c3b44a35a57a43334a7a02e421205e2d9d578792ea4e420c24e07b4e1f57b07d5099cba8df3324c2eeeb59572d1bba800652ddaf66940d631"}, 0x76)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0x0, 0x72}, "4f092f1301b45074d7c4d8e038abe9f1ec5f1ab1f7bc965e2bb5bedd821172906ea361d91469e3dca2a506ae1afceb137a897bf1990f4dc05d0c3b44a35a57a43334a7a02e421205e2d9d578792ea4e420c24e07b4e1f57b07d5099cba8df3324c2eeeb59572d1bba800652ddaf66940d631"}, 0x76) (async)

13:51:45 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000fec00000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2336.977756][T15356] Bluetooth: hci8: SCO packet for unknown connection handle 0
[ 2337.029287][ T1131] FAULT_INJECTION: forcing a failure.
[ 2337.029287][ T1131] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2337.060368][T15356] Bluetooth: hci8: SCO packet for unknown connection handle 0
13:51:45 executing program 1:
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="02c97000000000010004080080050093fe0100000207007de03520a0d1a774dd66e8cf5c04000389002400ffffffffffffffff00200225bd00000000800000008b0100002700001002000700020700000400cc0010220300000700"], 0xfffffdaf)

13:51:45 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @HCI_EV_INQUIRY_COMPLETE={{0x1, 0x1}, 0x3f}}, 0x4)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @HCI_EV_INQUIRY_COMPLETE={{0x1, 0x1}, 0x3f}}, 0x4) (async)

[ 2337.062492][T15356] Bluetooth: hci8: SCO packet for unknown connection handle 0
[ 2337.096099][ T1131] CPU: 0 PID: 1131 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2337.113996][ T1131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2337.124086][ T1131] Call Trace:
[ 2337.127393][ T1131]  <TASK>
[ 2337.130367][ T1131]  dump_stack_lvl+0xcd/0x134
[ 2337.135014][ T1131]  should_fail.cold+0x5/0xa
[ 2337.139613][ T1131]  _copy_from_user+0x2a/0x170
[ 2337.144428][ T1131]  input_event_from_user+0x131/0x3a0
[ 2337.149761][ T1131]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2337.155719][ T1131]  evdev_write+0x356/0x760
[ 2337.160187][ T1131]  ? evdev_read+0xe30/0xe30
[ 2337.164730][ T1131]  ? apparmor_file_permission+0x264/0x4e0
[ 2337.170518][ T1131]  ? bpf_lsm_file_permission+0x5/0x10
[ 2337.171983][T15356] Bluetooth: hci8: SCO packet for unknown connection handle 0
[ 2337.175921][ T1131]  ? security_file_permission+0xab/0xd0
[ 2337.175970][ T1131]  vfs_write+0x2d7/0xdd0
13:51:45 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0xa}, @hci_ev_le_conn_update_complete={{}, {0x0, 0xc9, 0x2, 0x1ff, 0xaed}}}}, 0xd)

[ 2337.175999][ T1131]  ? evdev_read+0xe30/0xe30
[ 2337.184087][T15356] Bluetooth: hci8: SCO packet for unknown connection handle 0
[ 2337.189161][ T1131]  ? vfs_read+0x930/0x930
[ 2337.209786][ T1131]  ? __fget_files+0x26a/0x440
[ 2337.214520][ T1131]  ? __fget_light+0xe5/0x270
[ 2337.219166][ T1131]  ksys_write+0x1e8/0x250
[ 2337.223550][ T1131]  ? __ia32_sys_read+0xb0/0xb0
[ 2337.228358][ T1131]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2337.234314][ T1131]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2337.240354][ T1131]  do_syscall_64+0x35/0xb0
[ 2337.244829][ T1131]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2337.250767][ T1131] RIP: 0033:0x7eff6688a649
[ 2337.255218][ T1131] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2337.275135][ T1131] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2337.283777][ T1131] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
13:51:45 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000001c60000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2337.291784][ T1131] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2337.299839][ T1131] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2337.307853][ T1131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2337.315870][ T1131] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2337.323895][ T1131]  </TASK>
13:51:45 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 86)

13:51:45 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x9f}, "25c8bfec6b836de1f21a0c4cb04ad4f6be00151d3cc20652619f255985e076c54286d9506723135efed87aa4fbd2210f10f34afdda727169c6f3a8f59ed8d539a3806dbaf2571b760421b0179b36b76ac7f0fe22b87fe7fe54d0f2740bc8ce42c731acff7e33ecef1bea41eeca753b3f9d611a58dc05d5317fa602af95bbc1f40cdbe86368549ac67255507cd4cedda2419d7519e121de106b3482261f593c"}, 0xa3)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0x1a}, @l2cap_cid_signaling={{0x16}, [@l2cap_move_chan_cfm={{0x10, 0x94, 0x4}, {0x6, 0xff}}, @l2cap_move_chan_cfm={{0x10, 0x7, 0x4}, {0x1f, 0xfff}}, @l2cap_cmd_rej_unk={{0x1, 0x7f, 0x2}, {0x7f}}]}}, 0x1f)

13:51:45 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @HCI_EV_INQUIRY_COMPLETE={{0x1, 0x1}, 0x3f}}, 0x4)

13:51:45 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0xa}, @hci_ev_le_conn_update_complete={{}, {0x0, 0xc9, 0x2, 0x1ff, 0xaed}}}}, 0xd)

13:51:45 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000cb0000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:45 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x9f}, "25c8bfec6b836de1f21a0c4cb04ad4f6be00151d3cc20652619f255985e076c54286d9506723135efed87aa4fbd2210f10f34afdda727169c6f3a8f59ed8d539a3806dbaf2571b760421b0179b36b76ac7f0fe22b87fe7fe54d0f2740bc8ce42c731acff7e33ecef1bea41eeca753b3f9d611a58dc05d5317fa602af95bbc1f40cdbe86368549ac67255507cd4cedda2419d7519e121de106b3482261f593c"}, 0xa3) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0x1a}, @l2cap_cid_signaling={{0x16}, [@l2cap_move_chan_cfm={{0x10, 0x94, 0x4}, {0x6, 0xff}}, @l2cap_move_chan_cfm={{0x10, 0x7, 0x4}, {0x1f, 0xfff}}, @l2cap_cmd_rej_unk={{0x1, 0x7f, 0x2}, {0x7f}}]}}, 0x1f)

13:51:45 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0xa}, @hci_ev_le_conn_update_complete={{}, {0x0, 0xc9, 0x2, 0x1ff, 0xaed}}}}, 0xd)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0xa}, @hci_ev_le_conn_update_complete={{}, {0x0, 0xc9, 0x2, 0x1ff, 0xaed}}}}, 0xd) (async)

[ 2337.453408][ T1167] FAULT_INJECTION: forcing a failure.
[ 2337.453408][ T1167] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2337.472384][ T1167] CPU: 1 PID: 1167 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2337.482775][ T1167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2337.492862][ T1167] Call Trace:
[ 2337.496177][ T1167]  <TASK>
[ 2337.499134][ T1167]  dump_stack_lvl+0xcd/0x134
13:51:45 executing program 3:
renameat2(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x2)
symlink(&(0x7f00000000c0)='.\x00', &(0x7f0000000100)='./file0\x00')
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES16=0x0], 0xa)

[ 2337.503768][ T1167]  should_fail.cold+0x5/0xa
[ 2337.508588][ T1167]  _copy_from_user+0x2a/0x170
[ 2337.513401][ T1167]  input_event_from_user+0x131/0x3a0
[ 2337.518825][ T1167]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2337.524692][ T1167]  evdev_write+0x356/0x760
[ 2337.529343][ T1167]  ? evdev_read+0xe30/0xe30
[ 2337.533877][ T1167]  ? apparmor_file_permission+0x264/0x4e0
[ 2337.539646][ T1167]  ? bpf_lsm_file_permission+0x5/0x10
[ 2337.545057][ T1167]  ? security_file_permission+0xab/0xd0
13:51:45 executing program 4:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800)
r1 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r1, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010)
r2 = socket$netlink(0x10, 0x3, 0x0)
writev(r2, &(0x7f0000000000)=[{&(0x7f0000000080)="390000001300090468fe0700000000000000ff3f04000000480100100000000004002b000a00010014a4ee1ee438d2fd000000000000007200", 0x39}], 0x1)
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000040)="3900000013001118680907070000000f0000ff3f04000000170a001700000000040037000a00030001302564aa58b9a64411f6bbf44dc48f57", 0x39}], 0x1)
r3 = fcntl$getown(r2, 0x9)
timer_create(0x5, &(0x7f0000000200)={0x0, 0xa, 0x4, @tid=r3}, &(0x7f00000002c0))
fcntl$lock(r0, 0x26, &(0x7f0000000080)={0x0, 0x4, 0x6, 0x3, r3})
r4 = socket(0x10, 0x2, 0x0)
write(r4, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32)
recvmmsg(r4, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r7}]}, 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(r4, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="10002dbd7000fbdbdf250200000008000100", @ANYRES32=0x0, @ANYBLOB="08000800030000000800020001000000080021000000000008000700", @ANYRES32=r1, @ANYBLOB="08000100", @ANYRES32=r7, @ANYBLOB="060006000400000008000400e0000002"], 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
fsmount(r1, 0x1, 0x84)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x8)

[ 2337.550755][ T1167]  vfs_write+0x2d7/0xdd0
[ 2337.555162][ T1167]  ? evdev_read+0xe30/0xe30
[ 2337.559703][ T1167]  ? vfs_read+0x930/0x930
[ 2337.564082][ T1167]  ? __fget_files+0x26a/0x440
[ 2337.568805][ T1167]  ? __fget_light+0xe5/0x270
[ 2337.573441][ T1167]  ksys_write+0x1e8/0x250
[ 2337.577816][ T1167]  ? __ia32_sys_read+0xb0/0xb0
[ 2337.582630][ T1167]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2337.588559][ T1167]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2337.594477][ T1167]  do_syscall_64+0x35/0xb0
[ 2337.603861][ T1167]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2337.609966][ T1167] RIP: 0033:0x7eff6688a649
[ 2337.614581][ T1167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2337.635872][ T1167] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2337.644472][ T1167] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2337.652541][ T1167] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2337.660517][ T1167] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2337.668520][ T1167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2337.676498][ T1167] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2337.684508][ T1167]  </TASK>
[ 2337.695538][ T1178] __nla_validate_parse: 12 callbacks suppressed
13:51:46 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x9f}, "25c8bfec6b836de1f21a0c4cb04ad4f6be00151d3cc20652619f255985e076c54286d9506723135efed87aa4fbd2210f10f34afdda727169c6f3a8f59ed8d539a3806dbaf2571b760421b0179b36b76ac7f0fe22b87fe7fe54d0f2740bc8ce42c731acff7e33ecef1bea41eeca753b3f9d611a58dc05d5317fa602af95bbc1f40cdbe86368549ac67255507cd4cedda2419d7519e121de106b3482261f593c"}, 0xa3)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0x1a}, @l2cap_cid_signaling={{0x16}, [@l2cap_move_chan_cfm={{0x10, 0x94, 0x4}, {0x6, 0xff}}, @l2cap_move_chan_cfm={{0x10, 0x7, 0x4}, {0x1f, 0xfff}}, @l2cap_cmd_rej_unk={{0x1, 0x7f, 0x2}, {0x7f}}]}}, 0x1f)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x9f}, "25c8bfec6b836de1f21a0c4cb04ad4f6be00151d3cc20652619f255985e076c54286d9506723135efed87aa4fbd2210f10f34afdda727169c6f3a8f59ed8d539a3806dbaf2571b760421b0179b36b76ac7f0fe22b87fe7fe54d0f2740bc8ce42c731acff7e33ecef1bea41eeca753b3f9d611a58dc05d5317fa602af95bbc1f40cdbe86368549ac67255507cd4cedda2419d7519e121de106b3482261f593c"}, 0xa3) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0x1a}, @l2cap_cid_signaling={{0x16}, [@l2cap_move_chan_cfm={{0x10, 0x94, 0x4}, {0x6, 0xff}}, @l2cap_move_chan_cfm={{0x10, 0x7, 0x4}, {0x1f, 0xfff}}, @l2cap_cmd_rej_unk={{0x1, 0x7f, 0x2}, {0x7f}}]}}, 0x1f) (async)

13:51:46 executing program 3:
renameat2(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x2)
symlink(&(0x7f00000000c0)='.\x00', &(0x7f0000000100)='./file0\x00')
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES16=0x0], 0xa)
renameat2(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x2) (async)
symlink(&(0x7f00000000c0)='.\x00', &(0x7f0000000100)='./file0\x00') (async)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES16=0x0], 0xa) (async)

[ 2337.695558][ T1178] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2337.712891][ T1178] device 
01ªX entered promiscuous mode
[ 2337.736502][ T1178] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2337.747685][ T1178] 0ªX: renamed from 
01ªX
13:51:46 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000e50000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2337.753883][ T1178] device 
00ªX left promiscuous mode
[ 2337.760834][ T1178] A link change request failed with some changes committed already. Interface 
00ªX may have been left with an inconsistent configuration, please check.
13:51:46 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 87)

13:51:46 executing program 4:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800) (async)
r1 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r1, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010)
r2 = socket$netlink(0x10, 0x3, 0x0)
writev(r2, &(0x7f0000000000)=[{&(0x7f0000000080)="390000001300090468fe0700000000000000ff3f04000000480100100000000004002b000a00010014a4ee1ee438d2fd000000000000007200", 0x39}], 0x1) (async)
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000040)="3900000013001118680907070000000f0000ff3f04000000170a001700000000040037000a00030001302564aa58b9a64411f6bbf44dc48f57", 0x39}], 0x1) (async)
r3 = fcntl$getown(r2, 0x9)
timer_create(0x5, &(0x7f0000000200)={0x0, 0xa, 0x4, @tid=r3}, &(0x7f00000002c0))
fcntl$lock(r0, 0x26, &(0x7f0000000080)={0x0, 0x4, 0x6, 0x3, r3}) (async, rerun: 64)
r4 = socket(0x10, 0x2, 0x0) (rerun: 64)
write(r4, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32)
recvmmsg(r4, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) (async)
r5 = socket$nl_route(0x10, 0x3, 0x0) (async)
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r7}]}, 0x34}}, 0x0) (async)
sendmsg$GTP_CMD_GETPDP(r4, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="10002dbd7000fbdbdf250200000008000100", @ANYRES32=0x0, @ANYBLOB="08000800030000000800020001000000080021000000000008000700", @ANYRES32=r1, @ANYBLOB="08000100", @ANYRES32=r7, @ANYBLOB="060006000400000008000400e0000002"], 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10) (async, rerun: 32)
fsmount(r1, 0x1, 0x84) (async, rerun: 32)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x8)

13:51:46 executing program 3:
renameat2(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x2) (async)
symlink(&(0x7f00000000c0)='.\x00', &(0x7f0000000100)='./file0\x00') (async, rerun: 32)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES16=0x0], 0xa) (rerun: 32)

13:51:46 executing program 1:
semctl$SEM_STAT(0x0, 0x4, 0x12, &(0x7f0000000080)=""/151)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="13ca3010000c0bd5a800050312090800020008000100b0c283b205fb9fc2bdb5e198e8b41b7112befa2280e1c1991ae008be192e70a786357e9ba96bcef6b5981671bf7cd38ca3dfb017fe86972090425e69427fe58d669ac18d4b0fa455c3e20417069846c0436b566beab1e852631c11ede3980861a2221efa9118a8705ecc7f01ef6871120ac446910f6e77f71c1e4fddb06f5f51de4a88ebbeac293468755443a993552ea218b4b815b0de913dfbd8a18eb46dd8adb46c769dc4e8e4cd97ca778a723086b7cca846b32c71f92822164c7e8262e5a012102a073adc4568957d56"], 0x15)
syz_emit_vhci(&(0x7f0000000240)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xec}, "7c3b251dbaffeedc67bfc22b419b0f4c4894784de44086779d78663a618d1c30b6715989b541d71117c8f556c019f2b9139b8e9b4cdcba28e4d778525a3a9df38de82876f5ba6c5828ed555b702536ce20205c67713712881ae400ce47f9c6fffa11a438f788503cc645848c13af3f5c5c8c313db16fb84c4b24c19286e85678a6be9f4623e11bae718b38ba86306febbb12ac5c74442d0a8462a54ad13de8c8e21066b1e29a7f3590db32e97339c6e1d11f76ec1501f3b2aeab4cece85c52977a85c9396ae6f67f475dde1071e7c8bd79f65ba322f0ac14fede40c1d26cfbf63075e01b728d9c528f15d462"}, 0xf0)

13:51:46 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000f00000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2337.864539][ T1194] FAULT_INJECTION: forcing a failure.
[ 2337.864539][ T1194] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2337.865806][ T1191] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2337.890415][ T1194] CPU: 0 PID: 1194 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2337.900818][ T1194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2337.910921][ T1194] Call Trace:
[ 2337.914311][ T1194]  <TASK>
[ 2337.917300][ T1194]  dump_stack_lvl+0xcd/0x134
[ 2337.921929][ T1194]  should_fail.cold+0x5/0xa
[ 2337.926470][ T1194]  _copy_from_user+0x2a/0x170
[ 2337.931190][ T1194]  input_event_from_user+0x131/0x3a0
[ 2337.936516][ T1194]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2337.942374][ T1194]  evdev_write+0x356/0x760
[ 2337.946851][ T1194]  ? evdev_read+0xe30/0xe30
[ 2337.951474][ T1194]  ? apparmor_file_permission+0x264/0x4e0
[ 2337.957326][ T1194]  ? bpf_lsm_file_permission+0x5/0x10
[ 2337.962739][ T1194]  ? security_file_permission+0xab/0xd0
[ 2337.968335][ T1194]  vfs_write+0x2d7/0xdd0
[ 2337.972622][ T1194]  ? evdev_read+0xe30/0xe30
[ 2337.977157][ T1194]  ? vfs_read+0x930/0x930
[ 2337.981531][ T1194]  ? __fget_files+0x26a/0x440
[ 2337.986252][ T1194]  ? __fget_light+0xe5/0x270
[ 2337.990881][ T1194]  ksys_write+0x1e8/0x250
[ 2337.995252][ T1194]  ? __ia32_sys_read+0xb0/0xb0
[ 2338.000051][ T1194]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2338.005987][ T1194]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2338.011929][ T1194]  do_syscall_64+0x35/0xb0
[ 2338.016379][ T1194]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2338.022423][ T1194] RIP: 0033:0x7eff6688a649
[ 2338.026877][ T1194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2338.046695][ T1194] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2338.055326][ T1194] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
13:51:46 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 88)

[ 2338.063336][ T1194] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2338.071341][ T1194] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2338.079353][ T1194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2338.087356][ T1194] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2338.095652][ T1194]  </TASK>
[ 2338.100238][ T1191] device 
00ªX entered promiscuous mode
13:51:46 executing program 1:
semctl$SEM_STAT(0x0, 0x4, 0x12, &(0x7f0000000080)=""/151)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="13ca3010000c0bd5a800050312090800020008000100b0c283b205fb9fc2bdb5e198e8b41b7112befa2280e1c1991ae008be192e70a786357e9ba96bcef6b5981671bf7cd38ca3dfb017fe86972090425e69427fe58d669ac18d4b0fa455c3e20417069846c0436b566beab1e852631c11ede3980861a2221efa9118a8705ecc7f01ef6871120ac446910f6e77f71c1e4fddb06f5f51de4a88ebbeac293468755443a993552ea218b4b815b0de913dfbd8a18eb46dd8adb46c769dc4e8e4cd97ca778a723086b7cca846b32c71f92822164c7e8262e5a012102a073adc4568957d56"], 0x15)
syz_emit_vhci(&(0x7f0000000240)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xec}, "7c3b251dbaffeedc67bfc22b419b0f4c4894784de44086779d78663a618d1c30b6715989b541d71117c8f556c019f2b9139b8e9b4cdcba28e4d778525a3a9df38de82876f5ba6c5828ed555b702536ce20205c67713712881ae400ce47f9c6fffa11a438f788503cc645848c13af3f5c5c8c313db16fb84c4b24c19286e85678a6be9f4623e11bae718b38ba86306febbb12ac5c74442d0a8462a54ad13de8c8e21066b1e29a7f3590db32e97339c6e1d11f76ec1501f3b2aeab4cece85c52977a85c9396ae6f67f475dde1071e7c8bd79f65ba322f0ac14fede40c1d26cfbf63075e01b728d9c528f15d462"}, 0xf0)
semctl$SEM_STAT(0x0, 0x4, 0x12, &(0x7f0000000080)=""/151) (async)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="13ca3010000c0bd5a800050312090800020008000100b0c283b205fb9fc2bdb5e198e8b41b7112befa2280e1c1991ae008be192e70a786357e9ba96bcef6b5981671bf7cd38ca3dfb017fe86972090425e69427fe58d669ac18d4b0fa455c3e20417069846c0436b566beab1e852631c11ede3980861a2221efa9118a8705ecc7f01ef6871120ac446910f6e77f71c1e4fddb06f5f51de4a88ebbeac293468755443a993552ea218b4b815b0de913dfbd8a18eb46dd8adb46c769dc4e8e4cd97ca778a723086b7cca846b32c71f92822164c7e8262e5a012102a073adc4568957d56"], 0x15) (async)
syz_emit_vhci(&(0x7f0000000240)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xec}, "7c3b251dbaffeedc67bfc22b419b0f4c4894784de44086779d78663a618d1c30b6715989b541d71117c8f556c019f2b9139b8e9b4cdcba28e4d778525a3a9df38de82876f5ba6c5828ed555b702536ce20205c67713712881ae400ce47f9c6fffa11a438f788503cc645848c13af3f5c5c8c313db16fb84c4b24c19286e85678a6be9f4623e11bae718b38ba86306febbb12ac5c74442d0a8462a54ad13de8c8e21066b1e29a7f3590db32e97339c6e1d11f76ec1501f3b2aeab4cece85c52977a85c9396ae6f67f475dde1071e7c8bd79f65ba322f0ac14fede40c1d26cfbf63075e01b728d9c528f15d462"}, 0xf0) (async)

13:51:46 executing program 3:
r0 = syz_open_dev$audion(&(0x7f0000000040), 0x3, 0x4200)
sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x48, 0x0, 0x9, 0x201, 0x0, 0x0, {0x0, 0x0, 0x4}, [@NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x5}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x3f}}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x20}}, @NFCTH_NAME={0x9, 0x1, 'syz1\x00'}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x6}]}, 0x48}, 0x1, 0x0, 0x0, 0x8855}, 0x20000000)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)

13:51:46 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000fc0000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2338.159763][ T1193] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2338.181652][ T1207] FAULT_INJECTION: forcing a failure.
[ 2338.181652][ T1207] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2338.196252][ T1193] 1ªX: renamed from 
00ªX
[ 2338.203950][ T1193] device 
01ªX left promiscuous mode
[ 2338.225707][ T1193] A link change request failed with some changes committed already. Interface 
01ªX may have been left with an inconsistent configuration, please check.
[ 2338.249557][ T1207] CPU: 1 PID: 1207 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2338.259948][ T1207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2338.270055][ T1207] Call Trace:
13:51:46 executing program 1:
semctl$SEM_STAT(0x0, 0x4, 0x12, &(0x7f0000000080)=""/151) (async)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="13ca3010000c0bd5a800050312090800020008000100b0c283b205fb9fc2bdb5e198e8b41b7112befa2280e1c1991ae008be192e70a786357e9ba96bcef6b5981671bf7cd38ca3dfb017fe86972090425e69427fe58d669ac18d4b0fa455c3e20417069846c0436b566beab1e852631c11ede3980861a2221efa9118a8705ecc7f01ef6871120ac446910f6e77f71c1e4fddb06f5f51de4a88ebbeac293468755443a993552ea218b4b815b0de913dfbd8a18eb46dd8adb46c769dc4e8e4cd97ca778a723086b7cca846b32c71f92822164c7e8262e5a012102a073adc4568957d56"], 0x15) (async)
syz_emit_vhci(&(0x7f0000000240)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xec}, "7c3b251dbaffeedc67bfc22b419b0f4c4894784de44086779d78663a618d1c30b6715989b541d71117c8f556c019f2b9139b8e9b4cdcba28e4d778525a3a9df38de82876f5ba6c5828ed555b702536ce20205c67713712881ae400ce47f9c6fffa11a438f788503cc645848c13af3f5c5c8c313db16fb84c4b24c19286e85678a6be9f4623e11bae718b38ba86306febbb12ac5c74442d0a8462a54ad13de8c8e21066b1e29a7f3590db32e97339c6e1d11f76ec1501f3b2aeab4cece85c52977a85c9396ae6f67f475dde1071e7c8bd79f65ba322f0ac14fede40c1d26cfbf63075e01b728d9c528f15d462"}, 0xf0)

[ 2338.273365][ T1207]  <TASK>
[ 2338.276498][ T1207]  dump_stack_lvl+0xcd/0x134
[ 2338.281140][ T1207]  should_fail.cold+0x5/0xa
[ 2338.285701][ T1207]  _copy_from_user+0x2a/0x170
[ 2338.290440][ T1207]  input_event_from_user+0x131/0x3a0
[ 2338.295772][ T1207]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2338.301642][ T1207]  evdev_write+0x356/0x760
[ 2338.306096][ T1207]  ? evdev_read+0xe30/0xe30
[ 2338.310630][ T1207]  ? apparmor_file_permission+0x264/0x4e0
[ 2338.316393][ T1207]  ? bpf_lsm_file_permission+0x5/0x10
[ 2338.321818][ T1207]  ? security_file_permission+0xab/0xd0
[ 2338.327423][ T1207]  vfs_write+0x2d7/0xdd0
[ 2338.331711][ T1207]  ? evdev_read+0xe30/0xe30
[ 2338.336257][ T1207]  ? vfs_read+0x930/0x930
[ 2338.340781][ T1207]  ? __fget_files+0x26a/0x440
[ 2338.345537][ T1207]  ? __fget_light+0xe5/0x270
[ 2338.350176][ T1207]  ksys_write+0x1e8/0x250
[ 2338.354546][ T1207]  ? __ia32_sys_read+0xb0/0xb0
[ 2338.359873][ T1207]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2338.365823][ T1207]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2338.371776][ T1207]  do_syscall_64+0x35/0xb0
[ 2338.376254][ T1207]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2338.382228][ T1207] RIP: 0033:0x7eff6688a649
[ 2338.387459][ T1207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2338.407624][ T1207] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2338.416169][ T1207] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
13:51:46 executing program 3:
r0 = syz_open_dev$audion(&(0x7f0000000040), 0x3, 0x4200)
sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x48, 0x0, 0x9, 0x201, 0x0, 0x0, {0x0, 0x0, 0x4}, [@NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x5}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x3f}}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x20}}, @NFCTH_NAME={0x9, 0x1, 'syz1\x00'}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x6}]}, 0x48}, 0x1, 0x0, 0x0, 0x8855}, 0x20000000)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_open_dev$audion(&(0x7f0000000040), 0x3, 0x4200) (async)
sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x48, 0x0, 0x9, 0x201, 0x0, 0x0, {0x0, 0x0, 0x4}, [@NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x5}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x3f}}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x20}}, @NFCTH_NAME={0x9, 0x1, 'syz1\x00'}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x6}]}, 0x48}, 0x1, 0x0, 0x0, 0x8855}, 0x20000000) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa) (async)

13:51:46 executing program 4:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800) (async)
r1 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r1, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010) (async)
r2 = socket$netlink(0x10, 0x3, 0x0)
writev(r2, &(0x7f0000000000)=[{&(0x7f0000000080)="390000001300090468fe0700000000000000ff3f04000000480100100000000004002b000a00010014a4ee1ee438d2fd000000000000007200", 0x39}], 0x1) (async)
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000040)="3900000013001118680907070000000f0000ff3f04000000170a001700000000040037000a00030001302564aa58b9a64411f6bbf44dc48f57", 0x39}], 0x1) (async)
r3 = fcntl$getown(r2, 0x9)
timer_create(0x5, &(0x7f0000000200)={0x0, 0xa, 0x4, @tid=r3}, &(0x7f00000002c0)) (async)
fcntl$lock(r0, 0x26, &(0x7f0000000080)={0x0, 0x4, 0x6, 0x3, r3}) (async)
r4 = socket(0x10, 0x2, 0x0)
write(r4, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32) (async)
recvmmsg(r4, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) (async)
r5 = socket$nl_route(0x10, 0x3, 0x0) (async)
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r7}]}, 0x34}}, 0x0) (async)
sendmsg$GTP_CMD_GETPDP(r4, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="10002dbd7000fbdbdf250200000008000100", @ANYRES32=0x0, @ANYBLOB="08000800030000000800020001000000080021000000000008000700", @ANYRES32=r1, @ANYBLOB="08000100", @ANYRES32=r7, @ANYBLOB="060006000400000008000400e0000002"], 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
fsmount(r1, 0x1, 0x84) (async)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x8)

13:51:46 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe800000000000000000001ffd0000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:46 executing program 1:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0xa}, @l2cap_cid_signaling={{0x6}, [@l2cap_cmd_rej_unk={{0x1, 0x3f, 0x2}, {0x7}}]}}, 0xf)

[ 2338.424175][ T1207] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2338.432272][ T1207] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2338.440282][ T1207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2338.448296][ T1207] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2338.456333][ T1207]  </TASK>
13:51:46 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 89)

13:51:46 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000080fe0000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:46 executing program 1:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0xa}, @l2cap_cid_signaling={{0x6}, [@l2cap_cmd_rej_unk={{0x1, 0x3f, 0x2}, {0x7}}]}}, 0xf)

13:51:46 executing program 3:
r0 = syz_open_dev$audion(&(0x7f0000000040), 0x3, 0x4200)
sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x48, 0x0, 0x9, 0x201, 0x0, 0x0, {0x0, 0x0, 0x4}, [@NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x5}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x3f}}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x20}}, @NFCTH_NAME={0x9, 0x1, 'syz1\x00'}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x6}]}, 0x48}, 0x1, 0x0, 0x0, 0x8855}, 0x20000000) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)

[ 2338.534336][ T1232] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.4'.
13:51:46 executing program 3:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800)
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYRESHEX=r0, @ANYRESHEX=r0, @ANYRES32=r1, @ANYRES16=0x0, @ANYRES32=r0, @ANYRESHEX=r0, @ANYBLOB="bfe900333485bdd6d5c1da5bbc27638530af3629e7f804e579579776b13187a11739f350943c83abe2831f27c4e99783a1948fc5b70c964949dd2e27a703ed0dcd0556af20aa6c10496b26bdd25b6eb9476b89cd1983290031e5361da75e3931a140ab8ff286188b249062a20bb2ee62d86da03a1fbbc794092357ad9b52ee2fc97d67aefe96b0aa9d633bdbee38142065588f4ed737a5de5a4b7cc6c2af012365191c2835228c4ce4226bab7e14a09bbf11143523badd2ffe60469f5561dc21612d9d38bec6c29669bf1163fc1aa2a20e9688a624dcc74c98e508a9cb6c27c1e44011cdfc5b69742c178e1bf33a19d5674de84b27b825176705e756b575fa999f58fba510bb6fb5abc5f6c760ca6ea694fa61db636415c4f034a8aec6aa883ed8366232973c9e64f629de18fd312527f465b1100cbbb059faab45c54b06cdd0dcc8b9fd4627237125eea55cd549abaae1f2266b89457d7d00e9d79bfed473c520695a299c6bc85f14c86bb33c3f733d9439a109ab58df08b3f4dca4cea7d1e607153d0a4c0555e763691456dcd34b04c195c8905259d76c899991cee16f4b59ebd40550c240c0ab7d6a0678203241919c3564ec3239cf9707d8a081d8bfc0711cf3b695b024e1ee63a8bab4ea71c60b6222b8a98a7960f6fd405d9e3b3e5feca36b65cfb7914e38a7543767dd1e77d695cb6dd54f095b266239f59147b8d36fcb782588086a1079af3edafd8eb39650bd60adf69577bc9e053ba173a532829b1134f4e6aba721afd7f3168bde4d85458b816d4185509797c6026ef7bb20a26e13f1291e18011cd221558460922ddcdbd451cccb7e3b08599519f8f50db8f66b93e1255bf0461c533eda4494c3615aa37457924122a05042b6ab3f1de4c4e08b77878936452f04c18cd31ca18e652a727b97dbf416e24f9ec59191bc59c9e018091845e93bbf6a21d8b057642a4f2892c475a11fd3eb41f290b488add75a64e2d147c557724ac5f3286a7bac33c72198dfbd2dd65177b9ea11ba565606d9a09088c9d0b7403a23fd5a381c4bd7505ec54533ba3c075c6fa984231bfa17df41dcf0b1f4a2f7dc564048cee574a6e8539380e0ae4942e59a0fdaf6de305f6bd5f87d5a986bbd570e265d169f9e8d47d4913199db18c273f4b995e09de2f7060e69869c4f6a9cefc4c4ae551d6131d5f509bcfc3d51d73e1984d709ac3ad58cc77b33cff6dc86edf1b31e8ce058c07b5e8a66f5bc89bf060b0c87e7880a3e4c9f33dad6892a7ec005476c94c33d4e0aecd4f0289896f1f689fe6dd19967a75b36063b3594221b3954748d6aee66050573c20a2f83ce2eb93c6a0ab04b55389e1449fc1e9e3e8a9b4b55bafb68c5ed4b97f81b735071af515378e8040f495304ad29ae1cc879dca75f1c542510322952dd6226515a231018a7ad97eb07fdba22a94a994b837c7cc807ed148a9b3b2d5870de12559d27dbc6735e18e94fbe336659708637765e6d24d3fdb794aac8a22676371a360423e51d4e0c67bab4dbdced3477fc966992aa11ab9b0dcc487a006fdca435f3719e73f81627fea4e7651a0545c182e18445bbe7b7c8c2b2073aed6cdd84dbe1c68c54428cf6eec0ff868b431770be5adb6830e0b5e3009d736758c4912bb447180e7a1657cb4ada8c7f5df178ffc61a47b0980dc8aa54f2322b9584360a580800135e2393ea8e8560fb1ffb7007a3308a74154b0c7b454f440fb6934288a08f60c1dedbde0201fa194d8acdd60f80a5a996a1b313df4c04a69daf7e7729c18a11de5c2b4624aee6e16afc0a6ae67a6b3a95e27b397f5dee4f324de3b56dbf3b6a5668beba98a29c377395913b4225d8ac1071a0ba9bc89495828555ff392eb40dc7d6270fe5b80debb1a143b7ff01ebed445e081aa94583068c2b3bb279abb6d371ef19bb2fbe28c65f5a424bcc552995697ac9385ef5e4188d4d6d98c6a1312bc72b55f791bea0e366a6c3655bde744c83e46369e90d8d5f8dcd5fd4480a9a739edb249a4bc39d806b6d672d18c803b1b4fd3fda0620683cbe5553fb34fb036b1eefb191a0b3002c07b85cff6ada4fe4860050d7b2766ede20767d85d7fc60b94a7a20589363cd5a835b56c61c5f2ab9df81e4234a97c437685776a2c737183c9a8c2ab180b1e56c4ef8e585b35e55ac2d18b19fd38f9c4ce76f6fcc7516fe3a694f1fe6432fa94488d1622cb18c5e79f4f2b41375940a6124bf2d8a57b576495b61c519a2a0d7dde986337ead56f62ee96e3643640bc94014037fa5dd505c0efe5c05b6b2944c81c1aed4854cc52e33503af707cfba5a64f3b8cb205e21f350702fee27514844a24bf3a7de1ffd179098ebff53ae266969858c1cfa7f91e39731a0336fd0a4c1693b7b01d7d1df732d1db086c0a8170c1880da490b630b39a125ad1366d8ab07cd56c39a147d1680492706a67a5453ba3b1a7495e1da4ba0dc39c98c46c67276f469648dee4432d8c8e92b30035831d634b248ed817a64773834f5d9af6d2423449459d07669e27fc9d4a854d40572e31101d22ff0ddbb5e690b51ac9b2d59ef976be2e07670a5a1724fb45b9b2b9274b8fa1b14eacd41ed1f58d0d0b61470ad57ecf2963c0afd5e0cea0f74a465a646748d68fe5c403867d58a14b45bf14aed333c1f6d6520498bf1f179958413a1e47fcea4644244872f849c0ef48fa96bf1cdfa85f30e4636ce03c211e98aefe5dec728a1f3e10cd30adf67c0fbe50bbc121a0bc9431cfc6b7e27f53abbdcb454ab4e94762e7b8287b3e51c376bb67ed1de6c73c32616618ca0a31ceee5725bbcc3951bc35b60b5af4147757dfd3839f53621e1ded9f1c04f9823c19d33765354d104c2c838d6f8dfa576a40ec57bc7f6b141a21a7605497d162c3673d0e0d0d660e199e85405716c4d9eb88539f588069febca5ed19acb2da0e5695b285e129c37100ee968b872d05febec700ceefef8ecf81451e1304af7fbcca03cf31b4dd9a715ae62955d742339f99815c0f5564b12946d72edb1bb96e594ed3bb488ea8e96d4a3acebe37c1f84f441115fd9b4bce56c5030d116cea300247750226a23b3cd168c28104ac4bc802964872a8c2bc7c3c84d5c1fa1370201f44d9d045ff0d4fc261d8a6e216d587a7c84faf06e7101d66cfc69fc7a40b0ba031f133e3a70d835d2243ee4843854dd11d20b1637bba05f0f89c3a27b5dcd40da3374d0ac5fa25ebcadfed85982a3e6c9c4f40c041b15bd0d80c4a00ab66c0cc2272ace6d93d40e321cec25d910831f3bd94ad9a98bd8a4b7a433fcd21bf2b674a55f008e484341ba5f603face56b09d9aff6a2eed18991a0749cd7adea4a9949171d746520d52d9f4001d35c95c12f30c27aec613f701d3c6f7ed8fe3ff4ec0ea1edeac668395d14669c63cb6c19fff0e59ad6e2e1d92502b784225b891d91d3a99cac8a6c2875df88641b9e57bcc258f4480637dad00bb90922651a4723c96b38d92c9032723b50304cb860d99fd88b0802f9f6a9dd0839458bf08f6bf84a6bf61a7f030f5580a51161ab41017035571114a2e8a661a63058174d2abb0657a022bc95051c996788b07ca4ae4e68aca79b2e59dc6971bc6a85f11bd5c400cbdc0480d1c158c6635184ae402291695129f993e04c3e714081f642028765b1273c2abfbd35664f6dbf7b0094b2825d3a2cf1a39839837f642398395100fb7e8fca77e26df643a38d5369ad72d08c8fc13d57dc983b5bd117cfb9b6061ddaacee66a3935abc37a052b624c4834a6b8d93a594dbe372cc0824277238362ef80dff694b0ef9e97e18ea33ec203c952ce8097e43b68aab83592089316a95669552896295e763541082e6b91b9f80da3e801c6280f9ce82dc4506a9c31dfd74f6be34c6c7bd8ae38440b2ace5316e6caeefed8b7d55f333c0f4c2d1d5e3777ae40294ada7337fc69c74783358686111e73b30bc274d48c1ccdf61b5e4d01ddcb14f5cf9459f8d4ab16598d9f4f413882d3e7d4fd6f4ee43c22e3360ba812881d34c6c713d38ce5025744464c0dac73bdb43c2f94740f678d5c55ff6831d7bf17fc2386ea1c24ff8dbe13b12227192d3a3e24754bf83e6880b00b10d1809b7293c9951e967264a2b0f690433bbdf8f17a1fae7c8b17d3ce695db58f6ea20969f3c2202380594692cb60ec28487b2e41c9a02e7ae5feefdca7210b85ed0c4cd26e0c531209bb71bab80b0f8608a04c72b27c5824bdd8149a3c52ebe5638f49dc0ce2a8fbe506bbf37bb39596d4626e96a8df5af1a609e9f6bbda9436a30088cf88a40c297272ae05f5c35d34b35f181ce36a65a88f5ae6a5a97a72d8255bd83a835b0a7699653de7b33082f91019d30f67c89db65fc3e953728ba9fde64e4847e8178aa736956f8fd9842d344c166c22af109a37e85e02074b2cba49c7b0e05824233e3e5b6dd4613123c4e0f7328cbca5a2b69d39cfa9fb869974cc1033d4757d46ebe4cd491443f4e6f5235bc582b49938ec24b7c4873889d4febfa76be66f5c8c83711876eb3a235039bd3f77ed319fd774ef3db9dcdecab1a325bbdd8b2df9a2acd5e91cce4406e0064210c42945ab6a20289fd33f3767d987fb2179121a1d7162c26de373d804417e5e21abc3e094e62d0239a33de8c3fe060cca57d55e2778d5efb2859871e84a7dd2f8a6d9db9e193be064db2d563b97dbf05b5cb571721bf09ef7058027bdc7e604921d697c1295213286265d5bac13ab2f3affe1127b5b04fa32287211a77db66840fd351336d6e0328c95c8ab9f15b14a92839e0a72c85b64ab204a6bce92bfffd05dd1fecbe72f00b33ff9e12f274f132e090047d1ab625ae732a45501e027140b517c5759651bd9541c2d4066e81d00db6e5d9ff950000ff834b9998fde2b3acd43df942388bc27e527ee7886894fa1ef0737052db36e5efb62b95a8cee72c54cd50ab56c2e27e8ce17854ef411f0d7c2bc36cd1f3078b6aaf475f03e081cb3b92a6a9c39cbededda41b1ed35c9c0ecf03b15c7b2b509ad5b7035f949b0264e77f8a99f0e45e3cbee92624f92e3d06adf358947d7e12b45abe685d5614b1de4a097df67fdda40be771b9fbc8a99ad4993dbf9766ecb9106393229c91f31aa7f81999689f1d64cbb041c1f3dfc4ba45978c9ccbdb7330062b52a9bce7efc5a64a9ba908164e870eabf91d5f3d6416ae54bb8885559d65dc865e117ad21b2206f3d011878006f51c21ec08626d0abde0d6253a9546ed41c527ec3abf6d4942c69273790fca08387e85dfa4c04b64a27e2fbadabf3c751c71785c9891fac5b6a46d47bc3dca7d440982ea55e3ff401ba8309114a77fc5812e521e26b8a35f9355cad4560cff60b55308b322cffc53cc7b41f9f89b718bd3d0664c57bd53d6f86f054ed6ca59f27943767385f00baecd5e22c0326a341ab1bccd8bcd6792f9925f12f088b24a20819cb18eb2dfdbee9364f5db2b1ecd9609cbea1eaf3a3fdf8f7dee557cc8e5c8bcdcab9671afdb7154e74d756f7bdf2c7b5ff409c9e07787a2ead0042a55ac6f323653de270d7564aeca5c15f3c12ad657777e04fb983bbbc460cf2b5349afa7b08e3eec34cb3b0cce15b6f1e1383d3156993ea90e22da487142f0aa776d03b5f1698e8476f3b1c85eebeecb53203c4fbe83318a8660a977639f840cdac67eaf6627a477fbab846eb7e984fe4b395781a3f37cac2fa60202b25b5e47578a3ed183167015f32d26242fa00cafad55a20060b5d6534cbbcdde0778507ef33ad4fd4d5223e433df26e7d0175f78be29a68f", @ANYBLOB="a1092ebff2da222b726b882c17983e9d46e0bda8b2070f8ad65d59a652abec4bf8edb5bf5cb9cef69c84efba8c74e76f053c8296dcee5e81a0b2f8f435639293aef6054addd63b66d70f5f5f3e683a491a2dc30eb48d4fdd2999a8d3bf238cf5bc3c7d212743f9d4d90b729fcee13ee83800c342d6905e9e8fc3b93568b714216188c6be56b4c62f4f5a8155a2fc06da009ceee7948e08ce8c7652e033bb1dbb38405de3766fa88798d36a6fc35e697c4ee9c3c4bf25b85a0c922f64e48bed86b5f1cdc7a774aab99686cc404c9ec5e0850f9db0bfe2898198dd9e777f96aa02aad4607668ebc11485bf785ddb7fe6957a13981f6f5d36332a3e"], 0xa)

[ 2338.596658][ T1231] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2338.610346][ T1242] FAULT_INJECTION: forcing a failure.
[ 2338.610346][ T1242] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2338.651097][ T1242] CPU: 0 PID: 1242 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2338.661497][ T1242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2338.671670][ T1242] Call Trace:
[ 2338.675063][ T1242]  <TASK>
[ 2338.678024][ T1242]  dump_stack_lvl+0xcd/0x134
[ 2338.682657][ T1242]  should_fail.cold+0x5/0xa
[ 2338.687208][ T1242]  _copy_from_user+0x2a/0x170
[ 2338.691928][ T1242]  input_event_from_user+0x131/0x3a0
13:51:46 executing program 1:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0xa}, @l2cap_cid_signaling={{0x6}, [@l2cap_cmd_rej_unk={{0x1, 0x3f, 0x2}, {0x7}}]}}, 0xf)

13:51:47 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

[ 2338.698373][ T1242]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2338.704332][ T1242]  evdev_write+0x356/0x760
[ 2338.708797][ T1242]  ? evdev_read+0xe30/0xe30
[ 2338.713430][ T1242]  ? apparmor_file_permission+0x264/0x4e0
[ 2338.719192][ T1242]  ? bpf_lsm_file_permission+0x5/0x10
[ 2338.725478][ T1242]  ? security_file_permission+0xab/0xd0
[ 2338.731168][ T1242]  vfs_write+0x2d7/0xdd0
[ 2338.735458][ T1242]  ? evdev_read+0xe30/0xe30
[ 2338.740009][ T1242]  ? vfs_read+0x930/0x930
[ 2338.744387][ T1242]  ? __fget_files+0x26a/0x440
13:51:47 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

[ 2338.749127][ T1242]  ? __fget_light+0xe5/0x270
[ 2338.753917][ T1242]  ksys_write+0x1e8/0x250
[ 2338.758297][ T1242]  ? __ia32_sys_read+0xb0/0xb0
[ 2338.763106][ T1242]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2338.769044][ T1242]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2338.774997][ T1242]  do_syscall_64+0x35/0xb0
[ 2338.779458][ T1242]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2338.785396][ T1242] RIP: 0033:0x7eff6688a649
[ 2338.789846][ T1242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2338.809498][ T1242] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2338.818000][ T1242] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2338.826008][ T1242] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2338.834284][ T1242] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2338.842909][ T1242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
13:51:47 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2) (async)

[ 2338.850914][ T1242] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2338.858945][ T1242]  </TASK>
[ 2338.863590][ T1231] device 
01ªX entered promiscuous mode
13:51:47 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x1, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_conn_rsp={{0x18, 0x9, 0x10}, {0x6, 0x0, 0x8, 0x100, [0x20, 0x838d, 0x8001, 0x9]}}}}, 0x1d)

13:51:47 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 90)

13:51:47 executing program 3:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800)
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYRESHEX=r0, @ANYRESHEX=r0, @ANYRES32=r1, @ANYRES16=0x0, @ANYRES32=r0, @ANYRESHEX=r0, @ANYBLOB="bfe900333485bdd6d5c1da5bbc27638530af3629e7f804e579579776b13187a11739f350943c83abe2831f27c4e99783a1948fc5b70c964949dd2e27a703ed0dcd0556af20aa6c10496b26bdd25b6eb9476b89cd1983290031e5361da75e3931a140ab8ff286188b249062a20bb2ee62d86da03a1fbbc794092357ad9b52ee2fc97d67aefe96b0aa9d633bdbee38142065588f4ed737a5de5a4b7cc6c2af012365191c2835228c4ce4226bab7e14a09bbf11143523badd2ffe60469f5561dc21612d9d38bec6c29669bf1163fc1aa2a20e9688a624dcc74c98e508a9cb6c27c1e44011cdfc5b69742c178e1bf33a19d5674de84b27b825176705e756b575fa999f58fba510bb6fb5abc5f6c760ca6ea694fa61db636415c4f034a8aec6aa883ed8366232973c9e64f629de18fd312527f465b1100cbbb059faab45c54b06cdd0dcc8b9fd4627237125eea55cd549abaae1f2266b89457d7d00e9d79bfed473c520695a299c6bc85f14c86bb33c3f733d9439a109ab58df08b3f4dca4cea7d1e607153d0a4c0555e763691456dcd34b04c195c8905259d76c899991cee16f4b59ebd40550c240c0ab7d6a0678203241919c3564ec3239cf9707d8a081d8bfc0711cf3b695b024e1ee63a8bab4ea71c60b6222b8a98a7960f6fd405d9e3b3e5feca36b65cfb7914e38a7543767dd1e77d695cb6dd54f095b266239f59147b8d36fcb782588086a1079af3edafd8eb39650bd60adf69577bc9e053ba173a532829b1134f4e6aba721afd7f3168bde4d85458b816d4185509797c6026ef7bb20a26e13f1291e18011cd221558460922ddcdbd451cccb7e3b08599519f8f50db8f66b93e1255bf0461c533eda4494c3615aa37457924122a05042b6ab3f1de4c4e08b77878936452f04c18cd31ca18e652a727b97dbf416e24f9ec59191bc59c9e018091845e93bbf6a21d8b057642a4f2892c475a11fd3eb41f290b488add75a64e2d147c557724ac5f3286a7bac33c72198dfbd2dd65177b9ea11ba565606d9a09088c9d0b7403a23fd5a381c4bd7505ec54533ba3c075c6fa984231bfa17df41dcf0b1f4a2f7dc564048cee574a6e8539380e0ae4942e59a0fdaf6de305f6bd5f87d5a986bbd570e265d169f9e8d47d4913199db18c273f4b995e09de2f7060e69869c4f6a9cefc4c4ae551d6131d5f509bcfc3d51d73e1984d709ac3ad58cc77b33cff6dc86edf1b31e8ce058c07b5e8a66f5bc89bf060b0c87e7880a3e4c9f33dad6892a7ec005476c94c33d4e0aecd4f0289896f1f689fe6dd19967a75b36063b3594221b3954748d6aee66050573c20a2f83ce2eb93c6a0ab04b55389e1449fc1e9e3e8a9b4b55bafb68c5ed4b97f81b735071af515378e8040f495304ad29ae1cc879dca75f1c542510322952dd6226515a231018a7ad97eb07fdba22a94a994b837c7cc807ed148a9b3b2d5870de12559d27dbc6735e18e94fbe336659708637765e6d24d3fdb794aac8a22676371a360423e51d4e0c67bab4dbdced3477fc966992aa11ab9b0dcc487a006fdca435f3719e73f81627fea4e7651a0545c182e18445bbe7b7c8c2b2073aed6cdd84dbe1c68c54428cf6eec0ff868b431770be5adb6830e0b5e3009d736758c4912bb447180e7a1657cb4ada8c7f5df178ffc61a47b0980dc8aa54f2322b9584360a580800135e2393ea8e8560fb1ffb7007a3308a74154b0c7b454f440fb6934288a08f60c1dedbde0201fa194d8acdd60f80a5a996a1b313df4c04a69daf7e7729c18a11de5c2b4624aee6e16afc0a6ae67a6b3a95e27b397f5dee4f324de3b56dbf3b6a5668beba98a29c377395913b4225d8ac1071a0ba9bc89495828555ff392eb40dc7d6270fe5b80debb1a143b7ff01ebed445e081aa94583068c2b3bb279abb6d371ef19bb2fbe28c65f5a424bcc552995697ac9385ef5e4188d4d6d98c6a1312bc72b55f791bea0e366a6c3655bde744c83e46369e90d8d5f8dcd5fd4480a9a739edb249a4bc39d806b6d672d18c803b1b4fd3fda0620683cbe5553fb34fb036b1eefb191a0b3002c07b85cff6ada4fe4860050d7b2766ede20767d85d7fc60b94a7a20589363cd5a835b56c61c5f2ab9df81e4234a97c437685776a2c737183c9a8c2ab180b1e56c4ef8e585b35e55ac2d18b19fd38f9c4ce76f6fcc7516fe3a694f1fe6432fa94488d1622cb18c5e79f4f2b41375940a6124bf2d8a57b576495b61c519a2a0d7dde986337ead56f62ee96e3643640bc94014037fa5dd505c0efe5c05b6b2944c81c1aed4854cc52e33503af707cfba5a64f3b8cb205e21f350702fee27514844a24bf3a7de1ffd179098ebff53ae266969858c1cfa7f91e39731a0336fd0a4c1693b7b01d7d1df732d1db086c0a8170c1880da490b630b39a125ad1366d8ab07cd56c39a147d1680492706a67a5453ba3b1a7495e1da4ba0dc39c98c46c67276f469648dee4432d8c8e92b30035831d634b248ed817a64773834f5d9af6d2423449459d07669e27fc9d4a854d40572e31101d22ff0ddbb5e690b51ac9b2d59ef976be2e07670a5a1724fb45b9b2b9274b8fa1b14eacd41ed1f58d0d0b61470ad57ecf2963c0afd5e0cea0f74a465a646748d68fe5c403867d58a14b45bf14aed333c1f6d6520498bf1f179958413a1e47fcea4644244872f849c0ef48fa96bf1cdfa85f30e4636ce03c211e98aefe5dec728a1f3e10cd30adf67c0fbe50bbc121a0bc9431cfc6b7e27f53abbdcb454ab4e94762e7b8287b3e51c376bb67ed1de6c73c32616618ca0a31ceee5725bbcc3951bc35b60b5af4147757dfd3839f53621e1ded9f1c04f9823c19d33765354d104c2c838d6f8dfa576a40ec57bc7f6b141a21a7605497d162c3673d0e0d0d660e199e85405716c4d9eb88539f588069febca5ed19acb2da0e5695b285e129c37100ee968b872d05febec700ceefef8ecf81451e1304af7fbcca03cf31b4dd9a715ae62955d742339f99815c0f5564b12946d72edb1bb96e594ed3bb488ea8e96d4a3acebe37c1f84f441115fd9b4bce56c5030d116cea300247750226a23b3cd168c28104ac4bc802964872a8c2bc7c3c84d5c1fa1370201f44d9d045ff0d4fc261d8a6e216d587a7c84faf06e7101d66cfc69fc7a40b0ba031f133e3a70d835d2243ee4843854dd11d20b1637bba05f0f89c3a27b5dcd40da3374d0ac5fa25ebcadfed85982a3e6c9c4f40c041b15bd0d80c4a00ab66c0cc2272ace6d93d40e321cec25d910831f3bd94ad9a98bd8a4b7a433fcd21bf2b674a55f008e484341ba5f603face56b09d9aff6a2eed18991a0749cd7adea4a9949171d746520d52d9f4001d35c95c12f30c27aec613f701d3c6f7ed8fe3ff4ec0ea1edeac668395d14669c63cb6c19fff0e59ad6e2e1d92502b784225b891d91d3a99cac8a6c2875df88641b9e57bcc258f4480637dad00bb90922651a4723c96b38d92c9032723b50304cb860d99fd88b0802f9f6a9dd0839458bf08f6bf84a6bf61a7f030f5580a51161ab41017035571114a2e8a661a63058174d2abb0657a022bc95051c996788b07ca4ae4e68aca79b2e59dc6971bc6a85f11bd5c400cbdc0480d1c158c6635184ae402291695129f993e04c3e714081f642028765b1273c2abfbd35664f6dbf7b0094b2825d3a2cf1a39839837f642398395100fb7e8fca77e26df643a38d5369ad72d08c8fc13d57dc983b5bd117cfb9b6061ddaacee66a3935abc37a052b624c4834a6b8d93a594dbe372cc0824277238362ef80dff694b0ef9e97e18ea33ec203c952ce8097e43b68aab83592089316a95669552896295e763541082e6b91b9f80da3e801c6280f9ce82dc4506a9c31dfd74f6be34c6c7bd8ae38440b2ace5316e6caeefed8b7d55f333c0f4c2d1d5e3777ae40294ada7337fc69c74783358686111e73b30bc274d48c1ccdf61b5e4d01ddcb14f5cf9459f8d4ab16598d9f4f413882d3e7d4fd6f4ee43c22e3360ba812881d34c6c713d38ce5025744464c0dac73bdb43c2f94740f678d5c55ff6831d7bf17fc2386ea1c24ff8dbe13b12227192d3a3e24754bf83e6880b00b10d1809b7293c9951e967264a2b0f690433bbdf8f17a1fae7c8b17d3ce695db58f6ea20969f3c2202380594692cb60ec28487b2e41c9a02e7ae5feefdca7210b85ed0c4cd26e0c531209bb71bab80b0f8608a04c72b27c5824bdd8149a3c52ebe5638f49dc0ce2a8fbe506bbf37bb39596d4626e96a8df5af1a609e9f6bbda9436a30088cf88a40c297272ae05f5c35d34b35f181ce36a65a88f5ae6a5a97a72d8255bd83a835b0a7699653de7b33082f91019d30f67c89db65fc3e953728ba9fde64e4847e8178aa736956f8fd9842d344c166c22af109a37e85e02074b2cba49c7b0e05824233e3e5b6dd4613123c4e0f7328cbca5a2b69d39cfa9fb869974cc1033d4757d46ebe4cd491443f4e6f5235bc582b49938ec24b7c4873889d4febfa76be66f5c8c83711876eb3a235039bd3f77ed319fd774ef3db9dcdecab1a325bbdd8b2df9a2acd5e91cce4406e0064210c42945ab6a20289fd33f3767d987fb2179121a1d7162c26de373d804417e5e21abc3e094e62d0239a33de8c3fe060cca57d55e2778d5efb2859871e84a7dd2f8a6d9db9e193be064db2d563b97dbf05b5cb571721bf09ef7058027bdc7e604921d697c1295213286265d5bac13ab2f3affe1127b5b04fa32287211a77db66840fd351336d6e0328c95c8ab9f15b14a92839e0a72c85b64ab204a6bce92bfffd05dd1fecbe72f00b33ff9e12f274f132e090047d1ab625ae732a45501e027140b517c5759651bd9541c2d4066e81d00db6e5d9ff950000ff834b9998fde2b3acd43df942388bc27e527ee7886894fa1ef0737052db36e5efb62b95a8cee72c54cd50ab56c2e27e8ce17854ef411f0d7c2bc36cd1f3078b6aaf475f03e081cb3b92a6a9c39cbededda41b1ed35c9c0ecf03b15c7b2b509ad5b7035f949b0264e77f8a99f0e45e3cbee92624f92e3d06adf358947d7e12b45abe685d5614b1de4a097df67fdda40be771b9fbc8a99ad4993dbf9766ecb9106393229c91f31aa7f81999689f1d64cbb041c1f3dfc4ba45978c9ccbdb7330062b52a9bce7efc5a64a9ba908164e870eabf91d5f3d6416ae54bb8885559d65dc865e117ad21b2206f3d011878006f51c21ec08626d0abde0d6253a9546ed41c527ec3abf6d4942c69273790fca08387e85dfa4c04b64a27e2fbadabf3c751c71785c9891fac5b6a46d47bc3dca7d440982ea55e3ff401ba8309114a77fc5812e521e26b8a35f9355cad4560cff60b55308b322cffc53cc7b41f9f89b718bd3d0664c57bd53d6f86f054ed6ca59f27943767385f00baecd5e22c0326a341ab1bccd8bcd6792f9925f12f088b24a20819cb18eb2dfdbee9364f5db2b1ecd9609cbea1eaf3a3fdf8f7dee557cc8e5c8bcdcab9671afdb7154e74d756f7bdf2c7b5ff409c9e07787a2ead0042a55ac6f323653de270d7564aeca5c15f3c12ad657777e04fb983bbbc460cf2b5349afa7b08e3eec34cb3b0cce15b6f1e1383d3156993ea90e22da487142f0aa776d03b5f1698e8476f3b1c85eebeecb53203c4fbe83318a8660a977639f840cdac67eaf6627a477fbab846eb7e984fe4b395781a3f37cac2fa60202b25b5e47578a3ed183167015f32d26242fa00cafad55a20060b5d6534cbbcdde0778507ef33ad4fd4d5223e433df26e7d0175f78be29a68f", @ANYBLOB="a1092ebff2da222b726b882c17983e9d46e0bda8b2070f8ad65d59a652abec4bf8edb5bf5cb9cef69c84efba8c74e76f053c8296dcee5e81a0b2f8f435639293aef6054addd63b66d70f5f5f3e683a491a2dc30eb48d4fdd2999a8d3bf238cf5bc3c7d212743f9d4d90b729fcee13ee83800c342d6905e9e8fc3b93568b714216188c6be56b4c62f4f5a8155a2fc06da009ceee7948e08ce8c7652e033bb1dbb38405de3766fa88798d36a6fc35e697c4ee9c3c4bf25b85a0c922f64e48bed86b5f1cdc7a774aab99686cc404c9ec5e0850f9db0bfe2898198dd9e777f96aa02aad4607668ebc11485bf785ddb7fe6957a13981f6f5d36332a3e"], 0xa)
syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01) (async)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800) (async)
syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01) (async)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (async)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYRESHEX=r0, @ANYRESHEX=r0, @ANYRES32=r1, @ANYRES16=0x0, @ANYRES32=r0, @ANYRESHEX=r0, @ANYBLOB="bfe900333485bdd6d5c1da5bbc27638530af3629e7f804e579579776b13187a11739f350943c83abe2831f27c4e99783a1948fc5b70c964949dd2e27a703ed0dcd0556af20aa6c10496b26bdd25b6eb9476b89cd1983290031e5361da75e3931a140ab8ff286188b249062a20bb2ee62d86da03a1fbbc794092357ad9b52ee2fc97d67aefe96b0aa9d633bdbee38142065588f4ed737a5de5a4b7cc6c2af012365191c2835228c4ce4226bab7e14a09bbf11143523badd2ffe60469f5561dc21612d9d38bec6c29669bf1163fc1aa2a20e9688a624dcc74c98e508a9cb6c27c1e44011cdfc5b69742c178e1bf33a19d5674de84b27b825176705e756b575fa999f58fba510bb6fb5abc5f6c760ca6ea694fa61db636415c4f034a8aec6aa883ed8366232973c9e64f629de18fd312527f465b1100cbbb059faab45c54b06cdd0dcc8b9fd4627237125eea55cd549abaae1f2266b89457d7d00e9d79bfed473c520695a299c6bc85f14c86bb33c3f733d9439a109ab58df08b3f4dca4cea7d1e607153d0a4c0555e763691456dcd34b04c195c8905259d76c899991cee16f4b59ebd40550c240c0ab7d6a0678203241919c3564ec3239cf9707d8a081d8bfc0711cf3b695b024e1ee63a8bab4ea71c60b6222b8a98a7960f6fd405d9e3b3e5feca36b65cfb7914e38a7543767dd1e77d695cb6dd54f095b266239f59147b8d36fcb782588086a1079af3edafd8eb39650bd60adf69577bc9e053ba173a532829b1134f4e6aba721afd7f3168bde4d85458b816d4185509797c6026ef7bb20a26e13f1291e18011cd221558460922ddcdbd451cccb7e3b08599519f8f50db8f66b93e1255bf0461c533eda4494c3615aa37457924122a05042b6ab3f1de4c4e08b77878936452f04c18cd31ca18e652a727b97dbf416e24f9ec59191bc59c9e018091845e93bbf6a21d8b057642a4f2892c475a11fd3eb41f290b488add75a64e2d147c557724ac5f3286a7bac33c72198dfbd2dd65177b9ea11ba565606d9a09088c9d0b7403a23fd5a381c4bd7505ec54533ba3c075c6fa984231bfa17df41dcf0b1f4a2f7dc564048cee574a6e8539380e0ae4942e59a0fdaf6de305f6bd5f87d5a986bbd570e265d169f9e8d47d4913199db18c273f4b995e09de2f7060e69869c4f6a9cefc4c4ae551d6131d5f509bcfc3d51d73e1984d709ac3ad58cc77b33cff6dc86edf1b31e8ce058c07b5e8a66f5bc89bf060b0c87e7880a3e4c9f33dad6892a7ec005476c94c33d4e0aecd4f0289896f1f689fe6dd19967a75b36063b3594221b3954748d6aee66050573c20a2f83ce2eb93c6a0ab04b55389e1449fc1e9e3e8a9b4b55bafb68c5ed4b97f81b735071af515378e8040f495304ad29ae1cc879dca75f1c542510322952dd6226515a231018a7ad97eb07fdba22a94a994b837c7cc807ed148a9b3b2d5870de12559d27dbc6735e18e94fbe336659708637765e6d24d3fdb794aac8a22676371a360423e51d4e0c67bab4dbdced3477fc966992aa11ab9b0dcc487a006fdca435f3719e73f81627fea4e7651a0545c182e18445bbe7b7c8c2b2073aed6cdd84dbe1c68c54428cf6eec0ff868b431770be5adb6830e0b5e3009d736758c4912bb447180e7a1657cb4ada8c7f5df178ffc61a47b0980dc8aa54f2322b9584360a580800135e2393ea8e8560fb1ffb7007a3308a74154b0c7b454f440fb6934288a08f60c1dedbde0201fa194d8acdd60f80a5a996a1b313df4c04a69daf7e7729c18a11de5c2b4624aee6e16afc0a6ae67a6b3a95e27b397f5dee4f324de3b56dbf3b6a5668beba98a29c377395913b4225d8ac1071a0ba9bc89495828555ff392eb40dc7d6270fe5b80debb1a143b7ff01ebed445e081aa94583068c2b3bb279abb6d371ef19bb2fbe28c65f5a424bcc552995697ac9385ef5e4188d4d6d98c6a1312bc72b55f791bea0e366a6c3655bde744c83e46369e90d8d5f8dcd5fd4480a9a739edb249a4bc39d806b6d672d18c803b1b4fd3fda0620683cbe5553fb34fb036b1eefb191a0b3002c07b85cff6ada4fe4860050d7b2766ede20767d85d7fc60b94a7a20589363cd5a835b56c61c5f2ab9df81e4234a97c437685776a2c737183c9a8c2ab180b1e56c4ef8e585b35e55ac2d18b19fd38f9c4ce76f6fcc7516fe3a694f1fe6432fa94488d1622cb18c5e79f4f2b41375940a6124bf2d8a57b576495b61c519a2a0d7dde986337ead56f62ee96e3643640bc94014037fa5dd505c0efe5c05b6b2944c81c1aed4854cc52e33503af707cfba5a64f3b8cb205e21f350702fee27514844a24bf3a7de1ffd179098ebff53ae266969858c1cfa7f91e39731a0336fd0a4c1693b7b01d7d1df732d1db086c0a8170c1880da490b630b39a125ad1366d8ab07cd56c39a147d1680492706a67a5453ba3b1a7495e1da4ba0dc39c98c46c67276f469648dee4432d8c8e92b30035831d634b248ed817a64773834f5d9af6d2423449459d07669e27fc9d4a854d40572e31101d22ff0ddbb5e690b51ac9b2d59ef976be2e07670a5a1724fb45b9b2b9274b8fa1b14eacd41ed1f58d0d0b61470ad57ecf2963c0afd5e0cea0f74a465a646748d68fe5c403867d58a14b45bf14aed333c1f6d6520498bf1f179958413a1e47fcea4644244872f849c0ef48fa96bf1cdfa85f30e4636ce03c211e98aefe5dec728a1f3e10cd30adf67c0fbe50bbc121a0bc9431cfc6b7e27f53abbdcb454ab4e94762e7b8287b3e51c376bb67ed1de6c73c32616618ca0a31ceee5725bbcc3951bc35b60b5af4147757dfd3839f53621e1ded9f1c04f9823c19d33765354d104c2c838d6f8dfa576a40ec57bc7f6b141a21a7605497d162c3673d0e0d0d660e199e85405716c4d9eb88539f588069febca5ed19acb2da0e5695b285e129c37100ee968b872d05febec700ceefef8ecf81451e1304af7fbcca03cf31b4dd9a715ae62955d742339f99815c0f5564b12946d72edb1bb96e594ed3bb488ea8e96d4a3acebe37c1f84f441115fd9b4bce56c5030d116cea300247750226a23b3cd168c28104ac4bc802964872a8c2bc7c3c84d5c1fa1370201f44d9d045ff0d4fc261d8a6e216d587a7c84faf06e7101d66cfc69fc7a40b0ba031f133e3a70d835d2243ee4843854dd11d20b1637bba05f0f89c3a27b5dcd40da3374d0ac5fa25ebcadfed85982a3e6c9c4f40c041b15bd0d80c4a00ab66c0cc2272ace6d93d40e321cec25d910831f3bd94ad9a98bd8a4b7a433fcd21bf2b674a55f008e484341ba5f603face56b09d9aff6a2eed18991a0749cd7adea4a9949171d746520d52d9f4001d35c95c12f30c27aec613f701d3c6f7ed8fe3ff4ec0ea1edeac668395d14669c63cb6c19fff0e59ad6e2e1d92502b784225b891d91d3a99cac8a6c2875df88641b9e57bcc258f4480637dad00bb90922651a4723c96b38d92c9032723b50304cb860d99fd88b0802f9f6a9dd0839458bf08f6bf84a6bf61a7f030f5580a51161ab41017035571114a2e8a661a63058174d2abb0657a022bc95051c996788b07ca4ae4e68aca79b2e59dc6971bc6a85f11bd5c400cbdc0480d1c158c6635184ae402291695129f993e04c3e714081f642028765b1273c2abfbd35664f6dbf7b0094b2825d3a2cf1a39839837f642398395100fb7e8fca77e26df643a38d5369ad72d08c8fc13d57dc983b5bd117cfb9b6061ddaacee66a3935abc37a052b624c4834a6b8d93a594dbe372cc0824277238362ef80dff694b0ef9e97e18ea33ec203c952ce8097e43b68aab83592089316a95669552896295e763541082e6b91b9f80da3e801c6280f9ce82dc4506a9c31dfd74f6be34c6c7bd8ae38440b2ace5316e6caeefed8b7d55f333c0f4c2d1d5e3777ae40294ada7337fc69c74783358686111e73b30bc274d48c1ccdf61b5e4d01ddcb14f5cf9459f8d4ab16598d9f4f413882d3e7d4fd6f4ee43c22e3360ba812881d34c6c713d38ce5025744464c0dac73bdb43c2f94740f678d5c55ff6831d7bf17fc2386ea1c24ff8dbe13b12227192d3a3e24754bf83e6880b00b10d1809b7293c9951e967264a2b0f690433bbdf8f17a1fae7c8b17d3ce695db58f6ea20969f3c2202380594692cb60ec28487b2e41c9a02e7ae5feefdca7210b85ed0c4cd26e0c531209bb71bab80b0f8608a04c72b27c5824bdd8149a3c52ebe5638f49dc0ce2a8fbe506bbf37bb39596d4626e96a8df5af1a609e9f6bbda9436a30088cf88a40c297272ae05f5c35d34b35f181ce36a65a88f5ae6a5a97a72d8255bd83a835b0a7699653de7b33082f91019d30f67c89db65fc3e953728ba9fde64e4847e8178aa736956f8fd9842d344c166c22af109a37e85e02074b2cba49c7b0e05824233e3e5b6dd4613123c4e0f7328cbca5a2b69d39cfa9fb869974cc1033d4757d46ebe4cd491443f4e6f5235bc582b49938ec24b7c4873889d4febfa76be66f5c8c83711876eb3a235039bd3f77ed319fd774ef3db9dcdecab1a325bbdd8b2df9a2acd5e91cce4406e0064210c42945ab6a20289fd33f3767d987fb2179121a1d7162c26de373d804417e5e21abc3e094e62d0239a33de8c3fe060cca57d55e2778d5efb2859871e84a7dd2f8a6d9db9e193be064db2d563b97dbf05b5cb571721bf09ef7058027bdc7e604921d697c1295213286265d5bac13ab2f3affe1127b5b04fa32287211a77db66840fd351336d6e0328c95c8ab9f15b14a92839e0a72c85b64ab204a6bce92bfffd05dd1fecbe72f00b33ff9e12f274f132e090047d1ab625ae732a45501e027140b517c5759651bd9541c2d4066e81d00db6e5d9ff950000ff834b9998fde2b3acd43df942388bc27e527ee7886894fa1ef0737052db36e5efb62b95a8cee72c54cd50ab56c2e27e8ce17854ef411f0d7c2bc36cd1f3078b6aaf475f03e081cb3b92a6a9c39cbededda41b1ed35c9c0ecf03b15c7b2b509ad5b7035f949b0264e77f8a99f0e45e3cbee92624f92e3d06adf358947d7e12b45abe685d5614b1de4a097df67fdda40be771b9fbc8a99ad4993dbf9766ecb9106393229c91f31aa7f81999689f1d64cbb041c1f3dfc4ba45978c9ccbdb7330062b52a9bce7efc5a64a9ba908164e870eabf91d5f3d6416ae54bb8885559d65dc865e117ad21b2206f3d011878006f51c21ec08626d0abde0d6253a9546ed41c527ec3abf6d4942c69273790fca08387e85dfa4c04b64a27e2fbadabf3c751c71785c9891fac5b6a46d47bc3dca7d440982ea55e3ff401ba8309114a77fc5812e521e26b8a35f9355cad4560cff60b55308b322cffc53cc7b41f9f89b718bd3d0664c57bd53d6f86f054ed6ca59f27943767385f00baecd5e22c0326a341ab1bccd8bcd6792f9925f12f088b24a20819cb18eb2dfdbee9364f5db2b1ecd9609cbea1eaf3a3fdf8f7dee557cc8e5c8bcdcab9671afdb7154e74d756f7bdf2c7b5ff409c9e07787a2ead0042a55ac6f323653de270d7564aeca5c15f3c12ad657777e04fb983bbbc460cf2b5349afa7b08e3eec34cb3b0cce15b6f1e1383d3156993ea90e22da487142f0aa776d03b5f1698e8476f3b1c85eebeecb53203c4fbe83318a8660a977639f840cdac67eaf6627a477fbab846eb7e984fe4b395781a3f37cac2fa60202b25b5e47578a3ed183167015f32d26242fa00cafad55a20060b5d6534cbbcdde0778507ef33ad4fd4d5223e433df26e7d0175f78be29a68f", @ANYBLOB="a1092ebff2da222b726b882c17983e9d46e0bda8b2070f8ad65d59a652abec4bf8edb5bf5cb9cef69c84efba8c74e76f053c8296dcee5e81a0b2f8f435639293aef6054addd63b66d70f5f5f3e683a491a2dc30eb48d4fdd2999a8d3bf238cf5bc3c7d212743f9d4d90b729fcee13ee83800c342d6905e9e8fc3b93568b714216188c6be56b4c62f4f5a8155a2fc06da009ceee7948e08ce8c7652e033bb1dbb38405de3766fa88798d36a6fc35e697c4ee9c3c4bf25b85a0c922f64e48bed86b5f1cdc7a774aab99686cc404c9ec5e0850f9db0bfe2898198dd9e777f96aa02aad4607668ebc11485bf785ddb7fe6957a13981f6f5d36332a3e"], 0xa) (async)

13:51:47 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000c0fe0000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2338.985005][ T1263] FAULT_INJECTION: forcing a failure.
[ 2338.985005][ T1263] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2339.016376][ T1263] CPU: 0 PID: 1263 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2339.026774][ T1263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2339.036876][ T1263] Call Trace:
[ 2339.040179][ T1263]  <TASK>
[ 2339.043139][ T1263]  dump_stack_lvl+0xcd/0x134
[ 2339.047879][ T1263]  should_fail.cold+0x5/0xa
[ 2339.052434][ T1263]  _copy_from_user+0x2a/0x170
[ 2339.057164][ T1263]  input_event_from_user+0x131/0x3a0
[ 2339.062506][ T1263]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2339.068380][ T1263]  evdev_write+0x356/0x760
[ 2339.072844][ T1263]  ? evdev_read+0xe30/0xe30
[ 2339.077757][ T1263]  ? apparmor_file_permission+0x264/0x4e0
[ 2339.084840][ T1263]  ? bpf_lsm_file_permission+0x5/0x10
[ 2339.090343][ T1263]  ? security_file_permission+0xab/0xd0
[ 2339.095950][ T1263]  vfs_write+0x2d7/0xdd0
[ 2339.100337][ T1263]  ? evdev_read+0xe30/0xe30
[ 2339.104885][ T1263]  ? vfs_read+0x930/0x930
[ 2339.109250][ T1263]  ? __fget_files+0x26a/0x440
[ 2339.113958][ T1263]  ? __fget_light+0xe5/0x270
[ 2339.118683][ T1263]  ksys_write+0x1e8/0x250
[ 2339.123051][ T1263]  ? __ia32_sys_read+0xb0/0xb0
[ 2339.127848][ T1263]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2339.133790][ T1263]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2339.139728][ T1263]  do_syscall_64+0x35/0xb0
[ 2339.144176][ T1263]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2339.150111][ T1263] RIP: 0033:0x7eff6688a649
[ 2339.154548][ T1263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2339.174174][ T1263] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2339.182608][ T1263] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2339.190599][ T1263] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2339.198592][ T1263] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2339.206573][ T1263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2339.214553][ T1263] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2339.222664][ T1263]  </TASK>
13:51:47 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x1, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_conn_rsp={{0x18, 0x9, 0x10}, {0x6, 0x0, 0x8, 0x100, [0x20, 0x838d, 0x8001, 0x9]}}}}, 0x1d)

13:51:47 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000ff0000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:47 executing program 3:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800)
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYRESHEX=r0, @ANYRESHEX=r0, @ANYRES32=r1, @ANYRES16=0x0, @ANYRES32=r0, @ANYRESHEX=r0, @ANYBLOB="bfe900333485bdd6d5c1da5bbc27638530af3629e7f804e579579776b13187a11739f350943c83abe2831f27c4e99783a1948fc5b70c964949dd2e27a703ed0dcd0556af20aa6c10496b26bdd25b6eb9476b89cd1983290031e5361da75e3931a140ab8ff286188b249062a20bb2ee62d86da03a1fbbc794092357ad9b52ee2fc97d67aefe96b0aa9d633bdbee38142065588f4ed737a5de5a4b7cc6c2af012365191c2835228c4ce4226bab7e14a09bbf11143523badd2ffe60469f5561dc21612d9d38bec6c29669bf1163fc1aa2a20e9688a624dcc74c98e508a9cb6c27c1e44011cdfc5b69742c178e1bf33a19d5674de84b27b825176705e756b575fa999f58fba510bb6fb5abc5f6c760ca6ea694fa61db636415c4f034a8aec6aa883ed8366232973c9e64f629de18fd312527f465b1100cbbb059faab45c54b06cdd0dcc8b9fd4627237125eea55cd549abaae1f2266b89457d7d00e9d79bfed473c520695a299c6bc85f14c86bb33c3f733d9439a109ab58df08b3f4dca4cea7d1e607153d0a4c0555e763691456dcd34b04c195c8905259d76c899991cee16f4b59ebd40550c240c0ab7d6a0678203241919c3564ec3239cf9707d8a081d8bfc0711cf3b695b024e1ee63a8bab4ea71c60b6222b8a98a7960f6fd405d9e3b3e5feca36b65cfb7914e38a7543767dd1e77d695cb6dd54f095b266239f59147b8d36fcb782588086a1079af3edafd8eb39650bd60adf69577bc9e053ba173a532829b1134f4e6aba721afd7f3168bde4d85458b816d4185509797c6026ef7bb20a26e13f1291e18011cd221558460922ddcdbd451cccb7e3b08599519f8f50db8f66b93e1255bf0461c533eda4494c3615aa37457924122a05042b6ab3f1de4c4e08b77878936452f04c18cd31ca18e652a727b97dbf416e24f9ec59191bc59c9e018091845e93bbf6a21d8b057642a4f2892c475a11fd3eb41f290b488add75a64e2d147c557724ac5f3286a7bac33c72198dfbd2dd65177b9ea11ba565606d9a09088c9d0b7403a23fd5a381c4bd7505ec54533ba3c075c6fa984231bfa17df41dcf0b1f4a2f7dc564048cee574a6e8539380e0ae4942e59a0fdaf6de305f6bd5f87d5a986bbd570e265d169f9e8d47d4913199db18c273f4b995e09de2f7060e69869c4f6a9cefc4c4ae551d6131d5f509bcfc3d51d73e1984d709ac3ad58cc77b33cff6dc86edf1b31e8ce058c07b5e8a66f5bc89bf060b0c87e7880a3e4c9f33dad6892a7ec005476c94c33d4e0aecd4f0289896f1f689fe6dd19967a75b36063b3594221b3954748d6aee66050573c20a2f83ce2eb93c6a0ab04b55389e1449fc1e9e3e8a9b4b55bafb68c5ed4b97f81b735071af515378e8040f495304ad29ae1cc879dca75f1c542510322952dd6226515a231018a7ad97eb07fdba22a94a994b837c7cc807ed148a9b3b2d5870de12559d27dbc6735e18e94fbe336659708637765e6d24d3fdb794aac8a22676371a360423e51d4e0c67bab4dbdced3477fc966992aa11ab9b0dcc487a006fdca435f3719e73f81627fea4e7651a0545c182e18445bbe7b7c8c2b2073aed6cdd84dbe1c68c54428cf6eec0ff868b431770be5adb6830e0b5e3009d736758c4912bb447180e7a1657cb4ada8c7f5df178ffc61a47b0980dc8aa54f2322b9584360a580800135e2393ea8e8560fb1ffb7007a3308a74154b0c7b454f440fb6934288a08f60c1dedbde0201fa194d8acdd60f80a5a996a1b313df4c04a69daf7e7729c18a11de5c2b4624aee6e16afc0a6ae67a6b3a95e27b397f5dee4f324de3b56dbf3b6a5668beba98a29c377395913b4225d8ac1071a0ba9bc89495828555ff392eb40dc7d6270fe5b80debb1a143b7ff01ebed445e081aa94583068c2b3bb279abb6d371ef19bb2fbe28c65f5a424bcc552995697ac9385ef5e4188d4d6d98c6a1312bc72b55f791bea0e366a6c3655bde744c83e46369e90d8d5f8dcd5fd4480a9a739edb249a4bc39d806b6d672d18c803b1b4fd3fda0620683cbe5553fb34fb036b1eefb191a0b3002c07b85cff6ada4fe4860050d7b2766ede20767d85d7fc60b94a7a20589363cd5a835b56c61c5f2ab9df81e4234a97c437685776a2c737183c9a8c2ab180b1e56c4ef8e585b35e55ac2d18b19fd38f9c4ce76f6fcc7516fe3a694f1fe6432fa94488d1622cb18c5e79f4f2b41375940a6124bf2d8a57b576495b61c519a2a0d7dde986337ead56f62ee96e3643640bc94014037fa5dd505c0efe5c05b6b2944c81c1aed4854cc52e33503af707cfba5a64f3b8cb205e21f350702fee27514844a24bf3a7de1ffd179098ebff53ae266969858c1cfa7f91e39731a0336fd0a4c1693b7b01d7d1df732d1db086c0a8170c1880da490b630b39a125ad1366d8ab07cd56c39a147d1680492706a67a5453ba3b1a7495e1da4ba0dc39c98c46c67276f469648dee4432d8c8e92b30035831d634b248ed817a64773834f5d9af6d2423449459d07669e27fc9d4a854d40572e31101d22ff0ddbb5e690b51ac9b2d59ef976be2e07670a5a1724fb45b9b2b9274b8fa1b14eacd41ed1f58d0d0b61470ad57ecf2963c0afd5e0cea0f74a465a646748d68fe5c403867d58a14b45bf14aed333c1f6d6520498bf1f179958413a1e47fcea4644244872f849c0ef48fa96bf1cdfa85f30e4636ce03c211e98aefe5dec728a1f3e10cd30adf67c0fbe50bbc121a0bc9431cfc6b7e27f53abbdcb454ab4e94762e7b8287b3e51c376bb67ed1de6c73c32616618ca0a31ceee5725bbcc3951bc35b60b5af4147757dfd3839f53621e1ded9f1c04f9823c19d33765354d104c2c838d6f8dfa576a40ec57bc7f6b141a21a7605497d162c3673d0e0d0d660e199e85405716c4d9eb88539f588069febca5ed19acb2da0e5695b285e129c37100ee968b872d05febec700ceefef8ecf81451e1304af7fbcca03cf31b4dd9a715ae62955d742339f99815c0f5564b12946d72edb1bb96e594ed3bb488ea8e96d4a3acebe37c1f84f441115fd9b4bce56c5030d116cea300247750226a23b3cd168c28104ac4bc802964872a8c2bc7c3c84d5c1fa1370201f44d9d045ff0d4fc261d8a6e216d587a7c84faf06e7101d66cfc69fc7a40b0ba031f133e3a70d835d2243ee4843854dd11d20b1637bba05f0f89c3a27b5dcd40da3374d0ac5fa25ebcadfed85982a3e6c9c4f40c041b15bd0d80c4a00ab66c0cc2272ace6d93d40e321cec25d910831f3bd94ad9a98bd8a4b7a433fcd21bf2b674a55f008e484341ba5f603face56b09d9aff6a2eed18991a0749cd7adea4a9949171d746520d52d9f4001d35c95c12f30c27aec613f701d3c6f7ed8fe3ff4ec0ea1edeac668395d14669c63cb6c19fff0e59ad6e2e1d92502b784225b891d91d3a99cac8a6c2875df88641b9e57bcc258f4480637dad00bb90922651a4723c96b38d92c9032723b50304cb860d99fd88b0802f9f6a9dd0839458bf08f6bf84a6bf61a7f030f5580a51161ab41017035571114a2e8a661a63058174d2abb0657a022bc95051c996788b07ca4ae4e68aca79b2e59dc6971bc6a85f11bd5c400cbdc0480d1c158c6635184ae402291695129f993e04c3e714081f642028765b1273c2abfbd35664f6dbf7b0094b2825d3a2cf1a39839837f642398395100fb7e8fca77e26df643a38d5369ad72d08c8fc13d57dc983b5bd117cfb9b6061ddaacee66a3935abc37a052b624c4834a6b8d93a594dbe372cc0824277238362ef80dff694b0ef9e97e18ea33ec203c952ce8097e43b68aab83592089316a95669552896295e763541082e6b91b9f80da3e801c6280f9ce82dc4506a9c31dfd74f6be34c6c7bd8ae38440b2ace5316e6caeefed8b7d55f333c0f4c2d1d5e3777ae40294ada7337fc69c74783358686111e73b30bc274d48c1ccdf61b5e4d01ddcb14f5cf9459f8d4ab16598d9f4f413882d3e7d4fd6f4ee43c22e3360ba812881d34c6c713d38ce5025744464c0dac73bdb43c2f94740f678d5c55ff6831d7bf17fc2386ea1c24ff8dbe13b12227192d3a3e24754bf83e6880b00b10d1809b7293c9951e967264a2b0f690433bbdf8f17a1fae7c8b17d3ce695db58f6ea20969f3c2202380594692cb60ec28487b2e41c9a02e7ae5feefdca7210b85ed0c4cd26e0c531209bb71bab80b0f8608a04c72b27c5824bdd8149a3c52ebe5638f49dc0ce2a8fbe506bbf37bb39596d4626e96a8df5af1a609e9f6bbda9436a30088cf88a40c297272ae05f5c35d34b35f181ce36a65a88f5ae6a5a97a72d8255bd83a835b0a7699653de7b33082f91019d30f67c89db65fc3e953728ba9fde64e4847e8178aa736956f8fd9842d344c166c22af109a37e85e02074b2cba49c7b0e05824233e3e5b6dd4613123c4e0f7328cbca5a2b69d39cfa9fb869974cc1033d4757d46ebe4cd491443f4e6f5235bc582b49938ec24b7c4873889d4febfa76be66f5c8c83711876eb3a235039bd3f77ed319fd774ef3db9dcdecab1a325bbdd8b2df9a2acd5e91cce4406e0064210c42945ab6a20289fd33f3767d987fb2179121a1d7162c26de373d804417e5e21abc3e094e62d0239a33de8c3fe060cca57d55e2778d5efb2859871e84a7dd2f8a6d9db9e193be064db2d563b97dbf05b5cb571721bf09ef7058027bdc7e604921d697c1295213286265d5bac13ab2f3affe1127b5b04fa32287211a77db66840fd351336d6e0328c95c8ab9f15b14a92839e0a72c85b64ab204a6bce92bfffd05dd1fecbe72f00b33ff9e12f274f132e090047d1ab625ae732a45501e027140b517c5759651bd9541c2d4066e81d00db6e5d9ff950000ff834b9998fde2b3acd43df942388bc27e527ee7886894fa1ef0737052db36e5efb62b95a8cee72c54cd50ab56c2e27e8ce17854ef411f0d7c2bc36cd1f3078b6aaf475f03e081cb3b92a6a9c39cbededda41b1ed35c9c0ecf03b15c7b2b509ad5b7035f949b0264e77f8a99f0e45e3cbee92624f92e3d06adf358947d7e12b45abe685d5614b1de4a097df67fdda40be771b9fbc8a99ad4993dbf9766ecb9106393229c91f31aa7f81999689f1d64cbb041c1f3dfc4ba45978c9ccbdb7330062b52a9bce7efc5a64a9ba908164e870eabf91d5f3d6416ae54bb8885559d65dc865e117ad21b2206f3d011878006f51c21ec08626d0abde0d6253a9546ed41c527ec3abf6d4942c69273790fca08387e85dfa4c04b64a27e2fbadabf3c751c71785c9891fac5b6a46d47bc3dca7d440982ea55e3ff401ba8309114a77fc5812e521e26b8a35f9355cad4560cff60b55308b322cffc53cc7b41f9f89b718bd3d0664c57bd53d6f86f054ed6ca59f27943767385f00baecd5e22c0326a341ab1bccd8bcd6792f9925f12f088b24a20819cb18eb2dfdbee9364f5db2b1ecd9609cbea1eaf3a3fdf8f7dee557cc8e5c8bcdcab9671afdb7154e74d756f7bdf2c7b5ff409c9e07787a2ead0042a55ac6f323653de270d7564aeca5c15f3c12ad657777e04fb983bbbc460cf2b5349afa7b08e3eec34cb3b0cce15b6f1e1383d3156993ea90e22da487142f0aa776d03b5f1698e8476f3b1c85eebeecb53203c4fbe83318a8660a977639f840cdac67eaf6627a477fbab846eb7e984fe4b395781a3f37cac2fa60202b25b5e47578a3ed183167015f32d26242fa00cafad55a20060b5d6534cbbcdde0778507ef33ad4fd4d5223e433df26e7d0175f78be29a68f", @ANYBLOB="a1092ebff2da222b726b882c17983e9d46e0bda8b2070f8ad65d59a652abec4bf8edb5bf5cb9cef69c84efba8c74e76f053c8296dcee5e81a0b2f8f435639293aef6054addd63b66d70f5f5f3e683a491a2dc30eb48d4fdd2999a8d3bf238cf5bc3c7d212743f9d4d90b729fcee13ee83800c342d6905e9e8fc3b93568b714216188c6be56b4c62f4f5a8155a2fc06da009ceee7948e08ce8c7652e033bb1dbb38405de3766fa88798d36a6fc35e697c4ee9c3c4bf25b85a0c922f64e48bed86b5f1cdc7a774aab99686cc404c9ec5e0850f9db0bfe2898198dd9e777f96aa02aad4607668ebc11485bf785ddb7fe6957a13981f6f5d36332a3e"], 0xa)

13:51:47 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x1, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_conn_rsp={{0x18, 0x9, 0x10}, {0x6, 0x0, 0x8, 0x100, [0x20, 0x838d, 0x8001, 0x9]}}}}, 0x1d)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x1, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_conn_rsp={{0x18, 0x9, 0x10}, {0x6, 0x0, 0x8, 0x100, [0x20, 0x838d, 0x8001, 0x9]}}}}, 0x1d) (async)

13:51:47 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000400300bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:47 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000034000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:47 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000fffff000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:47 executing program 4:
r0 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r0, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010)
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f00000003c0)={0xa, &(0x7f0000000340)=[{0xffff, 0xfe, 0x1, 0x401}, {0x9, 0xe1, 0x40, 0xbc}, {0x2, 0x50, 0x0, 0x2000000}, {0x6, 0x22, 0xd3, 0x8000}, {0x1, 0xaf, 0x47, 0x1}, {0x8, 0x0, 0x3, 0x1}, {0x2, 0x2, 0x7f, 0x401}, {0x0, 0x0, 0x20, 0x9b1}, {0x4, 0x0, 0xc1, 0x80000000}, {0x400, 0xeb, 0x0, 0x6}]}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r5}]}, 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)=ANY=[@ANYBLOB='I\x00\f\x00', @ANYRES16=0x0, @ANYBLOB="10002dbd7000fbdbdf250200000008000100", @ANYRES32=0x0, @ANYBLOB="08000800030000000800020001000000080002000000000008000700", @ANYRES32=r0, @ANYBLOB="08000100", @ANYRES32=r5, @ANYBLOB="060006000400000008000400e0000002"], 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000440)={0x198, 0x0, 0x100, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r6}, @val={0xc, 0x99, {0x3, 0x7}}}}, [@NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, @random=0x3ff}, @NL80211_ATTR_HIDDEN_SSID={0x8, 0x7e, 0x2}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_MAC_ADDRS={0x64, 0xa6, 0x0, 0x1, [{0xa}, {0xa}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa}, {0xa}, {0xa, 0x6, @broadcast}]}, @NL80211_ATTR_MAC_ADDRS={0x1c, 0xa6, 0x0, 0x1, [{0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_MAC_ADDRS={0x7c, 0xa6, 0x0, 0x1, [{0xa}, {0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa}, {0xa}]}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0xd017d0bc7ae1d7b0}], @NL80211_ATTR_HIDDEN_SSID={0x8, 0x7e, 0x2}, @NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, @random=0x6}, @NL80211_ATTR_HIDDEN_SSID={0x8}, @NL80211_ATTR_INACTIVITY_TIMEOUT={0x6, 0x96, 0xffff}, @NL80211_ATTR_SSID={0x24, 0x34, @random="bed85291ae545d9fae7febc146de6ba281509500"/32}]}, 0x198}, 0x1, 0x0, 0x0, 0xe8c1}, 0x24040001)
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="0400deb5a5a14e1de2ceaf22400bb0b9e7227dd1acd68b33792743b38ae02289a6"], 0x8)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'wlan1\x00'})
syz_emit_vhci(&(0x7f00000002c0)=@HCI_VENDOR_PKT, 0x2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8}]}, 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8}, @GTPA_LINK={0x8}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
bind$packet(r1, &(0x7f0000000180)={0x11, 0x18, 0x0, 0x1, 0x7f}, 0x14)

13:51:47 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 91)

13:51:47 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000000001bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2339.662849][ T1294] FAULT_INJECTION: forcing a failure.
[ 2339.662849][ T1294] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2339.689722][T15356] Bluetooth: hci8: Received unexpected HCI Event 0x00
[ 2339.711870][ T1294] CPU: 0 PID: 1294 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2339.722442][ T1294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2339.732619][ T1294] Call Trace:
[ 2339.735949][ T1294]  <TASK>
[ 2339.738905][ T1294]  dump_stack_lvl+0xcd/0x134
[ 2339.743543][ T1294]  should_fail.cold+0x5/0xa
[ 2339.748095][ T1294]  _copy_from_user+0x2a/0x170
[ 2339.752988][ T1294]  input_event_from_user+0x131/0x3a0
[ 2339.758350][ T1294]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2339.764218][ T1294]  evdev_write+0x356/0x760
[ 2339.768689][ T1294]  ? evdev_read+0xe30/0xe30
[ 2339.773231][ T1294]  ? apparmor_file_permission+0x264/0x4e0
[ 2339.779000][ T1294]  ? bpf_lsm_file_permission+0x5/0x10
[ 2339.784411][ T1294]  ? security_file_permission+0xab/0xd0
[ 2339.790765][ T1294]  vfs_write+0x2d7/0xdd0
[ 2339.795021][ T1294]  ? evdev_read+0xe30/0xe30
[ 2339.799545][ T1294]  ? vfs_read+0x930/0x930
[ 2339.803895][ T1294]  ? __fget_files+0x26a/0x440
[ 2339.809127][ T1294]  ? __fget_light+0xe5/0x270
[ 2339.813740][ T1294]  ksys_write+0x1e8/0x250
[ 2339.818096][ T1294]  ? __ia32_sys_read+0xb0/0xb0
[ 2339.823050][ T1294]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2339.828980][ T1294]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2339.834897][ T1294]  do_syscall_64+0x35/0xb0
[ 2339.839328][ T1294]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2339.845236][ T1294] RIP: 0033:0x7eff6688a649
[ 2339.849671][ T1294] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2339.869292][ T1294] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2339.877719][ T1294] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2339.885699][ T1294] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2339.893676][ T1294] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2339.901655][ T1294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2339.909632][ T1294] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2339.917628][ T1294]  </TASK>
13:51:48 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000000002bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:48 executing program 4:
r0 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r0, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010)
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f00000003c0)={0xa, &(0x7f0000000340)=[{0xffff, 0xfe, 0x1, 0x401}, {0x9, 0xe1, 0x40, 0xbc}, {0x2, 0x50, 0x0, 0x2000000}, {0x6, 0x22, 0xd3, 0x8000}, {0x1, 0xaf, 0x47, 0x1}, {0x8, 0x0, 0x3, 0x1}, {0x2, 0x2, 0x7f, 0x401}, {0x0, 0x0, 0x20, 0x9b1}, {0x4, 0x0, 0xc1, 0x80000000}, {0x400, 0xeb, 0x0, 0x6}]}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r5}]}, 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)=ANY=[@ANYBLOB='I\x00\f\x00', @ANYRES16=0x0, @ANYBLOB="10002dbd7000fbdbdf250200000008000100", @ANYRES32=0x0, @ANYBLOB="08000800030000000800020001000000080002000000000008000700", @ANYRES32=r0, @ANYBLOB="08000100", @ANYRES32=r5, @ANYBLOB="060006000400000008000400e0000002"], 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000440)={0x198, 0x0, 0x100, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r6}, @val={0xc, 0x99, {0x3, 0x7}}}}, [@NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, @random=0x3ff}, @NL80211_ATTR_HIDDEN_SSID={0x8, 0x7e, 0x2}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_MAC_ADDRS={0x64, 0xa6, 0x0, 0x1, [{0xa}, {0xa}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa}, {0xa}, {0xa, 0x6, @broadcast}]}, @NL80211_ATTR_MAC_ADDRS={0x1c, 0xa6, 0x0, 0x1, [{0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_MAC_ADDRS={0x7c, 0xa6, 0x0, 0x1, [{0xa}, {0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa}, {0xa}]}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0xd017d0bc7ae1d7b0}], @NL80211_ATTR_HIDDEN_SSID={0x8, 0x7e, 0x2}, @NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, @random=0x6}, @NL80211_ATTR_HIDDEN_SSID={0x8}, @NL80211_ATTR_INACTIVITY_TIMEOUT={0x6, 0x96, 0xffff}, @NL80211_ATTR_SSID={0x24, 0x34, @random="bed85291ae545d9fae7febc146de6ba281509500"/32}]}, 0x198}, 0x1, 0x0, 0x0, 0xe8c1}, 0x24040001)
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="0400deb5a5a14e1de2ceaf22400bb0b9e7227dd1acd68b33792743b38ae02289a6"], 0x8)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'wlan1\x00'})
syz_emit_vhci(&(0x7f00000002c0)=@HCI_VENDOR_PKT, 0x2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8}]}, 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8}, @GTPA_LINK={0x8}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
bind$packet(r1, &(0x7f0000000180)={0x11, 0x18, 0x0, 0x1, 0x7f}, 0x14)
syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200) (async)
sendmsg$nl_route(r0, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010) (async)
socket(0x10, 0x2, 0x0) (async)
write(r1, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32) (async)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$packet(0x11, 0x2, 0x300) (async)
socket$can_j1939(0x1d, 0x2, 0x7) (async)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f00000003c0)={0xa, &(0x7f0000000340)=[{0xffff, 0xfe, 0x1, 0x401}, {0x9, 0xe1, 0x40, 0xbc}, {0x2, 0x50, 0x0, 0x2000000}, {0x6, 0x22, 0xd3, 0x8000}, {0x1, 0xaf, 0x47, 0x1}, {0x8, 0x0, 0x3, 0x1}, {0x2, 0x2, 0x7f, 0x401}, {0x0, 0x0, 0x20, 0x9b1}, {0x4, 0x0, 0xc1, 0x80000000}, {0x400, 0xeb, 0x0, 0x6}]}, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) (async)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r5}]}, 0x34}}, 0x0) (async)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)=ANY=[@ANYBLOB='I\x00\f\x00', @ANYRES16=0x0, @ANYBLOB="10002dbd7000fbdbdf250200000008000100", @ANYRES32=0x0, @ANYBLOB="08000800030000000800020001000000080002000000000008000700", @ANYRES32=r0, @ANYBLOB="08000100", @ANYRES32=r5, @ANYBLOB="060006000400000008000400e0000002"], 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10) (async)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'}) (async)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000440)={0x198, 0x0, 0x100, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r6}, @val={0xc, 0x99, {0x3, 0x7}}}}, [@NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, @random=0x3ff}, @NL80211_ATTR_HIDDEN_SSID={0x8, 0x7e, 0x2}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_MAC_ADDRS={0x64, 0xa6, 0x0, 0x1, [{0xa}, {0xa}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa}, {0xa}, {0xa, 0x6, @broadcast}]}, @NL80211_ATTR_MAC_ADDRS={0x1c, 0xa6, 0x0, 0x1, [{0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_MAC_ADDRS={0x7c, 0xa6, 0x0, 0x1, [{0xa}, {0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa}, {0xa}]}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0xd017d0bc7ae1d7b0}], @NL80211_ATTR_HIDDEN_SSID={0x8, 0x7e, 0x2}, @NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, @random=0x6}, @NL80211_ATTR_HIDDEN_SSID={0x8}, @NL80211_ATTR_INACTIVITY_TIMEOUT={0x6, 0x96, 0xffff}, @NL80211_ATTR_SSID={0x24, 0x34, @random="bed85291ae545d9fae7febc146de6ba281509500"/32}]}, 0x198}, 0x1, 0x0, 0x0, 0xe8c1}, 0x24040001) (async)
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="0400deb5a5a14e1de2ceaf22400bb0b9e7227dd1acd68b33792743b38ae02289a6"], 0x8) (async)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'wlan1\x00'}) (async)
syz_emit_vhci(&(0x7f00000002c0)=@HCI_VENDOR_PKT, 0x2) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8}]}, 0x34}}, 0x0) (async)
sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8}, @GTPA_LINK={0x8}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10) (async)
bind$packet(r1, &(0x7f0000000180)={0x11, 0x18, 0x0, 0x1, 0x7f}, 0x14) (async)

13:51:48 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 92)

13:51:48 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000000003bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2340.047133][T15356] Bluetooth: hci8: Received unexpected HCI Event 0x00
[ 2340.074316][ T1310] FAULT_INJECTION: forcing a failure.
[ 2340.074316][ T1310] name fail_usercopy, interval 1, probability 0, space 0, times 0
13:51:48 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000000004bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2340.102229][T15356] Bluetooth: hci8: Received unexpected HCI Event 0x00
[ 2340.143618][ T1310] CPU: 1 PID: 1310 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2340.154003][ T1310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2340.164091][ T1310] Call Trace:
[ 2340.167410][ T1310]  <TASK>
[ 2340.170368][ T1310]  dump_stack_lvl+0xcd/0x134
[ 2340.175006][ T1310]  should_fail.cold+0x5/0xa
[ 2340.179556][ T1310]  _copy_from_user+0x2a/0x170
[ 2340.184332][ T1310]  input_event_from_user+0x131/0x3a0
[ 2340.189669][ T1310]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2340.195530][ T1310]  evdev_write+0x356/0x760
[ 2340.200001][ T1310]  ? evdev_read+0xe30/0xe30
[ 2340.205492][ T1310]  ? apparmor_file_permission+0x264/0x4e0
[ 2340.211356][ T1310]  ? bpf_lsm_file_permission+0x5/0x10
[ 2340.216766][ T1310]  ? security_file_permission+0xab/0xd0
[ 2340.222354][ T1310]  vfs_write+0x2d7/0xdd0
[ 2340.226638][ T1310]  ? evdev_read+0xe30/0xe30
[ 2340.231958][ T1310]  ? vfs_read+0x930/0x930
[ 2340.236328][ T1310]  ? __fget_files+0x26a/0x440
[ 2340.241046][ T1310]  ? __fget_light+0xe5/0x270
[ 2340.245710][ T1310]  ksys_write+0x1e8/0x250
[ 2340.250064][ T1310]  ? __ia32_sys_read+0xb0/0xb0
[ 2340.254840][ T1310]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2340.260754][ T1310]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2340.267026][ T1310]  do_syscall_64+0x35/0xb0
[ 2340.271460][ T1310]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2340.277457][ T1310] RIP: 0033:0x7eff6688a649
[ 2340.281881][ T1310] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2340.301589][ T1310] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2340.310012][ T1310] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2340.317992][ T1310] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2340.325968][ T1310] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2340.333951][ T1310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2340.341942][ T1310] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2340.350025][ T1310]  </TASK>
13:51:48 executing program 4:
r0 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r0, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010) (async)
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32) (async)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0) (async)
r3 = socket$packet(0x11, 0x2, 0x300)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f00000003c0)={0xa, &(0x7f0000000340)=[{0xffff, 0xfe, 0x1, 0x401}, {0x9, 0xe1, 0x40, 0xbc}, {0x2, 0x50, 0x0, 0x2000000}, {0x6, 0x22, 0xd3, 0x8000}, {0x1, 0xaf, 0x47, 0x1}, {0x8, 0x0, 0x3, 0x1}, {0x2, 0x2, 0x7f, 0x401}, {0x0, 0x0, 0x20, 0x9b1}, {0x4, 0x0, 0xc1, 0x80000000}, {0x400, 0xeb, 0x0, 0x6}]}, 0x10) (async, rerun: 64)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r5=>0x0}) (rerun: 64)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r5}]}, 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)=ANY=[@ANYBLOB='I\x00\f\x00', @ANYRES16=0x0, @ANYBLOB="10002dbd7000fbdbdf250200000008000100", @ANYRES32=0x0, @ANYBLOB="08000800030000000800020001000000080002000000000008000700", @ANYRES32=r0, @ANYBLOB="08000100", @ANYRES32=r5, @ANYBLOB="060006000400000008000400e0000002"], 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000440)={0x198, 0x0, 0x100, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r6}, @val={0xc, 0x99, {0x3, 0x7}}}}, [@NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, @random=0x3ff}, @NL80211_ATTR_HIDDEN_SSID={0x8, 0x7e, 0x2}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_MAC_ADDRS={0x64, 0xa6, 0x0, 0x1, [{0xa}, {0xa}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa}, {0xa}, {0xa, 0x6, @broadcast}]}, @NL80211_ATTR_MAC_ADDRS={0x1c, 0xa6, 0x0, 0x1, [{0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_MAC_ADDRS={0x7c, 0xa6, 0x0, 0x1, [{0xa}, {0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa}, {0xa}]}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0xd017d0bc7ae1d7b0}], @NL80211_ATTR_HIDDEN_SSID={0x8, 0x7e, 0x2}, @NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, @random=0x6}, @NL80211_ATTR_HIDDEN_SSID={0x8}, @NL80211_ATTR_INACTIVITY_TIMEOUT={0x6, 0x96, 0xffff}, @NL80211_ATTR_SSID={0x24, 0x34, @random="bed85291ae545d9fae7febc146de6ba281509500"/32}]}, 0x198}, 0x1, 0x0, 0x0, 0xe8c1}, 0x24040001) (async)
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="0400deb5a5a14e1de2ceaf22400bb0b9e7227dd1acd68b33792743b38ae02289a6"], 0x8) (async)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'wlan1\x00'}) (async)
syz_emit_vhci(&(0x7f00000002c0)=@HCI_VENDOR_PKT, 0x2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8}]}, 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8}, @GTPA_LINK={0x8}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
bind$packet(r1, &(0x7f0000000180)={0x11, 0x18, 0x0, 0x1, 0x7f}, 0x14)

13:51:48 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 93)

13:51:48 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000000005bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2340.475567][ T1325] FAULT_INJECTION: forcing a failure.
[ 2340.475567][ T1325] name fail_usercopy, interval 1, probability 0, space 0, times 0
13:51:48 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000000006bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:48 executing program 4:
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x1}}, './file0\x00'})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_GET(r1, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000001c0)={0x18, r2, 0x307, 0x0, 0x0, {}, [@TIPC_NLA_LINK={0x4}]}, 0x18}}, 0x0)
sendmsg$TIPC_NL_BEARER_ADD(r0, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)={0x200, r2, 0x138, 0x70bd2d, 0x25dfdbfc, {}, [@TIPC_NLA_MEDIA={0x154, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3f}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x400}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x81}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffffffff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x401}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7b}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}]}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x200}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80000001}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xb2a}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_MTU={0x8}]}, @TIPC_NLA_MEDIA_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fffffff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3f}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xb60}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80000001}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}]}, @TIPC_NLA_BEARER={0xc, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x8}]}, @TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x80000000}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1}]}, @TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xfffffffe}, @TIPC_NLA_NODE_KEY={0x41, 0x4, {'gcm(aes)\x00', 0x19, "b30cd3bc135aed0cc54d81f382b12cae3e3a62fbbe7f0e2e6e"}}]}, @TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}]}]}, 0x200}, 0x1, 0x0, 0x0, 0x8000}, 0x4040)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYRES16], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0x0, 0x34}, "36c0d26bc004f8945351b22cb162769c158f7235ca8c4188f4953524e7c079792e7942876ce5b3f292bf27021772f4cf11c207d8"}, 0x38)

[ 2340.521810][ T1325] CPU: 0 PID: 1325 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2340.532236][ T1325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2340.542498][ T1325] Call Trace:
[ 2340.545796][ T1325]  <TASK>
[ 2340.548759][ T1325]  dump_stack_lvl+0xcd/0x134
[ 2340.553467][ T1325]  should_fail.cold+0x5/0xa
[ 2340.558038][ T1325]  _copy_from_user+0x2a/0x170
[ 2340.562769][ T1325]  input_event_from_user+0x131/0x3a0
[ 2340.568100][ T1325]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2340.573977][ T1325]  evdev_write+0x356/0x760
[ 2340.578454][ T1325]  ? evdev_read+0xe30/0xe30
[ 2340.582997][ T1325]  ? apparmor_file_permission+0x264/0x4e0
[ 2340.588787][ T1325]  ? bpf_lsm_file_permission+0x5/0x10
[ 2340.594203][ T1325]  ? security_file_permission+0xab/0xd0
[ 2340.599804][ T1325]  vfs_write+0x2d7/0xdd0
[ 2340.604182][ T1325]  ? evdev_read+0xe30/0xe30
[ 2340.608812][ T1325]  ? vfs_read+0x930/0x930
[ 2340.613183][ T1325]  ? __fget_files+0x26a/0x440
[ 2340.617992][ T1325]  ? __fget_light+0xe5/0x270
[ 2340.622626][ T1325]  ksys_write+0x1e8/0x250
[ 2340.626979][ T1325]  ? __ia32_sys_read+0xb0/0xb0
[ 2340.631762][ T1325]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2340.637689][ T1325]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2340.643622][ T1325]  do_syscall_64+0x35/0xb0
[ 2340.648056][ T1325]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2340.653972][ T1325] RIP: 0033:0x7eff6688a649
[ 2340.658400][ T1325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2340.678022][ T1325] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2340.686449][ T1325] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2340.694431][ T1325] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2340.702409][ T1325] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2340.710388][ T1325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
13:51:49 executing program 1:
ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f00000000c0)={0x2, 0x4, {0x9, @struct={0x7, 0xcf9f}, <r0=>0x0, 0x0, 0x5, 0x8d0a, 0x6, 0x3f, 0x80, @usage=0x7, 0x8, 0x9, [0x2, 0xfff, 0x0, 0x5, 0x9a1b, 0xaa8]}, {0x3, @struct={0x9, 0x80}, 0x0, 0x0, 0x81, 0x8001, 0x3f, 0x9, 0x8, @usage=0x100000000, 0x8001, 0x0, [0x3, 0x8, 0x1, 0x9, 0x7ce, 0x9]}, {0x7, @struct={0x2, 0xffff}, 0x0, 0x6, 0xef45, 0x8f4, 0x2, 0x8000, 0x0, @usage=0x3, 0x0, 0x1000, [0x9, 0x3, 0x4e0, 0x6, 0x4, 0x6]}, {0x20000000000000, 0x8, 0x2020000000000}})
ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000001580)={0x0, 0x0, {0x0, @struct}, {0x0, @struct}, {0x0, @usage, <r1=>0x0}})
ioctl$sock_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000040)={0x0, @l2tp={0x2, 0x0, @empty, 0x80000}, @l2={0x1f, 0x6, @any, 0x992}, @nl=@unspec, 0x700, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)='veth0_macvtap\x00', 0x0, 0x0, 0x114})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000003c0)={0x0, ""/256, 0x0, 0x0, <r2=>0x0})
recvmsg(0xffffffffffffffff, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000001840)=""/91, 0x5b}, {&(0x7f00000018c0)=""/80, 0x50}], 0x2, &(0x7f0000001940)=""/34, 0x22}, 0x2002)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000280)={"e6696328276c80ede1cbb140551427cb", r2, 0x0, {0x0, 0x3}, {0x0, 0x8007}, 0x28e, [0x0, 0x0, 0x0, 0x10008, 0x0, 0x4, 0x0, 0x0, 0x0, 0x80, 0x100, 0x78, 0x3, 0x0, 0xfffffffffffffff8]})
ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000001e00)={0x0, 0x0, {0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000840)={{}, r2, 0x3, @unused=[0x0, 0x6, 0x70000000, 0xffb], @devid=r3})
ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000002b80)={0x6, 0x4, {0x6, @usage=0xfffffffffffff389, r3, 0xff, 0x800, 0x3, 0x80000001, 0x5, 0xe0, @usage=0xffffffffffffffff, 0x0, 0x1, [0x8, 0xcae, 0x8, 0x3, 0x1000, 0x5]}, {0x0, @struct={0x6}, 0x0, 0x1, 0x9, 0x8a, 0x6, 0x4, 0x1e, @usage=0x80000001, 0xd55e, 0x1, [0x10000, 0xffffffff, 0x6, 0x3, 0x8348d65, 0x9]}, {0x101, @struct={0x0, 0x4}, r1, 0xfe97, 0x3, 0x80000001, 0xffffffff, 0x3, 0x3, @usage=0x8001, 0x0, 0x4, [0xfffffffffffffffe, 0xe730, 0x1f, 0x7, 0x3, 0x85]}, {0x401, 0x6, 0x7ff}})
r4 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r4, &(0x7f0000000040)="e2", 0x1800)
r5 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r5, &(0x7f0000000040)="e2", 0x1800)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000001a80)={"a11583a4c9d4f748f08e71f414e9b99f", 0x0, <r6=>0x0, {0x9, 0x9}, {0x2000000000}, 0x400, [0x9, 0x5, 0x7fffffff, 0x38000000, 0x20, 0x0, 0x8, 0x60, 0x5, 0x6, 0x7ff, 0x6b, 0xfb4, 0x3c, 0x9, 0x3]})
ioctl$BTRFS_IOC_RM_DEV_V2(r4, 0x5000943a, &(0x7f0000001b80)={{r5}, r6, 0x10, @unused=[0x5, 0x5, 0x6, 0x8], @name="8953a3cce1e91e2b924fd13d6b2f1d9d05f267f5c950407fa032f5ce24b43e2e2040b5a99155d0db94cc92dd6e7de8fcc7dfcb1b693e534363f4ba64a53bf55235a0f703bd1a3ccbf6b698adbcf89c17d1e8b6544db46f1cbd4b6d4c23cd99a01033d4eabaf6656aacc8b5e30d3ab009f9de20a5c0af4eb3b3c68eb16c542eeaece81544fe57bfab5253a985e8120e446e31af29f2a34dc73e4f5b99f891330088f7e8832ffe80cdac91a03457fd91371320a4a14dcaf724f60146564485d26365226c3995f6072e76ee2ec9dd83997c4b90f68441c90dff7f9ac5a6172b98c9a08ebd0304103ada15f3f6a3ab5479583bf9d7881769367b805c5479e63df3579c1fdc703ca17786736f71ff0368e01df8eaaa98215b4ea88e8ace1c9bc717125d2371d595bc91ec8b00a21fc3942fca26115878a98f6ed3fddad1f485c890fbfc6f4759444b8925550a026515e217d13a5f389587d327402fab3a3b0f8dc8a5d44978d7fd9a1f27ca59dc6eb78dc85149ca906f3dcd9669b6a300328999842e47c3c1aa808817075b368ef3d2600f8769c26c3395d9f7dd5db43f508e66d92efc50b9d0e4636003c9cfcc5fdcfb013db63481d94f2b068f9f8c41414adba25a0c0b69942fbfbf0b0db0a121641f9b40a6d61e530245031bfb5f7b899f0dae1fe1e482c4e57deb34b2be31f0b00995063c4a55ab475666277fcc8ca336c4f240c1733765e4379b2b50787a4185f72007430ac4b82a2b40bd45d84bfe52dec9445914dea4681cf4f450c451f59583521ac2f09de10c15be1dcc18e62e053f162e8318e9da0d0e724d2f64da2915d056d8796c4c6fc16ef86fcdeeb84898e3dfa125dd2b197fa5ffb99001e9a66a2c2bce973b3f41283e1abf59bf270022f6bce991fe7422c40da92b3548816faf72964b0d12de2ae9d3cb7bfc169a342fc7b2452860c6294ed1a4ed93f562fb492a7eaa16b2a50784537f1e4e361bf02d769c12718a1e3ccfb496b258546f4f7bfae59b382cb129447e7273d29c620d76930a8828bc1b1cabc2f1566fa4e5649cad521c50910d746732442a830e572981e4091efd25ce85aac82412b91f01e4a1c7fc056166148430db5c922d96cfbfc6575b862ab04459af315ab6ab74a12982eb5b15d44f99206e751c738e156a69202e4cf3a87ff4a1f247f0d411c3bc92837e9852275ba100434489f3a983dec0670827f3f855dd881138f46bde3fedbcb07901d88ccf754c74cd4e8d435e1e856d813f89f10811d4feb92aa6c0fbdfeb9552c0e2faea761db232e1a705073d07373f6e93ba546b227573f82185ff7caf174799eda460f64dfd7512d499ce30728912d052f48f8aa2a2a37b49772ba4d37df6c8e5dd01f95c0a661d4c565886f9e800282c5ef9d731b15c86cda9608f346d861b734b95efb0f5a39f4e0baef573cb75dc4e6d0a61f2d8c7350df9506e34248322c0527ffe1db1b158c39ffa614bbf43220811cafb4443efe76a42ceb834df6297015d4803469eb34d551627fd4036300b3dfa57147f9d59aace31c0051b72b634893efe2b3bf8586e6fa19e67f35675be59c55fc08638df6fda6b24c564b787106bfdbc0e07b352f63a442a3d3f9b7abd5aec6a74de6968c19e519554b408c09c017a8fea1deabcd7f7bfa729e42bac8044fbe4c4832b2580110bdf3052d78d18e8ff07c42d916de2c5103e471592f6e8becbd07a75f3fc2fa2d683749b9fb5e1678e33d0b2e0bd63d4089f2bc7c939df5ae35124be69b4915295d8c8366c7e4c363f3c24c0047dd782e44495bffb20cb43d311bf3d829a9033436eaa3f9d4920f3011212e64657e5844415409babc095934b71bcced24764b0180f49dd46a5de5a34c3f33fc2b562b906a4dc2ec7e9eac0bd7865af098f09bcfafb8b9aee894d5ccf08cc7bb2e2842edd89e987007cd431ae0c84d6041d6b278fa28208ba527b1fbfdae3f06295729c703be48cbb120e3a1b4115bd380d08a2aee553c02bf68f92aa868ae25485dc50b4bcff74e255b445816e31dd65da91e9ba7b39ac62c3fea89f9ce508c7b5182a95eaa0975aff80113ddc8fd66685d9c104fdfaf88e94ce748d401def43418a7301f508e21dde3ed2709f08ce6c0b6323d0e88ac11a891cda445a6ed7f04b5b9759d2dfff76da12078aab5f9934fd9f5d8160f3ac06940e70a4ca5ebcb3946f2a0274e034516e9c15828bb5b58ac1a05dafe8e9be9173a5739445cdc635ef93bb099f0832de6fd13d540cf4a59c48830c1a96d94ab4e25c3555ad285a52a8de146bef6e5610cbd8ba6731faa443e8f07d7e4bbe0d0a223c27b1ad2a35875ce10b22f0ee424cdc5b8ceaba1e27e049ffb56a286fc3ee53146b821f88b47086631ec9ac268af137348ae9be05283bfe540e10b9d8722b16def244aca92a36d3493288216f8f21211cc4085f231ee7378f844e5a4e581f6b6b7ecd4ce343285cc01dec423d95724beebbdf021f865704e0dc0955a911a2b9dfb8625bbdf28b440222cafaccb66e9ace17be09de9afc715c67768a24b78c8fc2110e4fd8f10717c3af9bc97586a3ef52d9401e3f51b9e23745ad77107fea32d52a48533e9672ed96a9fddbb0b2f770cd89c4b903377ac6422893d1d675b12aa5107a78cdf92373ca6850b055d46b8025304715eaaaf5e3dc2182162f0ca031bed9cd7a1740fb296c3493bee769cda0b588986d7cfc7ceb0dfa1a6ccd34e72b37904fddfae1dd43030659475737acd914d1e3e7ce914479435e19544614133e930492b63ab70ac02c3297fa41d8eeff488dffc882ad47a2fbd9d40a2a29e29c41dc9eec5085b359d400c033e60a6b2ea586c0e3091c5131fe6e033f02688c02de99426ae4730c3455949908ca8b6656ff6026933822cc1c2ebd9e04a72f796c436db4a411a54f159bf15117227fb70da000ee9d253f76e0d8c8ad96c1031a7163e01a5d0d82934355383bb65a2d5e280546ca5022aba1d5116791889dca3c144b11e33390f482d65d9bfb72d04d4fc33230bbda1101f6c3d04cc8445c5b6979f0cafaa5d19e3e640dde96634b807a3c464065822fa1029c871c1d7c7c78dc73134acd6634b1ec10a61699239faca4b9688b9c4483962a614f1e9c33910b19090f6a7e0c42213a228eae4e88ab57dfecf9fb358c5a7d9ffa3eab7e56074bfb2b27f93a29fe0a0a29ad1ec9c24c76063e292b97bd1331cfb30e3f282ff6d55e7f9928a648987aa2b44fc81a29caf4a0c18cc858489220716042664e717af5a14449430dd0bd6ff6164eb6df0d94c95196314bcdd7c2f9dddf99ea4ca06f41ea228c6e4cd2e14d9b36fec40aea2c334f092d43e239e4658773205f8ee4c7fce73ee167a18743adf0a4f8dc615e3e0b650a2b091bc1cd8d65de3dd4261f295ddc12d5418094cb1918b9726c153dcaff4abc5231e83af68a8076aabb56a6e335b250678f94a418a18f984684f8cd2f74e9a9fdd704d09daf782e393ae8709851d64ac9e204693da609f5c99fcef207fc8b3f3a567f69b63804164411c57d944c889dc5c6754dcd56a60c2fd16965bfd5ecb0b3bf67b7267af51724c78b97f734a13ece7909919ff174d3b968868066a3af72517c0f75daddf4e512691d613ede3234c51e7e92ff9de09e92da608f4a69f5e9d1480c8f7e0511f2f023c1093777669372d0371e5c7553b1df591d33aadb6f8fa94c5256ee327e9aa501040d53b8362ea26fadc7acf09add07b96758702d53e69f08fadaaa10ca1e6296e0088eb778a978e0ad2c671da201d08feb489ee16b7d12c3dfa5d342f9f1812002d741e571ae9c6c8ef5bd89ced6aee571b0d3425eb89632e0b64fb977a0ffd80c96986b8934bbe00b95c51f86d6ca34acb9bde814097a85bc166b3369da4192e32b4e71757c0935fb5107f59c12f5da7410fd0e88cede2b48a5efcff32d294c4ee6de9b48fffb81269c69128b9c2ebdea2a439bed0ac96bbd8d28c952c4f1569c178b80adbeddd089529615ff829460f2c8b81dca2c2ffaabd90f9f981e49103068db46951de30c720a9a882ebe10b9e60e803eb58fbf0a8e4b4f2b2962f008891408095a09b74f95ead091e7ce62bf2bcf01f379c2f6fab740e71e51dc44552be24e12729d2aacd9b849a02719d541a474d1df4daaf545b7702645fc3ceb1d305b8a8803f7ec5f95c0f36f78f8b68c0b2e0b91ef9ef27fa6735b44fdef353cca39adbb803f1f38ba2363405e6f7c61364aa1fe76b43ed6a2d8222afec4aaf053d6179afaea4afa1a872f84ecdc4657cfae2a992dc8adf16ff2db886b47cd4b815845b05ff05e72cf60467e6839b1221a7d5bc84545d7ff51c34ce240c5d6162e837b1ae5b7ecced4fa3432be1c64c048a41317bfe7145c3a408a9b2c449359dd861541bb90f2a447782fb6acc7f0b376f03dc7f648dc4bc498858fa052859c51dd42217c8409c89c2d3cc4fee2cb7688f0b8b77bac86c7c46fc8c477f938802069ad34273fe0748db7ddc8bce4b7a4e5764b44fc43e6363c57bd5a93173c964adbec3872c07a2d6314e679f6dc950950db36fa18ac443eb584f2710a1efabb995ee741c0910e9f465263f52204a89d953b6601a21f481a1264332e5ec0065d6ac5021aa7ee95ec030af6c42bcf549639f2b782180cad29a0eec929756efd492f11949b47ca353ce72c7caa5f1a2d3ffc559aa368f5223e291f1abe1f6811beb8b3e9e4fc0026e29416e3d2b80af983cfeb6b9023603da9e4402e9e0c00ae48eb96158993c91c10ad423527ae211f0869db959d109abb3b4a364822e4d6133e99548b86c7f1ca03e72daa112cce1070c695792f2c46efc656c4f78f88f038678e14706576587c0f195b85c7470c5a2a49d987776057398c4d9d5776e606f4e80dc0bce161e0505841d6e0ec18a3d022a4ca1aa1c731ca0878b3400fdbe7e51f1d59e49103cffcd9298616d9406ddd258a9b526103b68cc6e02e71b5d2665ad480e44dd89ecccc21d25c055a473401aad23ca550c49c334c5c2950f30117ec84f2c37abb7a046c43e9935d42212cfa08783aa3833a3a49dbaf437179999557f878a9101be2882edd618d5f792d9cca47095ab15f993bd7c9bbb741e29663fb4d5ae686657a6e5b573013c41b7a53587ef6152f425140bb8c0389caa16e7c6da061af8bf48e6e0d8a9c90b5b05b96f82ebbf41cd0cc9ef11bc63310ebd603e53ff442af5fe61814c4c18af6b6acecb1810ba12b2f4d8bb5b64fa4f7b10cdb6638b15e1a430753fc81047d53043dd6b96bd84a88b3293e2b14f1c666813f9e3f2200e7ec9626d0fa6636b5773ef1a75e6d0fd611603d8997c149f14b8ed378edfe8f37cf7aa0e42a1a7ebef62e998a0b3f4acc28491c8403097890b6987184ca4c86be7418103fc9976042a346cf96203d5f29bd9268be4321c8dc0568601ce794665f7b631549da902e1338937e4233ed33dfaab33b2ba2404195bbbe3933f9340d0b74584d2e27dad4b17b6db2eaf9343f12699e722897fb45fa3d3989789d87908bb1770d867ca2b97f342abc9cbb69f5fc52f4eab1ac36aab74ed4196c54b0e1a4d919d1f3818532aa06c8f6cf87b42b60d3d3bf24c1f804ef2802b75a349c18202bbef86a9b63f885cba5d22be3cf1447fc2bddc28e46b84ca038da511553bf64d14fa5f34113429cd7934f500f06b7791718dd1597512b2e45002f2a0eec"})
ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f00000004c0)={r0, "8801813fa11a51478e39ae2a15565dd9"})
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000001980)=ANY=[@ANYBLOB="03c9007c3e4ab2b542bfbe0c7891115ba28634dfc079c35b8ab86781e02b52ed3310cf91c80a3fc00079e60a62bbb7f049732359363d5ecd477afc7bbb8c53ff07000033d37fb88810454a14f40b8a2a3d7d1f46d91d73696269f75a33aaee89d17c8c588b64603bcb101300000000000000000000000000008aec0d02a14faadcc8b298e028078110ef3ed9309d630b2efa03d8bb658b482397476bbc34f2cf4146d2be4e5535988c69f56127b952001897bddb274da63e0843411a284847c9ae41f36fcf0391bab2effa0fa1e0ec5fb3166d01b6b805dcca9fd842933f057955d5e509933833571ed29540bb7f8ffa3b"], 0x80)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(0xffffffffffffffff, 0x40485404, &(0x7f00000014c0)={{0xfffffffffffffffc, 0x0, 0xb66, 0x2, 0x41e}, 0xffffffffffffffe0, 0x9})
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000002f80)=ANY=[@ANYBLOB="0100000001000000180000de02abd8ea53296efdc97900", @ANYRES32, @ANYBLOB="02000000000000002e2f66696c653000"])

13:51:49 executing program 3:
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000140)={0x30, 0x5, 0x0, {0x0, 0x4, 0x800, 0xd2c}}, 0x30)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000000)=@newsa={0x154, 0x10, 0x633, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@dev}, {@in, 0x0, 0x32}, @in6=@mcast1, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @encap={0x1c, 0x1c, {0x0, 0x0, 0x0, @in=@empty}}]}, 0x154}}, 0x0)
r2 = socket$caif_seqpacket(0x25, 0x5, 0x5)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005800)=[{{&(0x7f0000005440)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000005580), 0x0, &(0x7f0000005700)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r1, 0xffffffffffffffff, 0xffffffffffffffff, r2]}}], 0xf8, 0x40}}], 0x1, 0x40)
stat(&(0x7f0000002d40)='./file0\x00', &(0x7f0000002d80)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000005140)=[{{&(0x7f00000000c0)=@abs, 0x6e, &(0x7f0000000040)=[{&(0x7f0000000140)=""/195, 0xc3}, {&(0x7f0000000240)=""/215, 0xd7}], 0x2, &(0x7f0000000340)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, <r4=>0x0}}}, @cred={{0x1c}}], 0xd0}}, {{&(0x7f0000000680)=@abs, 0x6e, &(0x7f00000018c0)=[{0x0}], 0x1, &(0x7f0000001900)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, <r5=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa8}}, {{&(0x7f0000001a00)=@abs, 0x6e, &(0x7f0000001b80)=[{&(0x7f0000001a80)=""/83, 0x53}, {&(0x7f0000001b00)=""/2, 0x2}], 0x2, &(0x7f0000001bc0)=ANY=[@ANYBLOB="1c0000000000000001000000020000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c00f2a95c939780ae45000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000028000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1400000000000000010000000100", @ANYRES32, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c0000000000000001000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=<r6=>0x0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32], 0x108}}, {{&(0x7f0000001d00)=@abs, 0x6e, &(0x7f0000001e40)=[{0x0}], 0x1, &(0x7f0000001e80)=[@cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, <r7=>0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, <r8=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x110}}, {{0x0, 0x0, &(0x7f0000002440)=[{&(0x7f0000001fc0)=""/154, 0x9a}, {&(0x7f0000002080)=""/155, 0x9b}, {&(0x7f0000002140)=""/228, 0xe4}, {&(0x7f0000002240)=""/21, 0x15}, {0x0}], 0x5, &(0x7f00000024c0)=[@rights={{0x10}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x28}}, {{&(0x7f0000002540)=@abs, 0x6e, &(0x7f0000002a80)=[{0x0}, {0x0}, {&(0x7f0000002680)=""/59, 0x3b}, {&(0x7f00000026c0)=""/43, 0x2b}, {&(0x7f0000002700)=""/254, 0xfe}, {&(0x7f0000002900)=""/79, 0x4f}], 0x6}}, {{0x0, 0x0, &(0x7f0000002b80)=[{0x0}], 0x1, &(0x7f0000002bc0)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001800000000000000ba420001000000", @ANYRES32, @ANYRES32, @ANYBLOB="1800000000000000669a96dc4c307b53", @ANYRES32, @ANYRES32=<r9=>0xffffffffffffffff], 0x50}}, {{0x0, 0x0, &(0x7f0000004f80)=[{&(0x7f0000002cc0)=""/29, 0x1d}, {&(0x7f0000002e00)=""/4096, 0x1000}, {&(0x7f0000003e00)=""/4096, 0x1000}, {&(0x7f0000004e00)=""/143, 0x8f}, {&(0x7f0000004ec0)=""/192, 0xc0}], 0x5, &(0x7f0000005000)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {<r10=>0x0, 0x0, <r11=>0x0}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x100}}], 0x8, 0x12000, &(0x7f0000005380)={0x0, 0x989680})
r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
r13 = syz_open_dev$audion(&(0x7f0000005680), 0x4499, 0x0)
r14 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000056c0), 0x2, 0x0)
r15 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r15, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000005c0)={0x0, 0x154}}, 0x0)
r16 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000000)=@newsa={0x154, 0x10, 0x633, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@dev}, {@in, 0x0, 0x32}, @in6=@mcast1, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @encap={0x1c, 0x1c, {0x0, 0x0, 0x0, @in=@empty}}]}, 0x154}}, 0x0)
r17 = socket$caif_seqpacket(0x25, 0x5, 0x5)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005800)=[{{&(0x7f0000005440)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000005580), 0x0, &(0x7f0000005700)=[@rights={{0x18, 0x1, 0x1, [r8, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r11}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r10, r4, r6}}}, @rights={{0x20, 0x1, 0x1, [r5, 0xffffffffffffffff, r12, r13]}}, @rights={{0x1c, 0x1, 0x1, [r14, r9, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r15, r16, 0xffffffffffffffff, r7, r17]}}], 0xf8, 0x40}}], 0x1, 0x40)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000001c0)="6b0ceb6d79d905189f02b4183bf8fc9842447911fa36c51681c0bda114a04066dbe4c8555cd51ba79b176bb58c39d500f8d908a999cb5d977240a3d1537eb41a57a882f24562ab93106438133d023b9fca3aadd102f10fa3e01475897f5e0df9e223c2126a0ffbe245b6c29241ccbd7a5afd41c73bdc6e78e7257f8920f5e4ad5642d61572cad9bb802dda95bd2a9b9bcfc3fe96e6dc6eefa8e9e62202d233f905e05469e8252e799d8629d554d98d67a6fbc81c5fb0711bdbbd10820ee2420df1bcde1617123daa66fa9c5cc7103ca9550d0b4ade160783f5860a2136f9520bca58bdd0c4b60050f025a84cdc13819136855d1a117c08ec2995c91004287abb290bf4c7e080bf67a6e97829a6ab6d6b81119cc3d7747a0e465ff48f3b676a68216e5b114f987ca6d32a72c4b09e769ebf82367441a7cd085c5b73258482d559efb3667d9109d09a19091c9130d51f66134bdee684d911a1995b420e4fa4da4bfe2978160c4b0b3d66eec903d95c88a7a1b5e2e59f5fcb386066de058b15a5c9edf9cc220623146e3c2afb0fe8be84a7678cab8e29932b62813f848e5bec79f61c2465fb9dc0dc0bdd8f7e742ad15faa4be6131086a35e6fd681fc997ddc7260d215bf2686dbff5bdfa07d353b69eed53d56a069049ec82f782da2110680a7c276965aa910bf9c1620a646edabb8922faa42d7547bc760d5b0678e930df19940099460dc01a6f71c84490427463753b8eadafc628d8f3b36954cc7046704c723f528fc351e2bc3ff17b63a8f9aefa884536f1ca2fcac5b7b29ef667996947f59fb7adedc28e01696f365e74b214c720c506941c358c4d0942b72986785dd2d8a72feb957bf8af1b1a34d747e074b3d1c8f783b724cd2618dfd2490dda319c2638b690b3ebaba06674fcc1c6a3e60169ea3f6a366ee63bb87aedffc4e8e9cd9dc4fea7ef0f1d5273cc6b952c190978b4430caf668ecad64bc1f5318fdd338ca41cd0df97d1f8286a32599133d653b56cc5e13dcfb03f454e6805e2a9d2b1f174517136b1234dd59495c52c25f3ca21c7686742c40867eaf44ff07c848c0dfb19810feacbf79a940fe5bda3ce36d9a593f3cd1b0bf8d72c2d2d995cc130989454475c9f11475ca39a23132a88e15a4ae1d300073db4c25aeb98622d77089edfb73dd1140e058fdfc4ca1d13b438d1825b6de5994ef5830cd3f2bbd75eb749b079b1844312243182c777da39c3f13f349af9c0ec190cb3a99381198dcafe671b35e8beb898b0ac97834b770e8417b1ab882e6c1dd4ce688c363c2c3f2a0ed14ba05510973346fbffed591cb712c24ad02ec272ed003c90376c09709c8a2666be38a6ea9e103b3f7eacbabe857f15a5bdf6bf7b0f399ddebbae70a039e9e530b0444c52a36e21e176390117b6e125bb0c67fd1c2a295a65f40db89e0e11e4cb698399beb6fca0062898cd47e7bf3191f89fd7f240e3263d718177f5773babfdffb2b55fcf8369b8ccda17356cb077df85e829a1533f5b23df9b2cfd343ae0fbc6624b38aaa839ae83ccf60cc0f83291c1ca5b6b465bba7b9d2adb42f65493426592f4a3e369696504d528830e4bc23c754f27615a7bfb17f4ec2c344a80443da163ed89843dfbb8f39b1ee4b28779f8ef607cea78e86376645a1241dea7fd5fb73b4fcc49e052dfc1eb7c9a90f13ec5f210b6f93ccccf9405329472933f70a513874eae185908ebbb41a0e0c87cfeda3877202a91b2dd51485e8ef3bc5fa0b1cbf6ad402eeae53e3520ab3266dddff69a9a83a69912446da9f11700dcafcae348c166950b2936acd9b0694dca272b5d8fac90492535b77651fa8e0ed7b4f2ce460560b78a12eb5ea7b3eb09395d8f515ab593f31f7fb2bef734d009df3f626943d7695062867d30c87560592327f502b32ed99e0ca30024a2d3cd62915d062dab52da46274df64e8b82d87f112d3e48d669600fbfdc408582226e75444ed45680ccabc67291d8aeb217ff56bd3bda8f2f7463f4b7490056a49bfd3c6bcb2649a02d3180e88e78434b3e6735f607798fab1510d91b4f736fa3c4a743f9583aff4fb3950a1b510e425b7d0cde46946ea5301d482ac7251cb27f4c5b3eabc6d41a002125e8c3426f74d493c58d87d4114c49fa52cb14fd537174714cda5c75af1b96efbb1ae9d01e345af30dde23aeeaab120b3443a547c96e18e33105d7e08dd98626872e59507536230ca9137dfd5ab0c4f5806fe117f196fd186414e32e9e3fa5a7184751416138e8084c96eaf4fa6ed130f38379ccfc613e71037e7b07e35e965ced809aacb938bd702ba521c2fefebd83451b394d7b77dff3885faacd2b2e0b9bb93f9329851d6fa957db25cc1e5a4eaa6e0ef5ddc5b849df152381ae27a0f17abd1e9cf0e784139a98ce349e5ce813fb8887dc930a056e26816d9a9959ef129fc8f44274a47834cc57a58fbb84b04e7714ff760669032e87b1575e9ad200191d96dc68b2ee104d8e310db615bfc38a7d0baed136c8c3def6d5a4358523c87789c6acab77cd255cf11beddb9b4ba12c4de8f7e7a9641366ff75a10da4440e3250a95cacbe3374bfc9c40972c6bac650b65128e136a1bd84a20065632ebf26b76245af5ad65626b7984acaf2c31528da294da15995bf0b2a0f192936b5e8332037d60ebcb069d621a7cecd959665730b369602c642130b234b7ef35a249135042e3acf3e149c232bbafcb1bd3a1e85e3af8ed8af45e88c423fa3271a98355231b80ad085630e8e2dba38485b86b0eadfcb08b9b1ad159a67d0fd2a2b3acc084aee41afc5c2e185983695a29ac8e2204872af88d0830a369aa341abe46412157cea3d97814eb52b2b2dde7e833919f1848d125e15791982bc4aca9cd8ec5f5ff0bbfde42d497a1402463cdbbbaf04dedd9862e1ec1ee770fa04350536168a8b54c147f448f5fbbf9073cdbc356c59741b7a8b6071c960a2b11b087fc056d0cae776af146b40ab86515a3f8839847af9111a3d6aacbe47daa80472a740a1eebc188534377167da0a0e37dd3cc82160fa4e648b7b46862e82b962ad96be237feb999254ef533b883617dc6efce0a4d5563a849e2be72fbb993b8fdfefd04b69b42cfbe6e02a107ec0949ed68e2c04f70693254b849d81d43cff3128a3404ee54737bd5ba3567ad5d30a83862efd2a39898b8ff97afd413ac1791096406fb5f6edcc01a232a2659069dff28e677802be60bfeae9336546f6fefa4051601cbada1b6c319bbf4f0d0d2d2d4518ff3b25d4635b7943da87275ed83a83a3c775059e277ea69ca55680872c4d51a9c4c0cac6c90269b0cdfab1f92a4741db2c47077c6291b246f4236fd9ae30e228ce85701a5b37e315704b34148a8d26fe751d6d4cf272d7b6d8d269d3a4cbb3e24e328c431b0a017d2be0d58b310973e8eae10c2f934ae7c1282979fade5c7d6c205d68e9c0a1eabb461604f91ce81841c21b9fdb9cb87033f8f24d567331865ac2a2f57443dd7aad4085d92ba8dfadb80d440438274e6923f835075805d4be0ece39a5b1f08dddb021f57976092e7986d0438e5f4da7c65f279f9964667c75d2437a7e3bda8d4ada51889ae1e2a9732998ffad54f018cabb7ea673c524a92288bcf6cd95a9e674eb5d5c5497650e2a7f343a073e1f519d2919ad78bce71ec0364e905735d6aa2e2f6d2860c721df8efd9e28d2d043b33001421cbfdd144825b05e556108f0efa4005c6d3cf285f90b8ef1aae4d01b1735c742b9c54816c0ba02aa14123c2a8ad5c992f7c9eadda900b91854cd1797dc51f5c611dc951bb4c7302e473a804b1dd65842f18a2cbbe954fd3c773e23c147410f2686c19b4a6727a07b469698eca6f5dad0a74a17fe77a43d9b6481a19cd911a22eb85fd329d0acea702ea4fe769bc9e47a8e538a01688244bcf1b9915b82d2cd136d7dbf9dd58d76778528d499d245e236474b32afe65c55a29ee43258d6642af471f75b76717001459df6b3f815544f48f07aa0c455d1c5d8fbec14dd57421841c8322791f884496c6e7380b99f4b18265ad83a3607b51095f48734f1e85c60d1c2c8ca97245de67590e743902e9c63669913aed7549995dd092f8c75227b634f596a6a1fdb120aca177f583b845b105e6a18ad72aa748177afa249bac1177b10238ef6282f52c579d32b9619f19d1ff0880b06ec6d8ff37735b39d21fd64ca8ba2cb386dae021372ac91896bb45cb15a5a9b4c1871659cbde893890bc45ddebd4a8aeee3b259f27027a7acab9e563d93043390dcadb997cb8c5e48496e5cf21de47931d68ed4a2a225db7a33463e28d318668aa7a6174f921750b59d0a163ed473adbe6426411f08a813280fc383b4a0cdad902b24398d4559d61df261495c84504880858254900f8ebddc92ab17740dbb4e4b460b7f649cfabdb1387fee72a7cfcf4eb6abda088b143051b23cb2bde96cb4ab640a4de6e612f5d75c5ada0b09da6e385809ed568c9aaed972fa1dd8bf93f0df683a4a5634c1458eb9d8bd64bdc726ffbc42e0b311cee588e3d8e084a380eab0c5a72cf0fe5cb36f4949f2ef2ca0552f4f022dde48e83eb48cd5fdc137b8955131693cf3be678caca0a17baf7b1fa2b21cd2740fb0c024be13e18de0c677255897e47b62573d3f4f78fd941c4f7fa95f45a3ddd7df061c99562fc69fe39811351b2b7c0119d059acb1744554afa4a3b0f1cf46929628a04d5c82d4e6d61e9b9c261853ec839a49bff12175a26d00a0d770d80eb9abfa584cb9cc45b3dae7da59f907c71181b910195f75682ad18b6adc10c371e6f9b5df57837e6224c9f3026f2502f17c976f4699382667b73fe0c82b1cd40b9374dcc6fdfcb0aa230b848b229e29dfb64278bf7c20b5026f90f1cb82c7fc83b6b4b8520f1e04e0e3cf85f15cf7615386b7a8f3d7614039c2476c4b71d5139d9291d590439de5bd6978405f3c73e897fae77874a3e708393d2aa222b53c4363f71b2dcfb8310bb1ca0983bd256c8153fbbf6319df8f2b5cae14556d5d77eab9f54582d34931161d84945a7685bcc597450d92934e96bafa4242bed07ed32d4efebdbb69b5511e35afbf4af0cc22576c048b39b1ac11aa619231610d7f5e801ac4042b36f55e475f08a690918d753a7fda460a3291bb16ce53a85419b0e8ddaa79376d33435f9d9e4b3338160282381313fe5a6b6c51a9bd469867b166957611fa14ba87566cbbdb1884dd80f35f565150fd4afac95f360d2e73541510a4e2c9df35004542174829101aef3d118e376110a162698a8f0c7798a38ed4a7f8c169de9ae80ab61423fe232f0c07bf8c230a73a597bcfcae77f0b743d678a736613f24859641e79df4d0f8d11b718aff8699a8c860bc7980ee606f91308379684d4475ba94fc0db87fa0002eff063304a4dba84208e21c8333f54a34f979c597daa3e03d4c472014847c220ae81011e80020fd664a580a66dcbdb0bf520d0daea6672cd4afe7c58daf9b280966b99563c9e27201336aafe2e263ae884fefe73143124ed052a398c171b6a1fbb98934ec64dec4498109f4c7a4e24defe6e907d1d8dab93c9ea7b7ff368093653403e78ef952a5846e6a8887d25e382935a4f1db5e000d4b4597b48594f9d8165dae0e287c044b984529a4c78f630aab85bb5dd5001e5ac670c9fd08e121418ba5fdf9bafa4e014de17132dc7beb2e03e737248397c68f507c85a9ad48aafc4bdef906c10617819d450262aca05461fa9c9e3987733d4e512a7fca7e71c23ff5828d7aeacbc3fc1ebe6c6d4df231f77c7a60eb4692376d8de24c8ff230ad6d8a8425fdbe3fc59b58a1f02e285dc196c42d9d5c554c073c2b3602890618a6c7447c77798f02a2168fee8f76f0ea5daf8d76b431802dbf37f4d47cabc6007707f8fed5acbcd8882fe173913a43bbc3f960dc386c522b639c7fa3366b130d44a188e0b31b6f4ddd55e2ee4ab96250c8c1f462b35267a9cd56c0cb53c8dfe6eb04d8bac32a3c4b2846178de752cb43f8923c200e96dbd2e53bb8cb98793265caa632b1984d95f8141cb521ed1b96c627c9b94d1c837fdcf462cbd547edeeb794600b84da867ae4e8b3da5b35d4efaa772e4050efadf98ae54c91d29729aad5c07f5137ae2c60e893eeb0cab4fec6f60a75ceca3a864c44aa6ee4297480814c1550f37429ed0e4115ed054adefaf7e2f7f134033b5c5eed545b219a999e22f94692b235b88cd2fef4dfacd7af8377767837f7c7e5efb6c3785cbb8bec37e6a0fa7c9e93a9b8d65bc60130e6f10fefbb4abbf162b46d7750c8c56c2893b5cecfddcee180ee207c7328d9d6d7bd9d47c0ce03f395ee51b1c66aa205daa3d858fd88d228ae08171c5a1bce9a3b7b46ab33857354c8a2046d4e89f8a8bb16a8c471f5e45bc554fb0bba973ebcc2c0602e24a3ba9d2bc97a1660a150bb5ce9ec5227598cfdbd24ab7cc27278c1265dcfb04cffbd95b086a5d48af233f9620fbb79d9829d7bfe5f0819fdd67d91bb775ea91dd06c051c85833c8f436a6f7ac7bdeff837961bbcc3e5708a55e850655c50fc6c7a19482aa8bd84d4d066598af48c4392ef43c03d1a0c62667ee190340d363e876b413f406f3000103d45fa1ca22e0539a67dca8542c0ab8acf971b27e92a2a189866f70f7ef05b1dc953e38d66f3409d28c540275072ad4cfc11675c46bc038066a1ec7edd436c73bf540fe950b3b5ee9802807b0f7d5453ecfa80854194c2a6ad1648ecef8834db8200a306e73147224b8e623a655edcf56e6b7c49f55a54887b66b09421b7166f5716e1f32dd37d72c63c9b403738b7f3c6943ef6164c4d1af94dffa11f8c453a29334424ff2da6ab41c87868dab2e10cc109b1e0c4cb0f627bcebd8a953adb0f399f492a34b9c463b4132d9d5a2b7b509bf88c5c966e8407b1e0d3383033b264fd11bd98434b0890dc75ae12a123a26d88aab18f6fd426cab13f94bfdb039747b310c4275db81c0ef6bc78ed6cd028a40efe10af1b79141fbf6537f50b8f1555f9a3b09fa87a664f799beb20fc8d4160face9ec2786ee6388e6cc87b83af6ff1982dac00ea79b55a2318d7a50ba03261536c3baf7cd82a3e269fda765ac640dcb0a8767cbd2835bd233ba9f295b5d40adcc2e79406d6fc81de4ce126a7ecbf95baca940fffb42a32575ce7aeb49e3a4f393dee9f9065a43b86c9d289a1f8ff2295cc6ee2de7f39d5fd11fbf7c83bd66108c37ebf6b9a613c1ea6911a6d37f17b0579c4c899893d0556d784127590f5724de652099a52de782e413ee717709c2ca147556648e895dd94afadf7d3bd0624edbe481b680387f84e723634c885bea4a1821cb14ad9bdb9583d2df3c7f5016db544cc4b8606c5ec6afbc90e70995f6c0e6e68d86cfb615ba5cb11fbea7c197b3e4a091ce0a4d6e068b1c683de716211c75459834ecc01c57c5e99d277e615dee33851b93728f1109b526946d51bc06fa74d88dddd7211c0abe1151d3706511073dbd05f96e740de142a4b28e2e0d3ad6eb0505e87576415571e6441994529abb72226eacc033490d433cbb4e22111f99339173f5346543c4e0734d207065cec1d2641a0879125d6ec360edb700d076861abca65e0b2ccacba80d106694a2d6fe671b3ba22ee11a86c176ba5c99bf04c893fe98fed07d594b4c991761fcf6452b0e04d6bb286038f2b8450bd8428e73f6821e337491eaed9c0b6db00e7b9928fae6362d18c5a4c297805c7b32ea3044b0d0e7ef0f54a6a8a0f98992329fbe9fb548acaff36e103233c8903523f9ce1069cfbe24c57e935b35606d477b780eeeabc88e3b9677586c2f5111e74e60f2dc8efa76fbf614327e7dd144fd626fdbfcf5db7fc9456e181c135d3d620ac5c5c4ab4346b78ca0d26ba79ff4b37b62451ce7bfd72d8bd6d8ff2822f99e7f0f936c1c963231154716d57b9bbe8d76514826555cee884177d747adc187d9f9857d31d9493930ed8cd5e5912963894915407d42b593fd13ced44aaf9abb778e318dfe82a7a71a36e5d2068f553b6204403db397a67df79f581335c5e8743436f1ef20a2f2fc32bdaec6bf0a1177c18e95a89eff2e6d15ed1aa4acd7051c13848e93497f9732bfc5ab96f9300fc283d44242542215f180953d3c298cb4e7fa093b6189b42a9f103e7cccea7c2ea80d70f45c1cec4d5174a4fdfe174258c3b9cfd6625806cc94a2e83152edef02304e669f77ce30dbbf2e5b6373f92e39612b06f7659be3dc690698fc84d379c57dfb09cc5c79a94cd414c2da0fd8f6c308329b918461922c580c194bf330c512bf201ce16d819fa2b1c6a3a4581f8ba1302bde3258439b2deacb5f6294e205be135b4a5e96856f964f339e6199b72736dcf1b8564f166948ba7c728a0f29bc95dfd50be0cc4970a51653db6a2ee04acc108a84155fd6e6291a722c049cd815393594a49cc0b1f2070c05abcf0c35836afe2fc25f0b2fb8bcd4cc201ae57055e51583a8276491b09ad2d5eea7c61dbaa6ca1e1d94470ae720adef511296877526cb49f7ff818d97b8015a399eb4bea2c2398050ff67539e0a81c5068feb9a23b009d23468fe5d3e3df9ac688df4ea6e4b7e633896e3279f18cbce83020b14f2b8cb93cac5961be48f8c5c75a92eb89b09faa1f5d7dcc6496770999355364439630a84aaa9802f2a2068ef8371b72282d6f90e800fbdfc7c169da8dbd623d6f0d09e929bb92e4e1f1bf62f3a787ea73f43201d21102341c8b54edcd471cc40561cea5854fd7237d6417546534b89384cb5345ee49f4de8dfa3d62b9bf13fa97b085987dbcd3cb433d5b15be9044b49999d132f1922cd99fb2b37fa9181b49e5ee6f4474402dd4ee54cb9e89af464940b105da4b53625e73958b409bac1ae5672f608ce5e5a47dfb164184c4864485c6fe95a023ae71f237f94eabe09ff5dbecf1a84c815f99d67810c1f6fdfab3cc3a03fc38d60c8b27df471fdbf58fe8625f930cf53a57beb063c9098600cc02b97c8dab2d5ce2c4f4a4684a0cbd94193abe643176a9551f4c8139adc1597916d789dfc1dda5b0d0287fcbec35121d55ea725b22460aef8deeed83b45f80b4fd0520f51fba58a0155112a88218f2bbe4bf76cbd3f2ae97d89cd8d9cca10b7e349c3045f4e85e9d85f05642f4d8e91467c4e4a0cd5503f5220ec8b906a79d0f311cb4bac3438b93310d8e21da011bd7ee65107adf85d8eb0a73c2f4a5ed65b2b38dcd53bd7ad9e94194696a0c92c72aa1e2029eae56884817f968c4fac9073e9a1f82283808de4be312e08ccd74450e43d5e96a57efe9ffb98122a8c9a968e1635e029ce4a46282129562356d83f89c51b91a8b6c36cb4c5596218c747ec671e1b41cbc34fece7ec85d327ea80e973a247a0be9423aad44fbae70347deda698d00366d20c3676afda493d3955fe2a4822c9028a6cf52435a6a41c4f66a2bde16bfcdf2a3165df7911f7d06a30ac9fa1663c30adbe5c66b201c39a1b7e597395976e600675f3402c643d334fe365e66ed2882260ee4f92f6a088925cc1ed1ff4969fe25431a5660fd4f9d0328384550f3c9029be93ecff2e7822ff4d94cdb893c26269428cb196db1f16ff27e263348286c8ff8bf932cab11cbf0880be61c78fbe26ad65e49ca08d16a5e3a627a4781b3931d017c0a5c5a21726403b927c1499c2dd7fba9d498206d94933d61862b1842b594c71d168e4905700fa3dd3e7234ee5926a1055a78a2daac92bbcdd102ad15748e38d492ad472fcb37383f36c84ebcffb68a18975e91f472397bee05e8dac74ccf51f2e8d9600765269ff2043f8de046ccd0ec342f1af5d85fb2c2b5c22a643bb9fdc2f6bcd8e2985c0d9e04168926ae2c9dbdb0b3f3ba6b62bd4182bed8cc045c2a17d1f486f68f576d1113ceefd365c57f44e93f0631f10448e81d3fa75ef08eb14aa4c94e3eeb27d8482144942045d954978ec8d047f9adb816697899d43392e4d453b597f77e7f0cbd8edd1691eb70ef46447d040a162f1fd69a7862f44a2c76acae891c29bef5efa4db4b3b927fdec936b5c3906bf95582a4cbe53f2fee3584f4066248c7a9c4de9c38e257501e8acf9fcbb422634c06af6c0ab01c530e8310876edffa217038e2675d45eb4e0e9711b861766b785dd4030f8487ac8b1a955b0817365a2a079dc6168593ff0fa8769e9b3811fa8a5e897c77328e04a972ee839458e9f47358f026faae1de145a6067d4caedea95eb5bf468e8878b9d0c76cc0c1678503ada16faa9c1cec4bd802727dee7e3bf22b8962edcdf4b8511b648e6c4e962c997172b6fab313fb56662ce331c7a79b5a6ebbf1cae3111c5af8e350b4395df9e9ed809a649dada2d210bb33fa4308567bdbcab37e431cf4ca3e14127fd34073e70d943bfc3ea79ac2cbf36f7091020f866cc6c11e28e92c3e05941ac70705a7ab129aee2fcf7f54216556835d4f0e74143a379c4204d0800ac3e0164962cb76c5ee53d412968882acfebee5e15a5176b1657faa9a5daedef97e6c10131c15bc97dedd618e2bd0cd24d962163f30a137a3efbe45ff4c419dd6b4a36f94b42a82166a990266baea677c5ecf13f4dd0cfac3a00613bdf8fc5c3255d4dedb10faf50d7595eefe7d56d634b88751845820f97a76e71d5eb085f6b398a8546466c7df4357512955f10c829997e8357aa17eb02271d02578b0763d60912029a52783807ef2cac990cef99a420824800d65ed51b455503edce75b856fd66de64bcb378e4d0b3338c592110bc830049456691247a5d811dd23197e4ef9b259a5b9155a514d72939e093f6c7e4c84dee8b156d0d6efa4bf52049847192955f83a57b105a66b92ba445ad1e2e612f634cf5d8ee0d080db1e73abad0fea77f62b349190e36e9f705b6f4e76a8ea71785d3546c9e0a52791346005591110fd130ee70b4692eaff4db49ce1372f99edf53f720e5f694de56371486e716b06ba8ae1e09b62bd071b33d9e97b1a3de7ab41ede5973d86666e6b4999fd830502624f4ee35a9c8f7a238113ad33e34484055c0f46ef9d77c26aa2e0cea0877f112c0b866bc9d38a73247b62f72027cd578306989e7653052cdf34b211571846b36b0974e54275eaf1fe56c5fadaf8d3a75e7249ead4ca072abad76d2005b94b63272dbe71e2ed96acb8188f0c903714d4b525958b6c61b0b5bf09635d821b5bc6772fd493220f50b9c36f3f23efb13b192ae489f27d5f0780823646388776c6ad252709b3a29e01c7dd15171ab25247d1b66b659cc6939f6ada6632799738a2e6ef0693243c4b708bb7c27f632f85ad337654966c3719baa62437eaf6a0b1b83a5cce0c88d5dad52e3b393784dff7f417057870c33becd96f6d9bde73462af9366617510102acf91e454cccd7c4ce512adcc5658e13fbd43269e1c612fa75801a39a8cba3fb19208d2d03a547898beffc6ffc1f7a49d6cd4d132b8e1fef1c8400ad58e573ae704913a27522b08eaeef7b6cf25af93e626e6467e57423aa5fee873f06c6ae509baa4b820b00c212123ce4fa0f623912619eb81e893e07bc07757565d64e3ab3f0e22fa88ad2f32c7bb59ece9cb0e2f80f", 0x2000, &(0x7f0000002f00)={&(0x7f00000021c0)={0x50, 0xfffffffffffffff5, 0x9, {0x7, 0x24, 0x8, 0x5000, 0xffc0, 0xf3c3, 0xc5, 0x4}}, &(0x7f0000002240)={0x18, 0x0, 0x10000, {0x2a9}}, &(0x7f0000002280)={0x18, 0x0, 0x6f3, {0x2}}, &(0x7f00000022c0)={0x18, 0x0, 0x0, {0x2}}, &(0x7f0000002300)={0x18, 0x0, 0x1}, &(0x7f0000002340)={0x28, 0x0, 0xfffffffffffffffb, {{0x401, 0x0, 0x2}}}, &(0x7f0000002380)={0x60, 0x0, 0xffff, {{0x100000000, 0xffff, 0xc29, 0x61fc, 0x5, 0x9, 0x0, 0x9}}}, &(0x7f0000002400)={0x18, 0x0, 0x5, {0x40e4e2df}}, &(0x7f0000002440)={0x11, 0x0, 0x5, {'\x00'}}, &(0x7f0000002480)={0x20, 0x0, 0xffffffff, {0x0, 0x1}}, &(0x7f00000024c0)={0x78, 0x0, 0x0, {0x8, 0x81, 0x0, {0x5, 0x9, 0x3, 0x6, 0x40, 0x4, 0x7, 0x8001, 0x50, 0x1000, 0x3, 0x0, 0x0, 0x4}}}, &(0x7f0000002540)={0x90, 0x0, 0x9, {0x3, 0x1, 0x3f, 0xfffffffffffffffc, 0x80000000, 0x4, {0x6, 0x5, 0x7ff, 0x80000000, 0x3, 0x3, 0x60000, 0xffff81e2, 0x978, 0x8000, 0x4, 0x0, 0xee00, 0xfffffff9, 0x8000}}}, &(0x7f0000002600)={0x150, 0x0, 0xffff, [{0x2, 0xc6a0, 0x7, 0x8, '-@/.+@*'}, {0x2, 0x3, 0xa, 0x3c, '/dev/fuse\x00'}, {0x5, 0x1, 0xd, 0x7e, '*{-#%,::\xba$^-+'}, {0x1, 0x0, 0x7, 0x2, '[#)\'%{$'}, {0x1, 0xe65, 0x5, 0x9, '&*,*9'}, {0x1, 0x3ff, 0x0, 0x4}, {0x2, 0x8000, 0xa, 0x81, '/dev/fuse\x00'}, {0x2, 0x3957, 0xa, 0x1, '/dev/fuse\x00'}, {0x4, 0x40, 0xe, 0x1, '[/*(\xa3:,+\'@:\xbc$('}]}, &(0x7f0000002800)={0x518, 0x0, 0x6, [{{0x3, 0x1, 0x10001, 0xffffffffffffffff, 0x1ff, 0x1, {0x3, 0x8, 0x0, 0x80, 0x10001, 0x100000001, 0x1, 0x56f0, 0x2, 0xc000, 0x0, 0x0, 0xee01, 0x9, 0xfff}}, {0x3, 0x9, 0xa, 0x8001, '/dev/fuse\x00'}}, {{0x0, 0x1, 0x0, 0x623, 0x7f, 0x3, {0x4, 0x10000000, 0x6, 0x7, 0x0, 0x9, 0x0, 0x16f, 0xff, 0x8000, 0xfff, 0x0, 0x0, 0x7f, 0x8}}, {0x4, 0x1, 0x8, 0x6, '{\'/{[**@'}}, {{0x5, 0x0, 0x10000, 0x5, 0xa1d, 0x4, {0x6, 0x7, 0x80, 0x1f, 0x4, 0x5, 0x9, 0x69a9, 0xfffffffa, 0x2000, 0x3f8, 0xee00, 0x0, 0x4, 0x1}}, {0x1, 0xffffffffffffffff, 0xa, 0x0, '/dev/fuse\x00'}}, {{0x2, 0x2, 0x8, 0x1, 0x7, 0x8, {0x3, 0x115, 0x7, 0x8, 0x8, 0x6, 0x5, 0xa6d, 0x400, 0x8000, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x8}}, {0x2, 0x101, 0x0, 0x1}}, {{0x1, 0x0, 0x3, 0x8, 0x0, 0x80, {0x3, 0x7fffffffffffffff, 0x2, 0xffffffff, 0x4fa00000, 0x7, 0x7f, 0x1d, 0xfffffffe, 0xc000, 0xffffff81, 0x0, 0xee01, 0x7, 0x1}}, {0x2, 0x4, 0x1, 0x80000001, '\x00'}}, {{0x5, 0x1, 0x6, 0x7ab, 0x476e, 0x4, {0x0, 0x646b, 0x3, 0x0, 0x68e, 0x0, 0x3, 0x8, 0x200, 0xc000, 0x401, 0x0, 0xffffffffffffffff, 0x3, 0xffffff00}}, {0x6, 0x9, 0xd, 0x1f, '!$&(-\xe4/()]+])'}}, {{0x3, 0x1, 0xadd, 0x1000, 0x9, 0x6, {0x3, 0x1, 0x60, 0x0, 0x1f, 0x5, 0x592, 0x5, 0x1, 0xa000, 0x1, 0x0, 0xee01, 0x1, 0x22d33caf}}, {0x0, 0x9, 0x0, 0x3f}}, {{0x1, 0x3, 0x369, 0xffffffffffffffff, 0x20000000, 0x6, {0x1, 0x80, 0x68, 0x1, 0x10000, 0x5, 0x588, 0x800, 0x0, 0x4000, 0x9, 0x0, 0x0, 0xa3000000, 0x8}}, {0x5, 0x9, 0x1, 0x9, '\x00'}}]}, &(0x7f0000002e00)={0xa0, 0x0, 0x5, {{0x6, 0x0, 0x6, 0x7, 0x68180000, 0xfff, {0x5, 0x7, 0x3, 0x9, 0x7, 0x3b99, 0x4, 0xffffff7f, 0xff, 0xc000, 0x4, r3, r11, 0x0, 0x3}}, {0x0, 0x8}}}, &(0x7f0000002ec0)={0x20, 0x0, 0x8000, {0x935, 0x0, 0x100, 0x9}}})
ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(0xffffffffffffffff, 0x80dc5521, &(0x7f0000000040)=""/153)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}}}, 0xa)

[ 2340.718398][ T1325] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2340.726395][ T1325]  </TASK>
13:51:49 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000000007bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:49 executing program 4:
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x1}}, './file0\x00'}) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_GET(r1, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000001c0)={0x18, r2, 0x307, 0x0, 0x0, {}, [@TIPC_NLA_LINK={0x4}]}, 0x18}}, 0x0) (async)
sendmsg$TIPC_NL_BEARER_ADD(r0, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)={0x200, r2, 0x138, 0x70bd2d, 0x25dfdbfc, {}, [@TIPC_NLA_MEDIA={0x154, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3f}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x400}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x81}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffffffff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x401}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7b}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}]}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x200}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80000001}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xb2a}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_MTU={0x8}]}, @TIPC_NLA_MEDIA_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fffffff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3f}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xb60}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80000001}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}]}, @TIPC_NLA_BEARER={0xc, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x8}]}, @TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x80000000}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1}]}, @TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xfffffffe}, @TIPC_NLA_NODE_KEY={0x41, 0x4, {'gcm(aes)\x00', 0x19, "b30cd3bc135aed0cc54d81f382b12cae3e3a62fbbe7f0e2e6e"}}]}, @TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}]}]}, 0x200}, 0x1, 0x0, 0x0, 0x8000}, 0x4040) (async)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYRES16], 0x8) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0x0, 0x34}, "36c0d26bc004f8945351b22cb162769c158f7235ca8c4188f4953524e7c079792e7942876ce5b3f292bf27021772f4cf11c207d8"}, 0x38)

13:51:49 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000000008bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:49 executing program 4:
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x1}}, './file0\x00'})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_GET(r1, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000001c0)={0x18, r2, 0x307, 0x0, 0x0, {}, [@TIPC_NLA_LINK={0x4}]}, 0x18}}, 0x0)
sendmsg$TIPC_NL_BEARER_ADD(r0, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)={0x200, r2, 0x138, 0x70bd2d, 0x25dfdbfc, {}, [@TIPC_NLA_MEDIA={0x154, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3f}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x400}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x81}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffffffff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x401}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7b}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}]}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x200}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80000001}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xb2a}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_MTU={0x8}]}, @TIPC_NLA_MEDIA_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fffffff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3f}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xb60}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80000001}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}]}, @TIPC_NLA_BEARER={0xc, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x8}]}, @TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x80000000}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1}]}, @TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xfffffffe}, @TIPC_NLA_NODE_KEY={0x41, 0x4, {'gcm(aes)\x00', 0x19, "b30cd3bc135aed0cc54d81f382b12cae3e3a62fbbe7f0e2e6e"}}]}, @TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}]}]}, 0x200}, 0x1, 0x0, 0x0, 0x8000}, 0x4040) (async)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYRES16], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0x0, 0x34}, "36c0d26bc004f8945351b22cb162769c158f7235ca8c4188f4953524e7c079792e7942876ce5b3f292bf27021772f4cf11c207d8"}, 0x38)

13:51:49 executing program 3:
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000140)={0x30, 0x5, 0x0, {0x0, 0x4, 0x800, 0xd2c}}, 0x30) (async, rerun: 64)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6) (rerun: 64)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000000)=@newsa={0x154, 0x10, 0x633, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@dev}, {@in, 0x0, 0x32}, @in6=@mcast1, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @encap={0x1c, 0x1c, {0x0, 0x0, 0x0, @in=@empty}}]}, 0x154}}, 0x0) (async)
r2 = socket$caif_seqpacket(0x25, 0x5, 0x5)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005800)=[{{&(0x7f0000005440)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000005580), 0x0, &(0x7f0000005700)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r1, 0xffffffffffffffff, 0xffffffffffffffff, r2]}}], 0xf8, 0x40}}], 0x1, 0x40) (async)
stat(&(0x7f0000002d40)='./file0\x00', &(0x7f0000002d80)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000005140)=[{{&(0x7f00000000c0)=@abs, 0x6e, &(0x7f0000000040)=[{&(0x7f0000000140)=""/195, 0xc3}, {&(0x7f0000000240)=""/215, 0xd7}], 0x2, &(0x7f0000000340)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, <r4=>0x0}}}, @cred={{0x1c}}], 0xd0}}, {{&(0x7f0000000680)=@abs, 0x6e, &(0x7f00000018c0)=[{0x0}], 0x1, &(0x7f0000001900)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, <r5=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa8}}, {{&(0x7f0000001a00)=@abs, 0x6e, &(0x7f0000001b80)=[{&(0x7f0000001a80)=""/83, 0x53}, {&(0x7f0000001b00)=""/2, 0x2}], 0x2, &(0x7f0000001bc0)=ANY=[@ANYBLOB="1c0000000000000001000000020000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c00f2a95c939780ae45000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000028000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1400000000000000010000000100", @ANYRES32, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c0000000000000001000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=<r6=>0x0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32], 0x108}}, {{&(0x7f0000001d00)=@abs, 0x6e, &(0x7f0000001e40)=[{0x0}], 0x1, &(0x7f0000001e80)=[@cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, <r7=>0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, <r8=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x110}}, {{0x0, 0x0, &(0x7f0000002440)=[{&(0x7f0000001fc0)=""/154, 0x9a}, {&(0x7f0000002080)=""/155, 0x9b}, {&(0x7f0000002140)=""/228, 0xe4}, {&(0x7f0000002240)=""/21, 0x15}, {0x0}], 0x5, &(0x7f00000024c0)=[@rights={{0x10}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x28}}, {{&(0x7f0000002540)=@abs, 0x6e, &(0x7f0000002a80)=[{0x0}, {0x0}, {&(0x7f0000002680)=""/59, 0x3b}, {&(0x7f00000026c0)=""/43, 0x2b}, {&(0x7f0000002700)=""/254, 0xfe}, {&(0x7f0000002900)=""/79, 0x4f}], 0x6}}, {{0x0, 0x0, &(0x7f0000002b80)=[{0x0}], 0x1, &(0x7f0000002bc0)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001800000000000000ba420001000000", @ANYRES32, @ANYRES32, @ANYBLOB="1800000000000000669a96dc4c307b53", @ANYRES32, @ANYRES32=<r9=>0xffffffffffffffff], 0x50}}, {{0x0, 0x0, &(0x7f0000004f80)=[{&(0x7f0000002cc0)=""/29, 0x1d}, {&(0x7f0000002e00)=""/4096, 0x1000}, {&(0x7f0000003e00)=""/4096, 0x1000}, {&(0x7f0000004e00)=""/143, 0x8f}, {&(0x7f0000004ec0)=""/192, 0xc0}], 0x5, &(0x7f0000005000)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {<r10=>0x0, 0x0, <r11=>0x0}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x100}}], 0x8, 0x12000, &(0x7f0000005380)={0x0, 0x989680}) (async)
r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
r13 = syz_open_dev$audion(&(0x7f0000005680), 0x4499, 0x0)
r14 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000056c0), 0x2, 0x0)
r15 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r15, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000005c0)={0x0, 0x154}}, 0x0)
r16 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000000)=@newsa={0x154, 0x10, 0x633, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@dev}, {@in, 0x0, 0x32}, @in6=@mcast1, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @encap={0x1c, 0x1c, {0x0, 0x0, 0x0, @in=@empty}}]}, 0x154}}, 0x0) (async)
r17 = socket$caif_seqpacket(0x25, 0x5, 0x5)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005800)=[{{&(0x7f0000005440)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000005580), 0x0, &(0x7f0000005700)=[@rights={{0x18, 0x1, 0x1, [r8, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r11}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r10, r4, r6}}}, @rights={{0x20, 0x1, 0x1, [r5, 0xffffffffffffffff, r12, r13]}}, @rights={{0x1c, 0x1, 0x1, [r14, r9, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r15, r16, 0xffffffffffffffff, r7, r17]}}], 0xf8, 0x40}}], 0x1, 0x40) (async)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000001c0)="6b0ceb6d79d905189f02b4183bf8fc9842447911fa36c51681c0bda114a04066dbe4c8555cd51ba79b176bb58c39d500f8d908a999cb5d977240a3d1537eb41a57a882f24562ab93106438133d023b9fca3aadd102f10fa3e01475897f5e0df9e223c2126a0ffbe245b6c29241ccbd7a5afd41c73bdc6e78e7257f8920f5e4ad5642d61572cad9bb802dda95bd2a9b9bcfc3fe96e6dc6eefa8e9e62202d233f905e05469e8252e799d8629d554d98d67a6fbc81c5fb0711bdbbd10820ee2420df1bcde1617123daa66fa9c5cc7103ca9550d0b4ade160783f5860a2136f9520bca58bdd0c4b60050f025a84cdc13819136855d1a117c08ec2995c91004287abb290bf4c7e080bf67a6e97829a6ab6d6b81119cc3d7747a0e465ff48f3b676a68216e5b114f987ca6d32a72c4b09e769ebf82367441a7cd085c5b73258482d559efb3667d9109d09a19091c9130d51f66134bdee684d911a1995b420e4fa4da4bfe2978160c4b0b3d66eec903d95c88a7a1b5e2e59f5fcb386066de058b15a5c9edf9cc220623146e3c2afb0fe8be84a7678cab8e29932b62813f848e5bec79f61c2465fb9dc0dc0bdd8f7e742ad15faa4be6131086a35e6fd681fc997ddc7260d215bf2686dbff5bdfa07d353b69eed53d56a069049ec82f782da2110680a7c276965aa910bf9c1620a646edabb8922faa42d7547bc760d5b0678e930df19940099460dc01a6f71c84490427463753b8eadafc628d8f3b36954cc7046704c723f528fc351e2bc3ff17b63a8f9aefa884536f1ca2fcac5b7b29ef667996947f59fb7adedc28e01696f365e74b214c720c506941c358c4d0942b72986785dd2d8a72feb957bf8af1b1a34d747e074b3d1c8f783b724cd2618dfd2490dda319c2638b690b3ebaba06674fcc1c6a3e60169ea3f6a366ee63bb87aedffc4e8e9cd9dc4fea7ef0f1d5273cc6b952c190978b4430caf668ecad64bc1f5318fdd338ca41cd0df97d1f8286a32599133d653b56cc5e13dcfb03f454e6805e2a9d2b1f174517136b1234dd59495c52c25f3ca21c7686742c40867eaf44ff07c848c0dfb19810feacbf79a940fe5bda3ce36d9a593f3cd1b0bf8d72c2d2d995cc130989454475c9f11475ca39a23132a88e15a4ae1d300073db4c25aeb98622d77089edfb73dd1140e058fdfc4ca1d13b438d1825b6de5994ef5830cd3f2bbd75eb749b079b1844312243182c777da39c3f13f349af9c0ec190cb3a99381198dcafe671b35e8beb898b0ac97834b770e8417b1ab882e6c1dd4ce688c363c2c3f2a0ed14ba05510973346fbffed591cb712c24ad02ec272ed003c90376c09709c8a2666be38a6ea9e103b3f7eacbabe857f15a5bdf6bf7b0f399ddebbae70a039e9e530b0444c52a36e21e176390117b6e125bb0c67fd1c2a295a65f40db89e0e11e4cb698399beb6fca0062898cd47e7bf3191f89fd7f240e3263d718177f5773babfdffb2b55fcf8369b8ccda17356cb077df85e829a1533f5b23df9b2cfd343ae0fbc6624b38aaa839ae83ccf60cc0f83291c1ca5b6b465bba7b9d2adb42f65493426592f4a3e369696504d528830e4bc23c754f27615a7bfb17f4ec2c344a80443da163ed89843dfbb8f39b1ee4b28779f8ef607cea78e86376645a1241dea7fd5fb73b4fcc49e052dfc1eb7c9a90f13ec5f210b6f93ccccf9405329472933f70a513874eae185908ebbb41a0e0c87cfeda3877202a91b2dd51485e8ef3bc5fa0b1cbf6ad402eeae53e3520ab3266dddff69a9a83a69912446da9f11700dcafcae348c166950b2936acd9b0694dca272b5d8fac90492535b77651fa8e0ed7b4f2ce460560b78a12eb5ea7b3eb09395d8f515ab593f31f7fb2bef734d009df3f626943d7695062867d30c87560592327f502b32ed99e0ca30024a2d3cd62915d062dab52da46274df64e8b82d87f112d3e48d669600fbfdc408582226e75444ed45680ccabc67291d8aeb217ff56bd3bda8f2f7463f4b7490056a49bfd3c6bcb2649a02d3180e88e78434b3e6735f607798fab1510d91b4f736fa3c4a743f9583aff4fb3950a1b510e425b7d0cde46946ea5301d482ac7251cb27f4c5b3eabc6d41a002125e8c3426f74d493c58d87d4114c49fa52cb14fd537174714cda5c75af1b96efbb1ae9d01e345af30dde23aeeaab120b3443a547c96e18e33105d7e08dd98626872e59507536230ca9137dfd5ab0c4f5806fe117f196fd186414e32e9e3fa5a7184751416138e8084c96eaf4fa6ed130f38379ccfc613e71037e7b07e35e965ced809aacb938bd702ba521c2fefebd83451b394d7b77dff3885faacd2b2e0b9bb93f9329851d6fa957db25cc1e5a4eaa6e0ef5ddc5b849df152381ae27a0f17abd1e9cf0e784139a98ce349e5ce813fb8887dc930a056e26816d9a9959ef129fc8f44274a47834cc57a58fbb84b04e7714ff760669032e87b1575e9ad200191d96dc68b2ee104d8e310db615bfc38a7d0baed136c8c3def6d5a4358523c87789c6acab77cd255cf11beddb9b4ba12c4de8f7e7a9641366ff75a10da4440e3250a95cacbe3374bfc9c40972c6bac650b65128e136a1bd84a20065632ebf26b76245af5ad65626b7984acaf2c31528da294da15995bf0b2a0f192936b5e8332037d60ebcb069d621a7cecd959665730b369602c642130b234b7ef35a249135042e3acf3e149c232bbafcb1bd3a1e85e3af8ed8af45e88c423fa3271a98355231b80ad085630e8e2dba38485b86b0eadfcb08b9b1ad159a67d0fd2a2b3acc084aee41afc5c2e185983695a29ac8e2204872af88d0830a369aa341abe46412157cea3d97814eb52b2b2dde7e833919f1848d125e15791982bc4aca9cd8ec5f5ff0bbfde42d497a1402463cdbbbaf04dedd9862e1ec1ee770fa04350536168a8b54c147f448f5fbbf9073cdbc356c59741b7a8b6071c960a2b11b087fc056d0cae776af146b40ab86515a3f8839847af9111a3d6aacbe47daa80472a740a1eebc188534377167da0a0e37dd3cc82160fa4e648b7b46862e82b962ad96be237feb999254ef533b883617dc6efce0a4d5563a849e2be72fbb993b8fdfefd04b69b42cfbe6e02a107ec0949ed68e2c04f70693254b849d81d43cff3128a3404ee54737bd5ba3567ad5d30a83862efd2a39898b8ff97afd413ac1791096406fb5f6edcc01a232a2659069dff28e677802be60bfeae9336546f6fefa4051601cbada1b6c319bbf4f0d0d2d2d4518ff3b25d4635b7943da87275ed83a83a3c775059e277ea69ca55680872c4d51a9c4c0cac6c90269b0cdfab1f92a4741db2c47077c6291b246f4236fd9ae30e228ce85701a5b37e315704b34148a8d26fe751d6d4cf272d7b6d8d269d3a4cbb3e24e328c431b0a017d2be0d58b310973e8eae10c2f934ae7c1282979fade5c7d6c205d68e9c0a1eabb461604f91ce81841c21b9fdb9cb87033f8f24d567331865ac2a2f57443dd7aad4085d92ba8dfadb80d440438274e6923f835075805d4be0ece39a5b1f08dddb021f57976092e7986d0438e5f4da7c65f279f9964667c75d2437a7e3bda8d4ada51889ae1e2a9732998ffad54f018cabb7ea673c524a92288bcf6cd95a9e674eb5d5c5497650e2a7f343a073e1f519d2919ad78bce71ec0364e905735d6aa2e2f6d2860c721df8efd9e28d2d043b33001421cbfdd144825b05e556108f0efa4005c6d3cf285f90b8ef1aae4d01b1735c742b9c54816c0ba02aa14123c2a8ad5c992f7c9eadda900b91854cd1797dc51f5c611dc951bb4c7302e473a804b1dd65842f18a2cbbe954fd3c773e23c147410f2686c19b4a6727a07b469698eca6f5dad0a74a17fe77a43d9b6481a19cd911a22eb85fd329d0acea702ea4fe769bc9e47a8e538a01688244bcf1b9915b82d2cd136d7dbf9dd58d76778528d499d245e236474b32afe65c55a29ee43258d6642af471f75b76717001459df6b3f815544f48f07aa0c455d1c5d8fbec14dd57421841c8322791f884496c6e7380b99f4b18265ad83a3607b51095f48734f1e85c60d1c2c8ca97245de67590e743902e9c63669913aed7549995dd092f8c75227b634f596a6a1fdb120aca177f583b845b105e6a18ad72aa748177afa249bac1177b10238ef6282f52c579d32b9619f19d1ff0880b06ec6d8ff37735b39d21fd64ca8ba2cb386dae021372ac91896bb45cb15a5a9b4c1871659cbde893890bc45ddebd4a8aeee3b259f27027a7acab9e563d93043390dcadb997cb8c5e48496e5cf21de47931d68ed4a2a225db7a33463e28d318668aa7a6174f921750b59d0a163ed473adbe6426411f08a813280fc383b4a0cdad902b24398d4559d61df261495c84504880858254900f8ebddc92ab17740dbb4e4b460b7f649cfabdb1387fee72a7cfcf4eb6abda088b143051b23cb2bde96cb4ab640a4de6e612f5d75c5ada0b09da6e385809ed568c9aaed972fa1dd8bf93f0df683a4a5634c1458eb9d8bd64bdc726ffbc42e0b311cee588e3d8e084a380eab0c5a72cf0fe5cb36f4949f2ef2ca0552f4f022dde48e83eb48cd5fdc137b8955131693cf3be678caca0a17baf7b1fa2b21cd2740fb0c024be13e18de0c677255897e47b62573d3f4f78fd941c4f7fa95f45a3ddd7df061c99562fc69fe39811351b2b7c0119d059acb1744554afa4a3b0f1cf46929628a04d5c82d4e6d61e9b9c261853ec839a49bff12175a26d00a0d770d80eb9abfa584cb9cc45b3dae7da59f907c71181b910195f75682ad18b6adc10c371e6f9b5df57837e6224c9f3026f2502f17c976f4699382667b73fe0c82b1cd40b9374dcc6fdfcb0aa230b848b229e29dfb64278bf7c20b5026f90f1cb82c7fc83b6b4b8520f1e04e0e3cf85f15cf7615386b7a8f3d7614039c2476c4b71d5139d9291d590439de5bd6978405f3c73e897fae77874a3e708393d2aa222b53c4363f71b2dcfb8310bb1ca0983bd256c8153fbbf6319df8f2b5cae14556d5d77eab9f54582d34931161d84945a7685bcc597450d92934e96bafa4242bed07ed32d4efebdbb69b5511e35afbf4af0cc22576c048b39b1ac11aa619231610d7f5e801ac4042b36f55e475f08a690918d753a7fda460a3291bb16ce53a85419b0e8ddaa79376d33435f9d9e4b3338160282381313fe5a6b6c51a9bd469867b166957611fa14ba87566cbbdb1884dd80f35f565150fd4afac95f360d2e73541510a4e2c9df35004542174829101aef3d118e376110a162698a8f0c7798a38ed4a7f8c169de9ae80ab61423fe232f0c07bf8c230a73a597bcfcae77f0b743d678a736613f24859641e79df4d0f8d11b718aff8699a8c860bc7980ee606f91308379684d4475ba94fc0db87fa0002eff063304a4dba84208e21c8333f54a34f979c597daa3e03d4c472014847c220ae81011e80020fd664a580a66dcbdb0bf520d0daea6672cd4afe7c58daf9b280966b99563c9e27201336aafe2e263ae884fefe73143124ed052a398c171b6a1fbb98934ec64dec4498109f4c7a4e24defe6e907d1d8dab93c9ea7b7ff368093653403e78ef952a5846e6a8887d25e382935a4f1db5e000d4b4597b48594f9d8165dae0e287c044b984529a4c78f630aab85bb5dd5001e5ac670c9fd08e121418ba5fdf9bafa4e014de17132dc7beb2e03e737248397c68f507c85a9ad48aafc4bdef906c10617819d450262aca05461fa9c9e3987733d4e512a7fca7e71c23ff5828d7aeacbc3fc1ebe6c6d4df231f77c7a60eb4692376d8de24c8ff230ad6d8a8425fdbe3fc59b58a1f02e285dc196c42d9d5c554c073c2b3602890618a6c7447c77798f02a2168fee8f76f0ea5daf8d76b431802dbf37f4d47cabc6007707f8fed5acbcd8882fe173913a43bbc3f960dc386c522b639c7fa3366b130d44a188e0b31b6f4ddd55e2ee4ab96250c8c1f462b35267a9cd56c0cb53c8dfe6eb04d8bac32a3c4b2846178de752cb43f8923c200e96dbd2e53bb8cb98793265caa632b1984d95f8141cb521ed1b96c627c9b94d1c837fdcf462cbd547edeeb794600b84da867ae4e8b3da5b35d4efaa772e4050efadf98ae54c91d29729aad5c07f5137ae2c60e893eeb0cab4fec6f60a75ceca3a864c44aa6ee4297480814c1550f37429ed0e4115ed054adefaf7e2f7f134033b5c5eed545b219a999e22f94692b235b88cd2fef4dfacd7af8377767837f7c7e5efb6c3785cbb8bec37e6a0fa7c9e93a9b8d65bc60130e6f10fefbb4abbf162b46d7750c8c56c2893b5cecfddcee180ee207c7328d9d6d7bd9d47c0ce03f395ee51b1c66aa205daa3d858fd88d228ae08171c5a1bce9a3b7b46ab33857354c8a2046d4e89f8a8bb16a8c471f5e45bc554fb0bba973ebcc2c0602e24a3ba9d2bc97a1660a150bb5ce9ec5227598cfdbd24ab7cc27278c1265dcfb04cffbd95b086a5d48af233f9620fbb79d9829d7bfe5f0819fdd67d91bb775ea91dd06c051c85833c8f436a6f7ac7bdeff837961bbcc3e5708a55e850655c50fc6c7a19482aa8bd84d4d066598af48c4392ef43c03d1a0c62667ee190340d363e876b413f406f3000103d45fa1ca22e0539a67dca8542c0ab8acf971b27e92a2a189866f70f7ef05b1dc953e38d66f3409d28c540275072ad4cfc11675c46bc038066a1ec7edd436c73bf540fe950b3b5ee9802807b0f7d5453ecfa80854194c2a6ad1648ecef8834db8200a306e73147224b8e623a655edcf56e6b7c49f55a54887b66b09421b7166f5716e1f32dd37d72c63c9b403738b7f3c6943ef6164c4d1af94dffa11f8c453a29334424ff2da6ab41c87868dab2e10cc109b1e0c4cb0f627bcebd8a953adb0f399f492a34b9c463b4132d9d5a2b7b509bf88c5c966e8407b1e0d3383033b264fd11bd98434b0890dc75ae12a123a26d88aab18f6fd426cab13f94bfdb039747b310c4275db81c0ef6bc78ed6cd028a40efe10af1b79141fbf6537f50b8f1555f9a3b09fa87a664f799beb20fc8d4160face9ec2786ee6388e6cc87b83af6ff1982dac00ea79b55a2318d7a50ba03261536c3baf7cd82a3e269fda765ac640dcb0a8767cbd2835bd233ba9f295b5d40adcc2e79406d6fc81de4ce126a7ecbf95baca940fffb42a32575ce7aeb49e3a4f393dee9f9065a43b86c9d289a1f8ff2295cc6ee2de7f39d5fd11fbf7c83bd66108c37ebf6b9a613c1ea6911a6d37f17b0579c4c899893d0556d784127590f5724de652099a52de782e413ee717709c2ca147556648e895dd94afadf7d3bd0624edbe481b680387f84e723634c885bea4a1821cb14ad9bdb9583d2df3c7f5016db544cc4b8606c5ec6afbc90e70995f6c0e6e68d86cfb615ba5cb11fbea7c197b3e4a091ce0a4d6e068b1c683de716211c75459834ecc01c57c5e99d277e615dee33851b93728f1109b526946d51bc06fa74d88dddd7211c0abe1151d3706511073dbd05f96e740de142a4b28e2e0d3ad6eb0505e87576415571e6441994529abb72226eacc033490d433cbb4e22111f99339173f5346543c4e0734d207065cec1d2641a0879125d6ec360edb700d076861abca65e0b2ccacba80d106694a2d6fe671b3ba22ee11a86c176ba5c99bf04c893fe98fed07d594b4c991761fcf6452b0e04d6bb286038f2b8450bd8428e73f6821e337491eaed9c0b6db00e7b9928fae6362d18c5a4c297805c7b32ea3044b0d0e7ef0f54a6a8a0f98992329fbe9fb548acaff36e103233c8903523f9ce1069cfbe24c57e935b35606d477b780eeeabc88e3b9677586c2f5111e74e60f2dc8efa76fbf614327e7dd144fd626fdbfcf5db7fc9456e181c135d3d620ac5c5c4ab4346b78ca0d26ba79ff4b37b62451ce7bfd72d8bd6d8ff2822f99e7f0f936c1c963231154716d57b9bbe8d76514826555cee884177d747adc187d9f9857d31d9493930ed8cd5e5912963894915407d42b593fd13ced44aaf9abb778e318dfe82a7a71a36e5d2068f553b6204403db397a67df79f581335c5e8743436f1ef20a2f2fc32bdaec6bf0a1177c18e95a89eff2e6d15ed1aa4acd7051c13848e93497f9732bfc5ab96f9300fc283d44242542215f180953d3c298cb4e7fa093b6189b42a9f103e7cccea7c2ea80d70f45c1cec4d5174a4fdfe174258c3b9cfd6625806cc94a2e83152edef02304e669f77ce30dbbf2e5b6373f92e39612b06f7659be3dc690698fc84d379c57dfb09cc5c79a94cd414c2da0fd8f6c308329b918461922c580c194bf330c512bf201ce16d819fa2b1c6a3a4581f8ba1302bde3258439b2deacb5f6294e205be135b4a5e96856f964f339e6199b72736dcf1b8564f166948ba7c728a0f29bc95dfd50be0cc4970a51653db6a2ee04acc108a84155fd6e6291a722c049cd815393594a49cc0b1f2070c05abcf0c35836afe2fc25f0b2fb8bcd4cc201ae57055e51583a8276491b09ad2d5eea7c61dbaa6ca1e1d94470ae720adef511296877526cb49f7ff818d97b8015a399eb4bea2c2398050ff67539e0a81c5068feb9a23b009d23468fe5d3e3df9ac688df4ea6e4b7e633896e3279f18cbce83020b14f2b8cb93cac5961be48f8c5c75a92eb89b09faa1f5d7dcc6496770999355364439630a84aaa9802f2a2068ef8371b72282d6f90e800fbdfc7c169da8dbd623d6f0d09e929bb92e4e1f1bf62f3a787ea73f43201d21102341c8b54edcd471cc40561cea5854fd7237d6417546534b89384cb5345ee49f4de8dfa3d62b9bf13fa97b085987dbcd3cb433d5b15be9044b49999d132f1922cd99fb2b37fa9181b49e5ee6f4474402dd4ee54cb9e89af464940b105da4b53625e73958b409bac1ae5672f608ce5e5a47dfb164184c4864485c6fe95a023ae71f237f94eabe09ff5dbecf1a84c815f99d67810c1f6fdfab3cc3a03fc38d60c8b27df471fdbf58fe8625f930cf53a57beb063c9098600cc02b97c8dab2d5ce2c4f4a4684a0cbd94193abe643176a9551f4c8139adc1597916d789dfc1dda5b0d0287fcbec35121d55ea725b22460aef8deeed83b45f80b4fd0520f51fba58a0155112a88218f2bbe4bf76cbd3f2ae97d89cd8d9cca10b7e349c3045f4e85e9d85f05642f4d8e91467c4e4a0cd5503f5220ec8b906a79d0f311cb4bac3438b93310d8e21da011bd7ee65107adf85d8eb0a73c2f4a5ed65b2b38dcd53bd7ad9e94194696a0c92c72aa1e2029eae56884817f968c4fac9073e9a1f82283808de4be312e08ccd74450e43d5e96a57efe9ffb98122a8c9a968e1635e029ce4a46282129562356d83f89c51b91a8b6c36cb4c5596218c747ec671e1b41cbc34fece7ec85d327ea80e973a247a0be9423aad44fbae70347deda698d00366d20c3676afda493d3955fe2a4822c9028a6cf52435a6a41c4f66a2bde16bfcdf2a3165df7911f7d06a30ac9fa1663c30adbe5c66b201c39a1b7e597395976e600675f3402c643d334fe365e66ed2882260ee4f92f6a088925cc1ed1ff4969fe25431a5660fd4f9d0328384550f3c9029be93ecff2e7822ff4d94cdb893c26269428cb196db1f16ff27e263348286c8ff8bf932cab11cbf0880be61c78fbe26ad65e49ca08d16a5e3a627a4781b3931d017c0a5c5a21726403b927c1499c2dd7fba9d498206d94933d61862b1842b594c71d168e4905700fa3dd3e7234ee5926a1055a78a2daac92bbcdd102ad15748e38d492ad472fcb37383f36c84ebcffb68a18975e91f472397bee05e8dac74ccf51f2e8d9600765269ff2043f8de046ccd0ec342f1af5d85fb2c2b5c22a643bb9fdc2f6bcd8e2985c0d9e04168926ae2c9dbdb0b3f3ba6b62bd4182bed8cc045c2a17d1f486f68f576d1113ceefd365c57f44e93f0631f10448e81d3fa75ef08eb14aa4c94e3eeb27d8482144942045d954978ec8d047f9adb816697899d43392e4d453b597f77e7f0cbd8edd1691eb70ef46447d040a162f1fd69a7862f44a2c76acae891c29bef5efa4db4b3b927fdec936b5c3906bf95582a4cbe53f2fee3584f4066248c7a9c4de9c38e257501e8acf9fcbb422634c06af6c0ab01c530e8310876edffa217038e2675d45eb4e0e9711b861766b785dd4030f8487ac8b1a955b0817365a2a079dc6168593ff0fa8769e9b3811fa8a5e897c77328e04a972ee839458e9f47358f026faae1de145a6067d4caedea95eb5bf468e8878b9d0c76cc0c1678503ada16faa9c1cec4bd802727dee7e3bf22b8962edcdf4b8511b648e6c4e962c997172b6fab313fb56662ce331c7a79b5a6ebbf1cae3111c5af8e350b4395df9e9ed809a649dada2d210bb33fa4308567bdbcab37e431cf4ca3e14127fd34073e70d943bfc3ea79ac2cbf36f7091020f866cc6c11e28e92c3e05941ac70705a7ab129aee2fcf7f54216556835d4f0e74143a379c4204d0800ac3e0164962cb76c5ee53d412968882acfebee5e15a5176b1657faa9a5daedef97e6c10131c15bc97dedd618e2bd0cd24d962163f30a137a3efbe45ff4c419dd6b4a36f94b42a82166a990266baea677c5ecf13f4dd0cfac3a00613bdf8fc5c3255d4dedb10faf50d7595eefe7d56d634b88751845820f97a76e71d5eb085f6b398a8546466c7df4357512955f10c829997e8357aa17eb02271d02578b0763d60912029a52783807ef2cac990cef99a420824800d65ed51b455503edce75b856fd66de64bcb378e4d0b3338c592110bc830049456691247a5d811dd23197e4ef9b259a5b9155a514d72939e093f6c7e4c84dee8b156d0d6efa4bf52049847192955f83a57b105a66b92ba445ad1e2e612f634cf5d8ee0d080db1e73abad0fea77f62b349190e36e9f705b6f4e76a8ea71785d3546c9e0a52791346005591110fd130ee70b4692eaff4db49ce1372f99edf53f720e5f694de56371486e716b06ba8ae1e09b62bd071b33d9e97b1a3de7ab41ede5973d86666e6b4999fd830502624f4ee35a9c8f7a238113ad33e34484055c0f46ef9d77c26aa2e0cea0877f112c0b866bc9d38a73247b62f72027cd578306989e7653052cdf34b211571846b36b0974e54275eaf1fe56c5fadaf8d3a75e7249ead4ca072abad76d2005b94b63272dbe71e2ed96acb8188f0c903714d4b525958b6c61b0b5bf09635d821b5bc6772fd493220f50b9c36f3f23efb13b192ae489f27d5f0780823646388776c6ad252709b3a29e01c7dd15171ab25247d1b66b659cc6939f6ada6632799738a2e6ef0693243c4b708bb7c27f632f85ad337654966c3719baa62437eaf6a0b1b83a5cce0c88d5dad52e3b393784dff7f417057870c33becd96f6d9bde73462af9366617510102acf91e454cccd7c4ce512adcc5658e13fbd43269e1c612fa75801a39a8cba3fb19208d2d03a547898beffc6ffc1f7a49d6cd4d132b8e1fef1c8400ad58e573ae704913a27522b08eaeef7b6cf25af93e626e6467e57423aa5fee873f06c6ae509baa4b820b00c212123ce4fa0f623912619eb81e893e07bc07757565d64e3ab3f0e22fa88ad2f32c7bb59ece9cb0e2f80f", 0x2000, &(0x7f0000002f00)={&(0x7f00000021c0)={0x50, 0xfffffffffffffff5, 0x9, {0x7, 0x24, 0x8, 0x5000, 0xffc0, 0xf3c3, 0xc5, 0x4}}, &(0x7f0000002240)={0x18, 0x0, 0x10000, {0x2a9}}, &(0x7f0000002280)={0x18, 0x0, 0x6f3, {0x2}}, &(0x7f00000022c0)={0x18, 0x0, 0x0, {0x2}}, &(0x7f0000002300)={0x18, 0x0, 0x1}, &(0x7f0000002340)={0x28, 0x0, 0xfffffffffffffffb, {{0x401, 0x0, 0x2}}}, &(0x7f0000002380)={0x60, 0x0, 0xffff, {{0x100000000, 0xffff, 0xc29, 0x61fc, 0x5, 0x9, 0x0, 0x9}}}, &(0x7f0000002400)={0x18, 0x0, 0x5, {0x40e4e2df}}, &(0x7f0000002440)={0x11, 0x0, 0x5, {'\x00'}}, &(0x7f0000002480)={0x20, 0x0, 0xffffffff, {0x0, 0x1}}, &(0x7f00000024c0)={0x78, 0x0, 0x0, {0x8, 0x81, 0x0, {0x5, 0x9, 0x3, 0x6, 0x40, 0x4, 0x7, 0x8001, 0x50, 0x1000, 0x3, 0x0, 0x0, 0x4}}}, &(0x7f0000002540)={0x90, 0x0, 0x9, {0x3, 0x1, 0x3f, 0xfffffffffffffffc, 0x80000000, 0x4, {0x6, 0x5, 0x7ff, 0x80000000, 0x3, 0x3, 0x60000, 0xffff81e2, 0x978, 0x8000, 0x4, 0x0, 0xee00, 0xfffffff9, 0x8000}}}, &(0x7f0000002600)={0x150, 0x0, 0xffff, [{0x2, 0xc6a0, 0x7, 0x8, '-@/.+@*'}, {0x2, 0x3, 0xa, 0x3c, '/dev/fuse\x00'}, {0x5, 0x1, 0xd, 0x7e, '*{-#%,::\xba$^-+'}, {0x1, 0x0, 0x7, 0x2, '[#)\'%{$'}, {0x1, 0xe65, 0x5, 0x9, '&*,*9'}, {0x1, 0x3ff, 0x0, 0x4}, {0x2, 0x8000, 0xa, 0x81, '/dev/fuse\x00'}, {0x2, 0x3957, 0xa, 0x1, '/dev/fuse\x00'}, {0x4, 0x40, 0xe, 0x1, '[/*(\xa3:,+\'@:\xbc$('}]}, &(0x7f0000002800)={0x518, 0x0, 0x6, [{{0x3, 0x1, 0x10001, 0xffffffffffffffff, 0x1ff, 0x1, {0x3, 0x8, 0x0, 0x80, 0x10001, 0x100000001, 0x1, 0x56f0, 0x2, 0xc000, 0x0, 0x0, 0xee01, 0x9, 0xfff}}, {0x3, 0x9, 0xa, 0x8001, '/dev/fuse\x00'}}, {{0x0, 0x1, 0x0, 0x623, 0x7f, 0x3, {0x4, 0x10000000, 0x6, 0x7, 0x0, 0x9, 0x0, 0x16f, 0xff, 0x8000, 0xfff, 0x0, 0x0, 0x7f, 0x8}}, {0x4, 0x1, 0x8, 0x6, '{\'/{[**@'}}, {{0x5, 0x0, 0x10000, 0x5, 0xa1d, 0x4, {0x6, 0x7, 0x80, 0x1f, 0x4, 0x5, 0x9, 0x69a9, 0xfffffffa, 0x2000, 0x3f8, 0xee00, 0x0, 0x4, 0x1}}, {0x1, 0xffffffffffffffff, 0xa, 0x0, '/dev/fuse\x00'}}, {{0x2, 0x2, 0x8, 0x1, 0x7, 0x8, {0x3, 0x115, 0x7, 0x8, 0x8, 0x6, 0x5, 0xa6d, 0x400, 0x8000, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x8}}, {0x2, 0x101, 0x0, 0x1}}, {{0x1, 0x0, 0x3, 0x8, 0x0, 0x80, {0x3, 0x7fffffffffffffff, 0x2, 0xffffffff, 0x4fa00000, 0x7, 0x7f, 0x1d, 0xfffffffe, 0xc000, 0xffffff81, 0x0, 0xee01, 0x7, 0x1}}, {0x2, 0x4, 0x1, 0x80000001, '\x00'}}, {{0x5, 0x1, 0x6, 0x7ab, 0x476e, 0x4, {0x0, 0x646b, 0x3, 0x0, 0x68e, 0x0, 0x3, 0x8, 0x200, 0xc000, 0x401, 0x0, 0xffffffffffffffff, 0x3, 0xffffff00}}, {0x6, 0x9, 0xd, 0x1f, '!$&(-\xe4/()]+])'}}, {{0x3, 0x1, 0xadd, 0x1000, 0x9, 0x6, {0x3, 0x1, 0x60, 0x0, 0x1f, 0x5, 0x592, 0x5, 0x1, 0xa000, 0x1, 0x0, 0xee01, 0x1, 0x22d33caf}}, {0x0, 0x9, 0x0, 0x3f}}, {{0x1, 0x3, 0x369, 0xffffffffffffffff, 0x20000000, 0x6, {0x1, 0x80, 0x68, 0x1, 0x10000, 0x5, 0x588, 0x800, 0x0, 0x4000, 0x9, 0x0, 0x0, 0xa3000000, 0x8}}, {0x5, 0x9, 0x1, 0x9, '\x00'}}]}, &(0x7f0000002e00)={0xa0, 0x0, 0x5, {{0x6, 0x0, 0x6, 0x7, 0x68180000, 0xfff, {0x5, 0x7, 0x3, 0x9, 0x7, 0x3b99, 0x4, 0xffffff7f, 0xff, 0xc000, 0x4, r3, r11, 0x0, 0x3}}, {0x0, 0x8}}}, &(0x7f0000002ec0)={0x20, 0x0, 0x8000, {0x935, 0x0, 0x100, 0x9}}}) (async)
ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(0xffffffffffffffff, 0x80dc5521, &(0x7f0000000040)=""/153)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}}}, 0xa)

13:51:49 executing program 4:
ioctl$UDMABUF_CREATE(0xffffffffffffffff, 0x40187542, &(0x7f0000000000)={0xffffffffffffffff, 0x1, 0x2000, 0x4000})
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)

[ 2340.767801][T15356] Bluetooth: hci8: SCO packet for unknown connection handle 0
13:51:49 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 94)

13:51:49 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000000009bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:49 executing program 4:
ioctl$UDMABUF_CREATE(0xffffffffffffffff, 0x40187542, &(0x7f0000000000)={0xffffffffffffffff, 0x1, 0x2000, 0x4000})
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
ioctl$UDMABUF_CREATE(0xffffffffffffffff, 0x40187542, &(0x7f0000000000)={0xffffffffffffffff, 0x1, 0x2000, 0x4000}) (async)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (async)

13:51:49 executing program 1:
ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f00000000c0)={0x2, 0x4, {0x9, @struct={0x7, 0xcf9f}, <r0=>0x0, 0x0, 0x5, 0x8d0a, 0x6, 0x3f, 0x80, @usage=0x7, 0x8, 0x9, [0x2, 0xfff, 0x0, 0x5, 0x9a1b, 0xaa8]}, {0x3, @struct={0x9, 0x80}, 0x0, 0x0, 0x81, 0x8001, 0x3f, 0x9, 0x8, @usage=0x100000000, 0x8001, 0x0, [0x3, 0x8, 0x1, 0x9, 0x7ce, 0x9]}, {0x7, @struct={0x2, 0xffff}, 0x0, 0x6, 0xef45, 0x8f4, 0x2, 0x8000, 0x0, @usage=0x3, 0x0, 0x1000, [0x9, 0x3, 0x4e0, 0x6, 0x4, 0x6]}, {0x20000000000000, 0x8, 0x2020000000000}})
ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000001580)={0x0, 0x0, {0x0, @struct}, {0x0, @struct}, {0x0, @usage, <r1=>0x0}}) (async)
ioctl$sock_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000040)={0x0, @l2tp={0x2, 0x0, @empty, 0x80000}, @l2={0x1f, 0x6, @any, 0x992}, @nl=@unspec, 0x700, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)='veth0_macvtap\x00', 0x0, 0x0, 0x114})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000003c0)={0x0, ""/256, 0x0, 0x0, <r2=>0x0})
recvmsg(0xffffffffffffffff, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000001840)=""/91, 0x5b}, {&(0x7f00000018c0)=""/80, 0x50}], 0x2, &(0x7f0000001940)=""/34, 0x22}, 0x2002) (async)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000280)={"e6696328276c80ede1cbb140551427cb", r2, 0x0, {0x0, 0x3}, {0x0, 0x8007}, 0x28e, [0x0, 0x0, 0x0, 0x10008, 0x0, 0x4, 0x0, 0x0, 0x0, 0x80, 0x100, 0x78, 0x3, 0x0, 0xfffffffffffffff8]}) (async)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000001e00)={0x0, 0x0, {0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000840)={{}, r2, 0x3, @unused=[0x0, 0x6, 0x70000000, 0xffb], @devid=r3})
ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000002b80)={0x6, 0x4, {0x6, @usage=0xfffffffffffff389, r3, 0xff, 0x800, 0x3, 0x80000001, 0x5, 0xe0, @usage=0xffffffffffffffff, 0x0, 0x1, [0x8, 0xcae, 0x8, 0x3, 0x1000, 0x5]}, {0x0, @struct={0x6}, 0x0, 0x1, 0x9, 0x8a, 0x6, 0x4, 0x1e, @usage=0x80000001, 0xd55e, 0x1, [0x10000, 0xffffffff, 0x6, 0x3, 0x8348d65, 0x9]}, {0x101, @struct={0x0, 0x4}, r1, 0xfe97, 0x3, 0x80000001, 0xffffffff, 0x3, 0x3, @usage=0x8001, 0x0, 0x4, [0xfffffffffffffffe, 0xe730, 0x1f, 0x7, 0x3, 0x85]}, {0x401, 0x6, 0x7ff}}) (async)
r4 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r4, &(0x7f0000000040)="e2", 0x1800) (async)
r5 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r5, &(0x7f0000000040)="e2", 0x1800)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000001a80)={"a11583a4c9d4f748f08e71f414e9b99f", 0x0, <r6=>0x0, {0x9, 0x9}, {0x2000000000}, 0x400, [0x9, 0x5, 0x7fffffff, 0x38000000, 0x20, 0x0, 0x8, 0x60, 0x5, 0x6, 0x7ff, 0x6b, 0xfb4, 0x3c, 0x9, 0x3]})
ioctl$BTRFS_IOC_RM_DEV_V2(r4, 0x5000943a, &(0x7f0000001b80)={{r5}, r6, 0x10, @unused=[0x5, 0x5, 0x6, 0x8], @name="8953a3cce1e91e2b924fd13d6b2f1d9d05f267f5c950407fa032f5ce24b43e2e2040b5a99155d0db94cc92dd6e7de8fcc7dfcb1b693e534363f4ba64a53bf55235a0f703bd1a3ccbf6b698adbcf89c17d1e8b6544db46f1cbd4b6d4c23cd99a01033d4eabaf6656aacc8b5e30d3ab009f9de20a5c0af4eb3b3c68eb16c542eeaece81544fe57bfab5253a985e8120e446e31af29f2a34dc73e4f5b99f891330088f7e8832ffe80cdac91a03457fd91371320a4a14dcaf724f60146564485d26365226c3995f6072e76ee2ec9dd83997c4b90f68441c90dff7f9ac5a6172b98c9a08ebd0304103ada15f3f6a3ab5479583bf9d7881769367b805c5479e63df3579c1fdc703ca17786736f71ff0368e01df8eaaa98215b4ea88e8ace1c9bc717125d2371d595bc91ec8b00a21fc3942fca26115878a98f6ed3fddad1f485c890fbfc6f4759444b8925550a026515e217d13a5f389587d327402fab3a3b0f8dc8a5d44978d7fd9a1f27ca59dc6eb78dc85149ca906f3dcd9669b6a300328999842e47c3c1aa808817075b368ef3d2600f8769c26c3395d9f7dd5db43f508e66d92efc50b9d0e4636003c9cfcc5fdcfb013db63481d94f2b068f9f8c41414adba25a0c0b69942fbfbf0b0db0a121641f9b40a6d61e530245031bfb5f7b899f0dae1fe1e482c4e57deb34b2be31f0b00995063c4a55ab475666277fcc8ca336c4f240c1733765e4379b2b50787a4185f72007430ac4b82a2b40bd45d84bfe52dec9445914dea4681cf4f450c451f59583521ac2f09de10c15be1dcc18e62e053f162e8318e9da0d0e724d2f64da2915d056d8796c4c6fc16ef86fcdeeb84898e3dfa125dd2b197fa5ffb99001e9a66a2c2bce973b3f41283e1abf59bf270022f6bce991fe7422c40da92b3548816faf72964b0d12de2ae9d3cb7bfc169a342fc7b2452860c6294ed1a4ed93f562fb492a7eaa16b2a50784537f1e4e361bf02d769c12718a1e3ccfb496b258546f4f7bfae59b382cb129447e7273d29c620d76930a8828bc1b1cabc2f1566fa4e5649cad521c50910d746732442a830e572981e4091efd25ce85aac82412b91f01e4a1c7fc056166148430db5c922d96cfbfc6575b862ab04459af315ab6ab74a12982eb5b15d44f99206e751c738e156a69202e4cf3a87ff4a1f247f0d411c3bc92837e9852275ba100434489f3a983dec0670827f3f855dd881138f46bde3fedbcb07901d88ccf754c74cd4e8d435e1e856d813f89f10811d4feb92aa6c0fbdfeb9552c0e2faea761db232e1a705073d07373f6e93ba546b227573f82185ff7caf174799eda460f64dfd7512d499ce30728912d052f48f8aa2a2a37b49772ba4d37df6c8e5dd01f95c0a661d4c565886f9e800282c5ef9d731b15c86cda9608f346d861b734b95efb0f5a39f4e0baef573cb75dc4e6d0a61f2d8c7350df9506e34248322c0527ffe1db1b158c39ffa614bbf43220811cafb4443efe76a42ceb834df6297015d4803469eb34d551627fd4036300b3dfa57147f9d59aace31c0051b72b634893efe2b3bf8586e6fa19e67f35675be59c55fc08638df6fda6b24c564b787106bfdbc0e07b352f63a442a3d3f9b7abd5aec6a74de6968c19e519554b408c09c017a8fea1deabcd7f7bfa729e42bac8044fbe4c4832b2580110bdf3052d78d18e8ff07c42d916de2c5103e471592f6e8becbd07a75f3fc2fa2d683749b9fb5e1678e33d0b2e0bd63d4089f2bc7c939df5ae35124be69b4915295d8c8366c7e4c363f3c24c0047dd782e44495bffb20cb43d311bf3d829a9033436eaa3f9d4920f3011212e64657e5844415409babc095934b71bcced24764b0180f49dd46a5de5a34c3f33fc2b562b906a4dc2ec7e9eac0bd7865af098f09bcfafb8b9aee894d5ccf08cc7bb2e2842edd89e987007cd431ae0c84d6041d6b278fa28208ba527b1fbfdae3f06295729c703be48cbb120e3a1b4115bd380d08a2aee553c02bf68f92aa868ae25485dc50b4bcff74e255b445816e31dd65da91e9ba7b39ac62c3fea89f9ce508c7b5182a95eaa0975aff80113ddc8fd66685d9c104fdfaf88e94ce748d401def43418a7301f508e21dde3ed2709f08ce6c0b6323d0e88ac11a891cda445a6ed7f04b5b9759d2dfff76da12078aab5f9934fd9f5d8160f3ac06940e70a4ca5ebcb3946f2a0274e034516e9c15828bb5b58ac1a05dafe8e9be9173a5739445cdc635ef93bb099f0832de6fd13d540cf4a59c48830c1a96d94ab4e25c3555ad285a52a8de146bef6e5610cbd8ba6731faa443e8f07d7e4bbe0d0a223c27b1ad2a35875ce10b22f0ee424cdc5b8ceaba1e27e049ffb56a286fc3ee53146b821f88b47086631ec9ac268af137348ae9be05283bfe540e10b9d8722b16def244aca92a36d3493288216f8f21211cc4085f231ee7378f844e5a4e581f6b6b7ecd4ce343285cc01dec423d95724beebbdf021f865704e0dc0955a911a2b9dfb8625bbdf28b440222cafaccb66e9ace17be09de9afc715c67768a24b78c8fc2110e4fd8f10717c3af9bc97586a3ef52d9401e3f51b9e23745ad77107fea32d52a48533e9672ed96a9fddbb0b2f770cd89c4b903377ac6422893d1d675b12aa5107a78cdf92373ca6850b055d46b8025304715eaaaf5e3dc2182162f0ca031bed9cd7a1740fb296c3493bee769cda0b588986d7cfc7ceb0dfa1a6ccd34e72b37904fddfae1dd43030659475737acd914d1e3e7ce914479435e19544614133e930492b63ab70ac02c3297fa41d8eeff488dffc882ad47a2fbd9d40a2a29e29c41dc9eec5085b359d400c033e60a6b2ea586c0e3091c5131fe6e033f02688c02de99426ae4730c3455949908ca8b6656ff6026933822cc1c2ebd9e04a72f796c436db4a411a54f159bf15117227fb70da000ee9d253f76e0d8c8ad96c1031a7163e01a5d0d82934355383bb65a2d5e280546ca5022aba1d5116791889dca3c144b11e33390f482d65d9bfb72d04d4fc33230bbda1101f6c3d04cc8445c5b6979f0cafaa5d19e3e640dde96634b807a3c464065822fa1029c871c1d7c7c78dc73134acd6634b1ec10a61699239faca4b9688b9c4483962a614f1e9c33910b19090f6a7e0c42213a228eae4e88ab57dfecf9fb358c5a7d9ffa3eab7e56074bfb2b27f93a29fe0a0a29ad1ec9c24c76063e292b97bd1331cfb30e3f282ff6d55e7f9928a648987aa2b44fc81a29caf4a0c18cc858489220716042664e717af5a14449430dd0bd6ff6164eb6df0d94c95196314bcdd7c2f9dddf99ea4ca06f41ea228c6e4cd2e14d9b36fec40aea2c334f092d43e239e4658773205f8ee4c7fce73ee167a18743adf0a4f8dc615e3e0b650a2b091bc1cd8d65de3dd4261f295ddc12d5418094cb1918b9726c153dcaff4abc5231e83af68a8076aabb56a6e335b250678f94a418a18f984684f8cd2f74e9a9fdd704d09daf782e393ae8709851d64ac9e204693da609f5c99fcef207fc8b3f3a567f69b63804164411c57d944c889dc5c6754dcd56a60c2fd16965bfd5ecb0b3bf67b7267af51724c78b97f734a13ece7909919ff174d3b968868066a3af72517c0f75daddf4e512691d613ede3234c51e7e92ff9de09e92da608f4a69f5e9d1480c8f7e0511f2f023c1093777669372d0371e5c7553b1df591d33aadb6f8fa94c5256ee327e9aa501040d53b8362ea26fadc7acf09add07b96758702d53e69f08fadaaa10ca1e6296e0088eb778a978e0ad2c671da201d08feb489ee16b7d12c3dfa5d342f9f1812002d741e571ae9c6c8ef5bd89ced6aee571b0d3425eb89632e0b64fb977a0ffd80c96986b8934bbe00b95c51f86d6ca34acb9bde814097a85bc166b3369da4192e32b4e71757c0935fb5107f59c12f5da7410fd0e88cede2b48a5efcff32d294c4ee6de9b48fffb81269c69128b9c2ebdea2a439bed0ac96bbd8d28c952c4f1569c178b80adbeddd089529615ff829460f2c8b81dca2c2ffaabd90f9f981e49103068db46951de30c720a9a882ebe10b9e60e803eb58fbf0a8e4b4f2b2962f008891408095a09b74f95ead091e7ce62bf2bcf01f379c2f6fab740e71e51dc44552be24e12729d2aacd9b849a02719d541a474d1df4daaf545b7702645fc3ceb1d305b8a8803f7ec5f95c0f36f78f8b68c0b2e0b91ef9ef27fa6735b44fdef353cca39adbb803f1f38ba2363405e6f7c61364aa1fe76b43ed6a2d8222afec4aaf053d6179afaea4afa1a872f84ecdc4657cfae2a992dc8adf16ff2db886b47cd4b815845b05ff05e72cf60467e6839b1221a7d5bc84545d7ff51c34ce240c5d6162e837b1ae5b7ecced4fa3432be1c64c048a41317bfe7145c3a408a9b2c449359dd861541bb90f2a447782fb6acc7f0b376f03dc7f648dc4bc498858fa052859c51dd42217c8409c89c2d3cc4fee2cb7688f0b8b77bac86c7c46fc8c477f938802069ad34273fe0748db7ddc8bce4b7a4e5764b44fc43e6363c57bd5a93173c964adbec3872c07a2d6314e679f6dc950950db36fa18ac443eb584f2710a1efabb995ee741c0910e9f465263f52204a89d953b6601a21f481a1264332e5ec0065d6ac5021aa7ee95ec030af6c42bcf549639f2b782180cad29a0eec929756efd492f11949b47ca353ce72c7caa5f1a2d3ffc559aa368f5223e291f1abe1f6811beb8b3e9e4fc0026e29416e3d2b80af983cfeb6b9023603da9e4402e9e0c00ae48eb96158993c91c10ad423527ae211f0869db959d109abb3b4a364822e4d6133e99548b86c7f1ca03e72daa112cce1070c695792f2c46efc656c4f78f88f038678e14706576587c0f195b85c7470c5a2a49d987776057398c4d9d5776e606f4e80dc0bce161e0505841d6e0ec18a3d022a4ca1aa1c731ca0878b3400fdbe7e51f1d59e49103cffcd9298616d9406ddd258a9b526103b68cc6e02e71b5d2665ad480e44dd89ecccc21d25c055a473401aad23ca550c49c334c5c2950f30117ec84f2c37abb7a046c43e9935d42212cfa08783aa3833a3a49dbaf437179999557f878a9101be2882edd618d5f792d9cca47095ab15f993bd7c9bbb741e29663fb4d5ae686657a6e5b573013c41b7a53587ef6152f425140bb8c0389caa16e7c6da061af8bf48e6e0d8a9c90b5b05b96f82ebbf41cd0cc9ef11bc63310ebd603e53ff442af5fe61814c4c18af6b6acecb1810ba12b2f4d8bb5b64fa4f7b10cdb6638b15e1a430753fc81047d53043dd6b96bd84a88b3293e2b14f1c666813f9e3f2200e7ec9626d0fa6636b5773ef1a75e6d0fd611603d8997c149f14b8ed378edfe8f37cf7aa0e42a1a7ebef62e998a0b3f4acc28491c8403097890b6987184ca4c86be7418103fc9976042a346cf96203d5f29bd9268be4321c8dc0568601ce794665f7b631549da902e1338937e4233ed33dfaab33b2ba2404195bbbe3933f9340d0b74584d2e27dad4b17b6db2eaf9343f12699e722897fb45fa3d3989789d87908bb1770d867ca2b97f342abc9cbb69f5fc52f4eab1ac36aab74ed4196c54b0e1a4d919d1f3818532aa06c8f6cf87b42b60d3d3bf24c1f804ef2802b75a349c18202bbef86a9b63f885cba5d22be3cf1447fc2bddc28e46b84ca038da511553bf64d14fa5f34113429cd7934f500f06b7791718dd1597512b2e45002f2a0eec"}) (async)
ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f00000004c0)={r0, "8801813fa11a51478e39ae2a15565dd9"}) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)
syz_emit_vhci(&(0x7f0000001980)=ANY=[@ANYBLOB="03c9007c3e4ab2b542bfbe0c7891115ba28634dfc079c35b8ab86781e02b52ed3310cf91c80a3fc00079e60a62bbb7f049732359363d5ecd477afc7bbb8c53ff07000033d37fb88810454a14f40b8a2a3d7d1f46d91d73696269f75a33aaee89d17c8c588b64603bcb101300000000000000000000000000008aec0d02a14faadcc8b298e028078110ef3ed9309d630b2efa03d8bb658b482397476bbc34f2cf4146d2be4e5535988c69f56127b952001897bddb274da63e0843411a284847c9ae41f36fcf0391bab2effa0fa1e0ec5fb3166d01b6b805dcca9fd842933f057955d5e509933833571ed29540bb7f8ffa3b"], 0x80) (async)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(0xffffffffffffffff, 0x40485404, &(0x7f00000014c0)={{0xfffffffffffffffc, 0x0, 0xb66, 0x2, 0x41e}, 0xffffffffffffffe0, 0x9})
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000002f80)=ANY=[@ANYBLOB="0100000001000000180000de02abd8ea53296efdc97900", @ANYRES32, @ANYBLOB="02000000000000002e2f66696c653000"])

13:51:49 executing program 4:
ioctl$UDMABUF_CREATE(0xffffffffffffffff, 0x40187542, &(0x7f0000000000)={0xffffffffffffffff, 0x1, 0x2000, 0x4000}) (async, rerun: 32)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (rerun: 32)

13:51:49 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe800000000000000000000000000abb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:49 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRESOCT], 0x8)

13:51:49 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe800000000000000000000000000cbb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2340.898587][T15356] Bluetooth: hci8: SCO packet for unknown connection handle 0
[ 2341.085927][ T1370] FAULT_INJECTION: forcing a failure.
[ 2341.085927][ T1370] name fail_usercopy, interval 1, probability 0, space 0, times 0
13:51:49 executing program 3:
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000140)={0x30, 0x5, 0x0, {0x0, 0x4, 0x800, 0xd2c}}, 0x30)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000000)=@newsa={0x154, 0x10, 0x633, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@dev}, {@in, 0x0, 0x32}, @in6=@mcast1, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @encap={0x1c, 0x1c, {0x0, 0x0, 0x0, @in=@empty}}]}, 0x154}}, 0x0)
r2 = socket$caif_seqpacket(0x25, 0x5, 0x5)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005800)=[{{&(0x7f0000005440)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000005580), 0x0, &(0x7f0000005700)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r1, 0xffffffffffffffff, 0xffffffffffffffff, r2]}}], 0xf8, 0x40}}], 0x1, 0x40)
stat(&(0x7f0000002d40)='./file0\x00', &(0x7f0000002d80)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000005140)=[{{&(0x7f00000000c0)=@abs, 0x6e, &(0x7f0000000040)=[{&(0x7f0000000140)=""/195, 0xc3}, {&(0x7f0000000240)=""/215, 0xd7}], 0x2, &(0x7f0000000340)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, <r4=>0x0}}}, @cred={{0x1c}}], 0xd0}}, {{&(0x7f0000000680)=@abs, 0x6e, &(0x7f00000018c0)=[{0x0}], 0x1, &(0x7f0000001900)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, <r5=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa8}}, {{&(0x7f0000001a00)=@abs, 0x6e, &(0x7f0000001b80)=[{&(0x7f0000001a80)=""/83, 0x53}, {&(0x7f0000001b00)=""/2, 0x2}], 0x2, &(0x7f0000001bc0)=ANY=[@ANYBLOB="1c0000000000000001000000020000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c00f2a95c939780ae45000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000028000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1400000000000000010000000100", @ANYRES32, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c0000000000000001000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=<r6=>0x0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32], 0x108}}, {{&(0x7f0000001d00)=@abs, 0x6e, &(0x7f0000001e40)=[{0x0}], 0x1, &(0x7f0000001e80)=[@cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, <r7=>0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, <r8=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x110}}, {{0x0, 0x0, &(0x7f0000002440)=[{&(0x7f0000001fc0)=""/154, 0x9a}, {&(0x7f0000002080)=""/155, 0x9b}, {&(0x7f0000002140)=""/228, 0xe4}, {&(0x7f0000002240)=""/21, 0x15}, {0x0}], 0x5, &(0x7f00000024c0)=[@rights={{0x10}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x28}}, {{&(0x7f0000002540)=@abs, 0x6e, &(0x7f0000002a80)=[{0x0}, {0x0}, {&(0x7f0000002680)=""/59, 0x3b}, {&(0x7f00000026c0)=""/43, 0x2b}, {&(0x7f0000002700)=""/254, 0xfe}, {&(0x7f0000002900)=""/79, 0x4f}], 0x6}}, {{0x0, 0x0, &(0x7f0000002b80)=[{0x0}], 0x1, &(0x7f0000002bc0)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001800000000000000ba420001000000", @ANYRES32, @ANYRES32, @ANYBLOB="1800000000000000669a96dc4c307b53", @ANYRES32, @ANYRES32=<r9=>0xffffffffffffffff], 0x50}}, {{0x0, 0x0, &(0x7f0000004f80)=[{&(0x7f0000002cc0)=""/29, 0x1d}, {&(0x7f0000002e00)=""/4096, 0x1000}, {&(0x7f0000003e00)=""/4096, 0x1000}, {&(0x7f0000004e00)=""/143, 0x8f}, {&(0x7f0000004ec0)=""/192, 0xc0}], 0x5, &(0x7f0000005000)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {<r10=>0x0, 0x0, <r11=>0x0}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x100}}], 0x8, 0x12000, &(0x7f0000005380)={0x0, 0x989680})
r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
r13 = syz_open_dev$audion(&(0x7f0000005680), 0x4499, 0x0)
r14 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000056c0), 0x2, 0x0)
r15 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r15, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000005c0)={0x0, 0x154}}, 0x0)
r16 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000000)=@newsa={0x154, 0x10, 0x633, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@dev}, {@in, 0x0, 0x32}, @in6=@mcast1, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @encap={0x1c, 0x1c, {0x0, 0x0, 0x0, @in=@empty}}]}, 0x154}}, 0x0)
r17 = socket$caif_seqpacket(0x25, 0x5, 0x5)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005800)=[{{&(0x7f0000005440)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000005580), 0x0, &(0x7f0000005700)=[@rights={{0x18, 0x1, 0x1, [r8, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r11}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r10, r4, r6}}}, @rights={{0x20, 0x1, 0x1, [r5, 0xffffffffffffffff, r12, r13]}}, @rights={{0x1c, 0x1, 0x1, [r14, r9, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r15, r16, 0xffffffffffffffff, r7, r17]}}], 0xf8, 0x40}}], 0x1, 0x40)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000001c0)="6b0ceb6d79d905189f02b4183bf8fc9842447911fa36c51681c0bda114a04066dbe4c8555cd51ba79b176bb58c39d500f8d908a999cb5d977240a3d1537eb41a57a882f24562ab93106438133d023b9fca3aadd102f10fa3e01475897f5e0df9e223c2126a0ffbe245b6c29241ccbd7a5afd41c73bdc6e78e7257f8920f5e4ad5642d61572cad9bb802dda95bd2a9b9bcfc3fe96e6dc6eefa8e9e62202d233f905e05469e8252e799d8629d554d98d67a6fbc81c5fb0711bdbbd10820ee2420df1bcde1617123daa66fa9c5cc7103ca9550d0b4ade160783f5860a2136f9520bca58bdd0c4b60050f025a84cdc13819136855d1a117c08ec2995c91004287abb290bf4c7e080bf67a6e97829a6ab6d6b81119cc3d7747a0e465ff48f3b676a68216e5b114f987ca6d32a72c4b09e769ebf82367441a7cd085c5b73258482d559efb3667d9109d09a19091c9130d51f66134bdee684d911a1995b420e4fa4da4bfe2978160c4b0b3d66eec903d95c88a7a1b5e2e59f5fcb386066de058b15a5c9edf9cc220623146e3c2afb0fe8be84a7678cab8e29932b62813f848e5bec79f61c2465fb9dc0dc0bdd8f7e742ad15faa4be6131086a35e6fd681fc997ddc7260d215bf2686dbff5bdfa07d353b69eed53d56a069049ec82f782da2110680a7c276965aa910bf9c1620a646edabb8922faa42d7547bc760d5b0678e930df19940099460dc01a6f71c84490427463753b8eadafc628d8f3b36954cc7046704c723f528fc351e2bc3ff17b63a8f9aefa884536f1ca2fcac5b7b29ef667996947f59fb7adedc28e01696f365e74b214c720c506941c358c4d0942b72986785dd2d8a72feb957bf8af1b1a34d747e074b3d1c8f783b724cd2618dfd2490dda319c2638b690b3ebaba06674fcc1c6a3e60169ea3f6a366ee63bb87aedffc4e8e9cd9dc4fea7ef0f1d5273cc6b952c190978b4430caf668ecad64bc1f5318fdd338ca41cd0df97d1f8286a32599133d653b56cc5e13dcfb03f454e6805e2a9d2b1f174517136b1234dd59495c52c25f3ca21c7686742c40867eaf44ff07c848c0dfb19810feacbf79a940fe5bda3ce36d9a593f3cd1b0bf8d72c2d2d995cc130989454475c9f11475ca39a23132a88e15a4ae1d300073db4c25aeb98622d77089edfb73dd1140e058fdfc4ca1d13b438d1825b6de5994ef5830cd3f2bbd75eb749b079b1844312243182c777da39c3f13f349af9c0ec190cb3a99381198dcafe671b35e8beb898b0ac97834b770e8417b1ab882e6c1dd4ce688c363c2c3f2a0ed14ba05510973346fbffed591cb712c24ad02ec272ed003c90376c09709c8a2666be38a6ea9e103b3f7eacbabe857f15a5bdf6bf7b0f399ddebbae70a039e9e530b0444c52a36e21e176390117b6e125bb0c67fd1c2a295a65f40db89e0e11e4cb698399beb6fca0062898cd47e7bf3191f89fd7f240e3263d718177f5773babfdffb2b55fcf8369b8ccda17356cb077df85e829a1533f5b23df9b2cfd343ae0fbc6624b38aaa839ae83ccf60cc0f83291c1ca5b6b465bba7b9d2adb42f65493426592f4a3e369696504d528830e4bc23c754f27615a7bfb17f4ec2c344a80443da163ed89843dfbb8f39b1ee4b28779f8ef607cea78e86376645a1241dea7fd5fb73b4fcc49e052dfc1eb7c9a90f13ec5f210b6f93ccccf9405329472933f70a513874eae185908ebbb41a0e0c87cfeda3877202a91b2dd51485e8ef3bc5fa0b1cbf6ad402eeae53e3520ab3266dddff69a9a83a69912446da9f11700dcafcae348c166950b2936acd9b0694dca272b5d8fac90492535b77651fa8e0ed7b4f2ce460560b78a12eb5ea7b3eb09395d8f515ab593f31f7fb2bef734d009df3f626943d7695062867d30c87560592327f502b32ed99e0ca30024a2d3cd62915d062dab52da46274df64e8b82d87f112d3e48d669600fbfdc408582226e75444ed45680ccabc67291d8aeb217ff56bd3bda8f2f7463f4b7490056a49bfd3c6bcb2649a02d3180e88e78434b3e6735f607798fab1510d91b4f736fa3c4a743f9583aff4fb3950a1b510e425b7d0cde46946ea5301d482ac7251cb27f4c5b3eabc6d41a002125e8c3426f74d493c58d87d4114c49fa52cb14fd537174714cda5c75af1b96efbb1ae9d01e345af30dde23aeeaab120b3443a547c96e18e33105d7e08dd98626872e59507536230ca9137dfd5ab0c4f5806fe117f196fd186414e32e9e3fa5a7184751416138e8084c96eaf4fa6ed130f38379ccfc613e71037e7b07e35e965ced809aacb938bd702ba521c2fefebd83451b394d7b77dff3885faacd2b2e0b9bb93f9329851d6fa957db25cc1e5a4eaa6e0ef5ddc5b849df152381ae27a0f17abd1e9cf0e784139a98ce349e5ce813fb8887dc930a056e26816d9a9959ef129fc8f44274a47834cc57a58fbb84b04e7714ff760669032e87b1575e9ad200191d96dc68b2ee104d8e310db615bfc38a7d0baed136c8c3def6d5a4358523c87789c6acab77cd255cf11beddb9b4ba12c4de8f7e7a9641366ff75a10da4440e3250a95cacbe3374bfc9c40972c6bac650b65128e136a1bd84a20065632ebf26b76245af5ad65626b7984acaf2c31528da294da15995bf0b2a0f192936b5e8332037d60ebcb069d621a7cecd959665730b369602c642130b234b7ef35a249135042e3acf3e149c232bbafcb1bd3a1e85e3af8ed8af45e88c423fa3271a98355231b80ad085630e8e2dba38485b86b0eadfcb08b9b1ad159a67d0fd2a2b3acc084aee41afc5c2e185983695a29ac8e2204872af88d0830a369aa341abe46412157cea3d97814eb52b2b2dde7e833919f1848d125e15791982bc4aca9cd8ec5f5ff0bbfde42d497a1402463cdbbbaf04dedd9862e1ec1ee770fa04350536168a8b54c147f448f5fbbf9073cdbc356c59741b7a8b6071c960a2b11b087fc056d0cae776af146b40ab86515a3f8839847af9111a3d6aacbe47daa80472a740a1eebc188534377167da0a0e37dd3cc82160fa4e648b7b46862e82b962ad96be237feb999254ef533b883617dc6efce0a4d5563a849e2be72fbb993b8fdfefd04b69b42cfbe6e02a107ec0949ed68e2c04f70693254b849d81d43cff3128a3404ee54737bd5ba3567ad5d30a83862efd2a39898b8ff97afd413ac1791096406fb5f6edcc01a232a2659069dff28e677802be60bfeae9336546f6fefa4051601cbada1b6c319bbf4f0d0d2d2d4518ff3b25d4635b7943da87275ed83a83a3c775059e277ea69ca55680872c4d51a9c4c0cac6c90269b0cdfab1f92a4741db2c47077c6291b246f4236fd9ae30e228ce85701a5b37e315704b34148a8d26fe751d6d4cf272d7b6d8d269d3a4cbb3e24e328c431b0a017d2be0d58b310973e8eae10c2f934ae7c1282979fade5c7d6c205d68e9c0a1eabb461604f91ce81841c21b9fdb9cb87033f8f24d567331865ac2a2f57443dd7aad4085d92ba8dfadb80d440438274e6923f835075805d4be0ece39a5b1f08dddb021f57976092e7986d0438e5f4da7c65f279f9964667c75d2437a7e3bda8d4ada51889ae1e2a9732998ffad54f018cabb7ea673c524a92288bcf6cd95a9e674eb5d5c5497650e2a7f343a073e1f519d2919ad78bce71ec0364e905735d6aa2e2f6d2860c721df8efd9e28d2d043b33001421cbfdd144825b05e556108f0efa4005c6d3cf285f90b8ef1aae4d01b1735c742b9c54816c0ba02aa14123c2a8ad5c992f7c9eadda900b91854cd1797dc51f5c611dc951bb4c7302e473a804b1dd65842f18a2cbbe954fd3c773e23c147410f2686c19b4a6727a07b469698eca6f5dad0a74a17fe77a43d9b6481a19cd911a22eb85fd329d0acea702ea4fe769bc9e47a8e538a01688244bcf1b9915b82d2cd136d7dbf9dd58d76778528d499d245e236474b32afe65c55a29ee43258d6642af471f75b76717001459df6b3f815544f48f07aa0c455d1c5d8fbec14dd57421841c8322791f884496c6e7380b99f4b18265ad83a3607b51095f48734f1e85c60d1c2c8ca97245de67590e743902e9c63669913aed7549995dd092f8c75227b634f596a6a1fdb120aca177f583b845b105e6a18ad72aa748177afa249bac1177b10238ef6282f52c579d32b9619f19d1ff0880b06ec6d8ff37735b39d21fd64ca8ba2cb386dae021372ac91896bb45cb15a5a9b4c1871659cbde893890bc45ddebd4a8aeee3b259f27027a7acab9e563d93043390dcadb997cb8c5e48496e5cf21de47931d68ed4a2a225db7a33463e28d318668aa7a6174f921750b59d0a163ed473adbe6426411f08a813280fc383b4a0cdad902b24398d4559d61df261495c84504880858254900f8ebddc92ab17740dbb4e4b460b7f649cfabdb1387fee72a7cfcf4eb6abda088b143051b23cb2bde96cb4ab640a4de6e612f5d75c5ada0b09da6e385809ed568c9aaed972fa1dd8bf93f0df683a4a5634c1458eb9d8bd64bdc726ffbc42e0b311cee588e3d8e084a380eab0c5a72cf0fe5cb36f4949f2ef2ca0552f4f022dde48e83eb48cd5fdc137b8955131693cf3be678caca0a17baf7b1fa2b21cd2740fb0c024be13e18de0c677255897e47b62573d3f4f78fd941c4f7fa95f45a3ddd7df061c99562fc69fe39811351b2b7c0119d059acb1744554afa4a3b0f1cf46929628a04d5c82d4e6d61e9b9c261853ec839a49bff12175a26d00a0d770d80eb9abfa584cb9cc45b3dae7da59f907c71181b910195f75682ad18b6adc10c371e6f9b5df57837e6224c9f3026f2502f17c976f4699382667b73fe0c82b1cd40b9374dcc6fdfcb0aa230b848b229e29dfb64278bf7c20b5026f90f1cb82c7fc83b6b4b8520f1e04e0e3cf85f15cf7615386b7a8f3d7614039c2476c4b71d5139d9291d590439de5bd6978405f3c73e897fae77874a3e708393d2aa222b53c4363f71b2dcfb8310bb1ca0983bd256c8153fbbf6319df8f2b5cae14556d5d77eab9f54582d34931161d84945a7685bcc597450d92934e96bafa4242bed07ed32d4efebdbb69b5511e35afbf4af0cc22576c048b39b1ac11aa619231610d7f5e801ac4042b36f55e475f08a690918d753a7fda460a3291bb16ce53a85419b0e8ddaa79376d33435f9d9e4b3338160282381313fe5a6b6c51a9bd469867b166957611fa14ba87566cbbdb1884dd80f35f565150fd4afac95f360d2e73541510a4e2c9df35004542174829101aef3d118e376110a162698a8f0c7798a38ed4a7f8c169de9ae80ab61423fe232f0c07bf8c230a73a597bcfcae77f0b743d678a736613f24859641e79df4d0f8d11b718aff8699a8c860bc7980ee606f91308379684d4475ba94fc0db87fa0002eff063304a4dba84208e21c8333f54a34f979c597daa3e03d4c472014847c220ae81011e80020fd664a580a66dcbdb0bf520d0daea6672cd4afe7c58daf9b280966b99563c9e27201336aafe2e263ae884fefe73143124ed052a398c171b6a1fbb98934ec64dec4498109f4c7a4e24defe6e907d1d8dab93c9ea7b7ff368093653403e78ef952a5846e6a8887d25e382935a4f1db5e000d4b4597b48594f9d8165dae0e287c044b984529a4c78f630aab85bb5dd5001e5ac670c9fd08e121418ba5fdf9bafa4e014de17132dc7beb2e03e737248397c68f507c85a9ad48aafc4bdef906c10617819d450262aca05461fa9c9e3987733d4e512a7fca7e71c23ff5828d7aeacbc3fc1ebe6c6d4df231f77c7a60eb4692376d8de24c8ff230ad6d8a8425fdbe3fc59b58a1f02e285dc196c42d9d5c554c073c2b3602890618a6c7447c77798f02a2168fee8f76f0ea5daf8d76b431802dbf37f4d47cabc6007707f8fed5acbcd8882fe173913a43bbc3f960dc386c522b639c7fa3366b130d44a188e0b31b6f4ddd55e2ee4ab96250c8c1f462b35267a9cd56c0cb53c8dfe6eb04d8bac32a3c4b2846178de752cb43f8923c200e96dbd2e53bb8cb98793265caa632b1984d95f8141cb521ed1b96c627c9b94d1c837fdcf462cbd547edeeb794600b84da867ae4e8b3da5b35d4efaa772e4050efadf98ae54c91d29729aad5c07f5137ae2c60e893eeb0cab4fec6f60a75ceca3a864c44aa6ee4297480814c1550f37429ed0e4115ed054adefaf7e2f7f134033b5c5eed545b219a999e22f94692b235b88cd2fef4dfacd7af8377767837f7c7e5efb6c3785cbb8bec37e6a0fa7c9e93a9b8d65bc60130e6f10fefbb4abbf162b46d7750c8c56c2893b5cecfddcee180ee207c7328d9d6d7bd9d47c0ce03f395ee51b1c66aa205daa3d858fd88d228ae08171c5a1bce9a3b7b46ab33857354c8a2046d4e89f8a8bb16a8c471f5e45bc554fb0bba973ebcc2c0602e24a3ba9d2bc97a1660a150bb5ce9ec5227598cfdbd24ab7cc27278c1265dcfb04cffbd95b086a5d48af233f9620fbb79d9829d7bfe5f0819fdd67d91bb775ea91dd06c051c85833c8f436a6f7ac7bdeff837961bbcc3e5708a55e850655c50fc6c7a19482aa8bd84d4d066598af48c4392ef43c03d1a0c62667ee190340d363e876b413f406f3000103d45fa1ca22e0539a67dca8542c0ab8acf971b27e92a2a189866f70f7ef05b1dc953e38d66f3409d28c540275072ad4cfc11675c46bc038066a1ec7edd436c73bf540fe950b3b5ee9802807b0f7d5453ecfa80854194c2a6ad1648ecef8834db8200a306e73147224b8e623a655edcf56e6b7c49f55a54887b66b09421b7166f5716e1f32dd37d72c63c9b403738b7f3c6943ef6164c4d1af94dffa11f8c453a29334424ff2da6ab41c87868dab2e10cc109b1e0c4cb0f627bcebd8a953adb0f399f492a34b9c463b4132d9d5a2b7b509bf88c5c966e8407b1e0d3383033b264fd11bd98434b0890dc75ae12a123a26d88aab18f6fd426cab13f94bfdb039747b310c4275db81c0ef6bc78ed6cd028a40efe10af1b79141fbf6537f50b8f1555f9a3b09fa87a664f799beb20fc8d4160face9ec2786ee6388e6cc87b83af6ff1982dac00ea79b55a2318d7a50ba03261536c3baf7cd82a3e269fda765ac640dcb0a8767cbd2835bd233ba9f295b5d40adcc2e79406d6fc81de4ce126a7ecbf95baca940fffb42a32575ce7aeb49e3a4f393dee9f9065a43b86c9d289a1f8ff2295cc6ee2de7f39d5fd11fbf7c83bd66108c37ebf6b9a613c1ea6911a6d37f17b0579c4c899893d0556d784127590f5724de652099a52de782e413ee717709c2ca147556648e895dd94afadf7d3bd0624edbe481b680387f84e723634c885bea4a1821cb14ad9bdb9583d2df3c7f5016db544cc4b8606c5ec6afbc90e70995f6c0e6e68d86cfb615ba5cb11fbea7c197b3e4a091ce0a4d6e068b1c683de716211c75459834ecc01c57c5e99d277e615dee33851b93728f1109b526946d51bc06fa74d88dddd7211c0abe1151d3706511073dbd05f96e740de142a4b28e2e0d3ad6eb0505e87576415571e6441994529abb72226eacc033490d433cbb4e22111f99339173f5346543c4e0734d207065cec1d2641a0879125d6ec360edb700d076861abca65e0b2ccacba80d106694a2d6fe671b3ba22ee11a86c176ba5c99bf04c893fe98fed07d594b4c991761fcf6452b0e04d6bb286038f2b8450bd8428e73f6821e337491eaed9c0b6db00e7b9928fae6362d18c5a4c297805c7b32ea3044b0d0e7ef0f54a6a8a0f98992329fbe9fb548acaff36e103233c8903523f9ce1069cfbe24c57e935b35606d477b780eeeabc88e3b9677586c2f5111e74e60f2dc8efa76fbf614327e7dd144fd626fdbfcf5db7fc9456e181c135d3d620ac5c5c4ab4346b78ca0d26ba79ff4b37b62451ce7bfd72d8bd6d8ff2822f99e7f0f936c1c963231154716d57b9bbe8d76514826555cee884177d747adc187d9f9857d31d9493930ed8cd5e5912963894915407d42b593fd13ced44aaf9abb778e318dfe82a7a71a36e5d2068f553b6204403db397a67df79f581335c5e8743436f1ef20a2f2fc32bdaec6bf0a1177c18e95a89eff2e6d15ed1aa4acd7051c13848e93497f9732bfc5ab96f9300fc283d44242542215f180953d3c298cb4e7fa093b6189b42a9f103e7cccea7c2ea80d70f45c1cec4d5174a4fdfe174258c3b9cfd6625806cc94a2e83152edef02304e669f77ce30dbbf2e5b6373f92e39612b06f7659be3dc690698fc84d379c57dfb09cc5c79a94cd414c2da0fd8f6c308329b918461922c580c194bf330c512bf201ce16d819fa2b1c6a3a4581f8ba1302bde3258439b2deacb5f6294e205be135b4a5e96856f964f339e6199b72736dcf1b8564f166948ba7c728a0f29bc95dfd50be0cc4970a51653db6a2ee04acc108a84155fd6e6291a722c049cd815393594a49cc0b1f2070c05abcf0c35836afe2fc25f0b2fb8bcd4cc201ae57055e51583a8276491b09ad2d5eea7c61dbaa6ca1e1d94470ae720adef511296877526cb49f7ff818d97b8015a399eb4bea2c2398050ff67539e0a81c5068feb9a23b009d23468fe5d3e3df9ac688df4ea6e4b7e633896e3279f18cbce83020b14f2b8cb93cac5961be48f8c5c75a92eb89b09faa1f5d7dcc6496770999355364439630a84aaa9802f2a2068ef8371b72282d6f90e800fbdfc7c169da8dbd623d6f0d09e929bb92e4e1f1bf62f3a787ea73f43201d21102341c8b54edcd471cc40561cea5854fd7237d6417546534b89384cb5345ee49f4de8dfa3d62b9bf13fa97b085987dbcd3cb433d5b15be9044b49999d132f1922cd99fb2b37fa9181b49e5ee6f4474402dd4ee54cb9e89af464940b105da4b53625e73958b409bac1ae5672f608ce5e5a47dfb164184c4864485c6fe95a023ae71f237f94eabe09ff5dbecf1a84c815f99d67810c1f6fdfab3cc3a03fc38d60c8b27df471fdbf58fe8625f930cf53a57beb063c9098600cc02b97c8dab2d5ce2c4f4a4684a0cbd94193abe643176a9551f4c8139adc1597916d789dfc1dda5b0d0287fcbec35121d55ea725b22460aef8deeed83b45f80b4fd0520f51fba58a0155112a88218f2bbe4bf76cbd3f2ae97d89cd8d9cca10b7e349c3045f4e85e9d85f05642f4d8e91467c4e4a0cd5503f5220ec8b906a79d0f311cb4bac3438b93310d8e21da011bd7ee65107adf85d8eb0a73c2f4a5ed65b2b38dcd53bd7ad9e94194696a0c92c72aa1e2029eae56884817f968c4fac9073e9a1f82283808de4be312e08ccd74450e43d5e96a57efe9ffb98122a8c9a968e1635e029ce4a46282129562356d83f89c51b91a8b6c36cb4c5596218c747ec671e1b41cbc34fece7ec85d327ea80e973a247a0be9423aad44fbae70347deda698d00366d20c3676afda493d3955fe2a4822c9028a6cf52435a6a41c4f66a2bde16bfcdf2a3165df7911f7d06a30ac9fa1663c30adbe5c66b201c39a1b7e597395976e600675f3402c643d334fe365e66ed2882260ee4f92f6a088925cc1ed1ff4969fe25431a5660fd4f9d0328384550f3c9029be93ecff2e7822ff4d94cdb893c26269428cb196db1f16ff27e263348286c8ff8bf932cab11cbf0880be61c78fbe26ad65e49ca08d16a5e3a627a4781b3931d017c0a5c5a21726403b927c1499c2dd7fba9d498206d94933d61862b1842b594c71d168e4905700fa3dd3e7234ee5926a1055a78a2daac92bbcdd102ad15748e38d492ad472fcb37383f36c84ebcffb68a18975e91f472397bee05e8dac74ccf51f2e8d9600765269ff2043f8de046ccd0ec342f1af5d85fb2c2b5c22a643bb9fdc2f6bcd8e2985c0d9e04168926ae2c9dbdb0b3f3ba6b62bd4182bed8cc045c2a17d1f486f68f576d1113ceefd365c57f44e93f0631f10448e81d3fa75ef08eb14aa4c94e3eeb27d8482144942045d954978ec8d047f9adb816697899d43392e4d453b597f77e7f0cbd8edd1691eb70ef46447d040a162f1fd69a7862f44a2c76acae891c29bef5efa4db4b3b927fdec936b5c3906bf95582a4cbe53f2fee3584f4066248c7a9c4de9c38e257501e8acf9fcbb422634c06af6c0ab01c530e8310876edffa217038e2675d45eb4e0e9711b861766b785dd4030f8487ac8b1a955b0817365a2a079dc6168593ff0fa8769e9b3811fa8a5e897c77328e04a972ee839458e9f47358f026faae1de145a6067d4caedea95eb5bf468e8878b9d0c76cc0c1678503ada16faa9c1cec4bd802727dee7e3bf22b8962edcdf4b8511b648e6c4e962c997172b6fab313fb56662ce331c7a79b5a6ebbf1cae3111c5af8e350b4395df9e9ed809a649dada2d210bb33fa4308567bdbcab37e431cf4ca3e14127fd34073e70d943bfc3ea79ac2cbf36f7091020f866cc6c11e28e92c3e05941ac70705a7ab129aee2fcf7f54216556835d4f0e74143a379c4204d0800ac3e0164962cb76c5ee53d412968882acfebee5e15a5176b1657faa9a5daedef97e6c10131c15bc97dedd618e2bd0cd24d962163f30a137a3efbe45ff4c419dd6b4a36f94b42a82166a990266baea677c5ecf13f4dd0cfac3a00613bdf8fc5c3255d4dedb10faf50d7595eefe7d56d634b88751845820f97a76e71d5eb085f6b398a8546466c7df4357512955f10c829997e8357aa17eb02271d02578b0763d60912029a52783807ef2cac990cef99a420824800d65ed51b455503edce75b856fd66de64bcb378e4d0b3338c592110bc830049456691247a5d811dd23197e4ef9b259a5b9155a514d72939e093f6c7e4c84dee8b156d0d6efa4bf52049847192955f83a57b105a66b92ba445ad1e2e612f634cf5d8ee0d080db1e73abad0fea77f62b349190e36e9f705b6f4e76a8ea71785d3546c9e0a52791346005591110fd130ee70b4692eaff4db49ce1372f99edf53f720e5f694de56371486e716b06ba8ae1e09b62bd071b33d9e97b1a3de7ab41ede5973d86666e6b4999fd830502624f4ee35a9c8f7a238113ad33e34484055c0f46ef9d77c26aa2e0cea0877f112c0b866bc9d38a73247b62f72027cd578306989e7653052cdf34b211571846b36b0974e54275eaf1fe56c5fadaf8d3a75e7249ead4ca072abad76d2005b94b63272dbe71e2ed96acb8188f0c903714d4b525958b6c61b0b5bf09635d821b5bc6772fd493220f50b9c36f3f23efb13b192ae489f27d5f0780823646388776c6ad252709b3a29e01c7dd15171ab25247d1b66b659cc6939f6ada6632799738a2e6ef0693243c4b708bb7c27f632f85ad337654966c3719baa62437eaf6a0b1b83a5cce0c88d5dad52e3b393784dff7f417057870c33becd96f6d9bde73462af9366617510102acf91e454cccd7c4ce512adcc5658e13fbd43269e1c612fa75801a39a8cba3fb19208d2d03a547898beffc6ffc1f7a49d6cd4d132b8e1fef1c8400ad58e573ae704913a27522b08eaeef7b6cf25af93e626e6467e57423aa5fee873f06c6ae509baa4b820b00c212123ce4fa0f623912619eb81e893e07bc07757565d64e3ab3f0e22fa88ad2f32c7bb59ece9cb0e2f80f", 0x2000, &(0x7f0000002f00)={&(0x7f00000021c0)={0x50, 0xfffffffffffffff5, 0x9, {0x7, 0x24, 0x8, 0x5000, 0xffc0, 0xf3c3, 0xc5, 0x4}}, &(0x7f0000002240)={0x18, 0x0, 0x10000, {0x2a9}}, &(0x7f0000002280)={0x18, 0x0, 0x6f3, {0x2}}, &(0x7f00000022c0)={0x18, 0x0, 0x0, {0x2}}, &(0x7f0000002300)={0x18, 0x0, 0x1}, &(0x7f0000002340)={0x28, 0x0, 0xfffffffffffffffb, {{0x401, 0x0, 0x2}}}, &(0x7f0000002380)={0x60, 0x0, 0xffff, {{0x100000000, 0xffff, 0xc29, 0x61fc, 0x5, 0x9, 0x0, 0x9}}}, &(0x7f0000002400)={0x18, 0x0, 0x5, {0x40e4e2df}}, &(0x7f0000002440)={0x11, 0x0, 0x5, {'\x00'}}, &(0x7f0000002480)={0x20, 0x0, 0xffffffff, {0x0, 0x1}}, &(0x7f00000024c0)={0x78, 0x0, 0x0, {0x8, 0x81, 0x0, {0x5, 0x9, 0x3, 0x6, 0x40, 0x4, 0x7, 0x8001, 0x50, 0x1000, 0x3, 0x0, 0x0, 0x4}}}, &(0x7f0000002540)={0x90, 0x0, 0x9, {0x3, 0x1, 0x3f, 0xfffffffffffffffc, 0x80000000, 0x4, {0x6, 0x5, 0x7ff, 0x80000000, 0x3, 0x3, 0x60000, 0xffff81e2, 0x978, 0x8000, 0x4, 0x0, 0xee00, 0xfffffff9, 0x8000}}}, &(0x7f0000002600)={0x150, 0x0, 0xffff, [{0x2, 0xc6a0, 0x7, 0x8, '-@/.+@*'}, {0x2, 0x3, 0xa, 0x3c, '/dev/fuse\x00'}, {0x5, 0x1, 0xd, 0x7e, '*{-#%,::\xba$^-+'}, {0x1, 0x0, 0x7, 0x2, '[#)\'%{$'}, {0x1, 0xe65, 0x5, 0x9, '&*,*9'}, {0x1, 0x3ff, 0x0, 0x4}, {0x2, 0x8000, 0xa, 0x81, '/dev/fuse\x00'}, {0x2, 0x3957, 0xa, 0x1, '/dev/fuse\x00'}, {0x4, 0x40, 0xe, 0x1, '[/*(\xa3:,+\'@:\xbc$('}]}, &(0x7f0000002800)={0x518, 0x0, 0x6, [{{0x3, 0x1, 0x10001, 0xffffffffffffffff, 0x1ff, 0x1, {0x3, 0x8, 0x0, 0x80, 0x10001, 0x100000001, 0x1, 0x56f0, 0x2, 0xc000, 0x0, 0x0, 0xee01, 0x9, 0xfff}}, {0x3, 0x9, 0xa, 0x8001, '/dev/fuse\x00'}}, {{0x0, 0x1, 0x0, 0x623, 0x7f, 0x3, {0x4, 0x10000000, 0x6, 0x7, 0x0, 0x9, 0x0, 0x16f, 0xff, 0x8000, 0xfff, 0x0, 0x0, 0x7f, 0x8}}, {0x4, 0x1, 0x8, 0x6, '{\'/{[**@'}}, {{0x5, 0x0, 0x10000, 0x5, 0xa1d, 0x4, {0x6, 0x7, 0x80, 0x1f, 0x4, 0x5, 0x9, 0x69a9, 0xfffffffa, 0x2000, 0x3f8, 0xee00, 0x0, 0x4, 0x1}}, {0x1, 0xffffffffffffffff, 0xa, 0x0, '/dev/fuse\x00'}}, {{0x2, 0x2, 0x8, 0x1, 0x7, 0x8, {0x3, 0x115, 0x7, 0x8, 0x8, 0x6, 0x5, 0xa6d, 0x400, 0x8000, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x8}}, {0x2, 0x101, 0x0, 0x1}}, {{0x1, 0x0, 0x3, 0x8, 0x0, 0x80, {0x3, 0x7fffffffffffffff, 0x2, 0xffffffff, 0x4fa00000, 0x7, 0x7f, 0x1d, 0xfffffffe, 0xc000, 0xffffff81, 0x0, 0xee01, 0x7, 0x1}}, {0x2, 0x4, 0x1, 0x80000001, '\x00'}}, {{0x5, 0x1, 0x6, 0x7ab, 0x476e, 0x4, {0x0, 0x646b, 0x3, 0x0, 0x68e, 0x0, 0x3, 0x8, 0x200, 0xc000, 0x401, 0x0, 0xffffffffffffffff, 0x3, 0xffffff00}}, {0x6, 0x9, 0xd, 0x1f, '!$&(-\xe4/()]+])'}}, {{0x3, 0x1, 0xadd, 0x1000, 0x9, 0x6, {0x3, 0x1, 0x60, 0x0, 0x1f, 0x5, 0x592, 0x5, 0x1, 0xa000, 0x1, 0x0, 0xee01, 0x1, 0x22d33caf}}, {0x0, 0x9, 0x0, 0x3f}}, {{0x1, 0x3, 0x369, 0xffffffffffffffff, 0x20000000, 0x6, {0x1, 0x80, 0x68, 0x1, 0x10000, 0x5, 0x588, 0x800, 0x0, 0x4000, 0x9, 0x0, 0x0, 0xa3000000, 0x8}}, {0x5, 0x9, 0x1, 0x9, '\x00'}}]}, &(0x7f0000002e00)={0xa0, 0x0, 0x5, {{0x6, 0x0, 0x6, 0x7, 0x68180000, 0xfff, {0x5, 0x7, 0x3, 0x9, 0x7, 0x3b99, 0x4, 0xffffff7f, 0xff, 0xc000, 0x4, r3, r11, 0x0, 0x3}}, {0x0, 0x8}}}, &(0x7f0000002ec0)={0x20, 0x0, 0x8000, {0x935, 0x0, 0x100, 0x9}}})
ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(0xffffffffffffffff, 0x80dc5521, &(0x7f0000000040)=""/153)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}}}, 0xa)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) (async)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000140)={0x30, 0x5, 0x0, {0x0, 0x4, 0x800, 0xd2c}}, 0x30) (async)
socket$nl_xfrm(0x10, 0x3, 0x6) (async)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000000)=@newsa={0x154, 0x10, 0x633, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@dev}, {@in, 0x0, 0x32}, @in6=@mcast1, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @encap={0x1c, 0x1c, {0x0, 0x0, 0x0, @in=@empty}}]}, 0x154}}, 0x0) (async)
socket$caif_seqpacket(0x25, 0x5, 0x5) (async)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005800)=[{{&(0x7f0000005440)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000005580), 0x0, &(0x7f0000005700)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r1, 0xffffffffffffffff, 0xffffffffffffffff, r2]}}], 0xf8, 0x40}}], 0x1, 0x40) (async)
stat(&(0x7f0000002d40)='./file0\x00', &(0x7f0000002d80)) (async)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000005140)=[{{&(0x7f00000000c0)=@abs, 0x6e, &(0x7f0000000040)=[{&(0x7f0000000140)=""/195, 0xc3}, {&(0x7f0000000240)=""/215, 0xd7}], 0x2, &(0x7f0000000340)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xd0}}, {{&(0x7f0000000680)=@abs, 0x6e, &(0x7f00000018c0)=[{0x0}], 0x1, &(0x7f0000001900)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa8}}, {{&(0x7f0000001a00)=@abs, 0x6e, &(0x7f0000001b80)=[{&(0x7f0000001a80)=""/83, 0x53}, {&(0x7f0000001b00)=""/2, 0x2}], 0x2, &(0x7f0000001bc0)=ANY=[@ANYBLOB="1c0000000000000001000000020000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c00f2a95c939780ae45000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000028000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1400000000000000010000000100", @ANYRES32, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c0000000000000001000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32], 0x108}}, {{&(0x7f0000001d00)=@abs, 0x6e, &(0x7f0000001e40)=[{0x0}], 0x1, &(0x7f0000001e80)=[@cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x110}}, {{0x0, 0x0, &(0x7f0000002440)=[{&(0x7f0000001fc0)=""/154, 0x9a}, {&(0x7f0000002080)=""/155, 0x9b}, {&(0x7f0000002140)=""/228, 0xe4}, {&(0x7f0000002240)=""/21, 0x15}, {0x0}], 0x5, &(0x7f00000024c0)=[@rights={{0x10}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x28}}, {{&(0x7f0000002540)=@abs, 0x6e, &(0x7f0000002a80)=[{0x0}, {0x0}, {&(0x7f0000002680)=""/59, 0x3b}, {&(0x7f00000026c0)=""/43, 0x2b}, {&(0x7f0000002700)=""/254, 0xfe}, {&(0x7f0000002900)=""/79, 0x4f}], 0x6}}, {{0x0, 0x0, &(0x7f0000002b80)=[{0x0}], 0x1, &(0x7f0000002bc0)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001800000000000000ba420001000000", @ANYRES32, @ANYRES32, @ANYBLOB="1800000000000000669a96dc4c307b53", @ANYRES32, @ANYRES32], 0x50}}, {{0x0, 0x0, &(0x7f0000004f80)=[{&(0x7f0000002cc0)=""/29, 0x1d}, {&(0x7f0000002e00)=""/4096, 0x1000}, {&(0x7f0000003e00)=""/4096, 0x1000}, {&(0x7f0000004e00)=""/143, 0x8f}, {&(0x7f0000004ec0)=""/192, 0xc0}], 0x5, &(0x7f0000005000)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x100}}], 0x8, 0x12000, &(0x7f0000005380)={0x0, 0x989680}) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) (async)
syz_open_dev$audion(&(0x7f0000005680), 0x4499, 0x0) (async)
openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000056c0), 0x2, 0x0) (async)
socket$nl_xfrm(0x10, 0x3, 0x6) (async)
sendmsg$nl_xfrm(r15, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000005c0)={0x0, 0x154}}, 0x0) (async)
socket$nl_xfrm(0x10, 0x3, 0x6) (async)
sendmsg$nl_xfrm(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000000)=@newsa={0x154, 0x10, 0x633, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@dev}, {@in, 0x0, 0x32}, @in6=@mcast1, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @encap={0x1c, 0x1c, {0x0, 0x0, 0x0, @in=@empty}}]}, 0x154}}, 0x0) (async)
socket$caif_seqpacket(0x25, 0x5, 0x5) (async)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005800)=[{{&(0x7f0000005440)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000005580), 0x0, &(0x7f0000005700)=[@rights={{0x18, 0x1, 0x1, [r8, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r11}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r10, r4, r6}}}, @rights={{0x20, 0x1, 0x1, [r5, 0xffffffffffffffff, r12, r13]}}, @rights={{0x1c, 0x1, 0x1, [r14, r9, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r15, r16, 0xffffffffffffffff, r7, r17]}}], 0xf8, 0x40}}], 0x1, 0x40) (async)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000001c0)="6b0ceb6d79d905189f02b4183bf8fc9842447911fa36c51681c0bda114a04066dbe4c8555cd51ba79b176bb58c39d500f8d908a999cb5d977240a3d1537eb41a57a882f24562ab93106438133d023b9fca3aadd102f10fa3e01475897f5e0df9e223c2126a0ffbe245b6c29241ccbd7a5afd41c73bdc6e78e7257f8920f5e4ad5642d61572cad9bb802dda95bd2a9b9bcfc3fe96e6dc6eefa8e9e62202d233f905e05469e8252e799d8629d554d98d67a6fbc81c5fb0711bdbbd10820ee2420df1bcde1617123daa66fa9c5cc7103ca9550d0b4ade160783f5860a2136f9520bca58bdd0c4b60050f025a84cdc13819136855d1a117c08ec2995c91004287abb290bf4c7e080bf67a6e97829a6ab6d6b81119cc3d7747a0e465ff48f3b676a68216e5b114f987ca6d32a72c4b09e769ebf82367441a7cd085c5b73258482d559efb3667d9109d09a19091c9130d51f66134bdee684d911a1995b420e4fa4da4bfe2978160c4b0b3d66eec903d95c88a7a1b5e2e59f5fcb386066de058b15a5c9edf9cc220623146e3c2afb0fe8be84a7678cab8e29932b62813f848e5bec79f61c2465fb9dc0dc0bdd8f7e742ad15faa4be6131086a35e6fd681fc997ddc7260d215bf2686dbff5bdfa07d353b69eed53d56a069049ec82f782da2110680a7c276965aa910bf9c1620a646edabb8922faa42d7547bc760d5b0678e930df19940099460dc01a6f71c84490427463753b8eadafc628d8f3b36954cc7046704c723f528fc351e2bc3ff17b63a8f9aefa884536f1ca2fcac5b7b29ef667996947f59fb7adedc28e01696f365e74b214c720c506941c358c4d0942b72986785dd2d8a72feb957bf8af1b1a34d747e074b3d1c8f783b724cd2618dfd2490dda319c2638b690b3ebaba06674fcc1c6a3e60169ea3f6a366ee63bb87aedffc4e8e9cd9dc4fea7ef0f1d5273cc6b952c190978b4430caf668ecad64bc1f5318fdd338ca41cd0df97d1f8286a32599133d653b56cc5e13dcfb03f454e6805e2a9d2b1f174517136b1234dd59495c52c25f3ca21c7686742c40867eaf44ff07c848c0dfb19810feacbf79a940fe5bda3ce36d9a593f3cd1b0bf8d72c2d2d995cc130989454475c9f11475ca39a23132a88e15a4ae1d300073db4c25aeb98622d77089edfb73dd1140e058fdfc4ca1d13b438d1825b6de5994ef5830cd3f2bbd75eb749b079b1844312243182c777da39c3f13f349af9c0ec190cb3a99381198dcafe671b35e8beb898b0ac97834b770e8417b1ab882e6c1dd4ce688c363c2c3f2a0ed14ba05510973346fbffed591cb712c24ad02ec272ed003c90376c09709c8a2666be38a6ea9e103b3f7eacbabe857f15a5bdf6bf7b0f399ddebbae70a039e9e530b0444c52a36e21e176390117b6e125bb0c67fd1c2a295a65f40db89e0e11e4cb698399beb6fca0062898cd47e7bf3191f89fd7f240e3263d718177f5773babfdffb2b55fcf8369b8ccda17356cb077df85e829a1533f5b23df9b2cfd343ae0fbc6624b38aaa839ae83ccf60cc0f83291c1ca5b6b465bba7b9d2adb42f65493426592f4a3e369696504d528830e4bc23c754f27615a7bfb17f4ec2c344a80443da163ed89843dfbb8f39b1ee4b28779f8ef607cea78e86376645a1241dea7fd5fb73b4fcc49e052dfc1eb7c9a90f13ec5f210b6f93ccccf9405329472933f70a513874eae185908ebbb41a0e0c87cfeda3877202a91b2dd51485e8ef3bc5fa0b1cbf6ad402eeae53e3520ab3266dddff69a9a83a69912446da9f11700dcafcae348c166950b2936acd9b0694dca272b5d8fac90492535b77651fa8e0ed7b4f2ce460560b78a12eb5ea7b3eb09395d8f515ab593f31f7fb2bef734d009df3f626943d7695062867d30c87560592327f502b32ed99e0ca30024a2d3cd62915d062dab52da46274df64e8b82d87f112d3e48d669600fbfdc408582226e75444ed45680ccabc67291d8aeb217ff56bd3bda8f2f7463f4b7490056a49bfd3c6bcb2649a02d3180e88e78434b3e6735f607798fab1510d91b4f736fa3c4a743f9583aff4fb3950a1b510e425b7d0cde46946ea5301d482ac7251cb27f4c5b3eabc6d41a002125e8c3426f74d493c58d87d4114c49fa52cb14fd537174714cda5c75af1b96efbb1ae9d01e345af30dde23aeeaab120b3443a547c96e18e33105d7e08dd98626872e59507536230ca9137dfd5ab0c4f5806fe117f196fd186414e32e9e3fa5a7184751416138e8084c96eaf4fa6ed130f38379ccfc613e71037e7b07e35e965ced809aacb938bd702ba521c2fefebd83451b394d7b77dff3885faacd2b2e0b9bb93f9329851d6fa957db25cc1e5a4eaa6e0ef5ddc5b849df152381ae27a0f17abd1e9cf0e784139a98ce349e5ce813fb8887dc930a056e26816d9a9959ef129fc8f44274a47834cc57a58fbb84b04e7714ff760669032e87b1575e9ad200191d96dc68b2ee104d8e310db615bfc38a7d0baed136c8c3def6d5a4358523c87789c6acab77cd255cf11beddb9b4ba12c4de8f7e7a9641366ff75a10da4440e3250a95cacbe3374bfc9c40972c6bac650b65128e136a1bd84a20065632ebf26b76245af5ad65626b7984acaf2c31528da294da15995bf0b2a0f192936b5e8332037d60ebcb069d621a7cecd959665730b369602c642130b234b7ef35a249135042e3acf3e149c232bbafcb1bd3a1e85e3af8ed8af45e88c423fa3271a98355231b80ad085630e8e2dba38485b86b0eadfcb08b9b1ad159a67d0fd2a2b3acc084aee41afc5c2e185983695a29ac8e2204872af88d0830a369aa341abe46412157cea3d97814eb52b2b2dde7e833919f1848d125e15791982bc4aca9cd8ec5f5ff0bbfde42d497a1402463cdbbbaf04dedd9862e1ec1ee770fa04350536168a8b54c147f448f5fbbf9073cdbc356c59741b7a8b6071c960a2b11b087fc056d0cae776af146b40ab86515a3f8839847af9111a3d6aacbe47daa80472a740a1eebc188534377167da0a0e37dd3cc82160fa4e648b7b46862e82b962ad96be237feb999254ef533b883617dc6efce0a4d5563a849e2be72fbb993b8fdfefd04b69b42cfbe6e02a107ec0949ed68e2c04f70693254b849d81d43cff3128a3404ee54737bd5ba3567ad5d30a83862efd2a39898b8ff97afd413ac1791096406fb5f6edcc01a232a2659069dff28e677802be60bfeae9336546f6fefa4051601cbada1b6c319bbf4f0d0d2d2d4518ff3b25d4635b7943da87275ed83a83a3c775059e277ea69ca55680872c4d51a9c4c0cac6c90269b0cdfab1f92a4741db2c47077c6291b246f4236fd9ae30e228ce85701a5b37e315704b34148a8d26fe751d6d4cf272d7b6d8d269d3a4cbb3e24e328c431b0a017d2be0d58b310973e8eae10c2f934ae7c1282979fade5c7d6c205d68e9c0a1eabb461604f91ce81841c21b9fdb9cb87033f8f24d567331865ac2a2f57443dd7aad4085d92ba8dfadb80d440438274e6923f835075805d4be0ece39a5b1f08dddb021f57976092e7986d0438e5f4da7c65f279f9964667c75d2437a7e3bda8d4ada51889ae1e2a9732998ffad54f018cabb7ea673c524a92288bcf6cd95a9e674eb5d5c5497650e2a7f343a073e1f519d2919ad78bce71ec0364e905735d6aa2e2f6d2860c721df8efd9e28d2d043b33001421cbfdd144825b05e556108f0efa4005c6d3cf285f90b8ef1aae4d01b1735c742b9c54816c0ba02aa14123c2a8ad5c992f7c9eadda900b91854cd1797dc51f5c611dc951bb4c7302e473a804b1dd65842f18a2cbbe954fd3c773e23c147410f2686c19b4a6727a07b469698eca6f5dad0a74a17fe77a43d9b6481a19cd911a22eb85fd329d0acea702ea4fe769bc9e47a8e538a01688244bcf1b9915b82d2cd136d7dbf9dd58d76778528d499d245e236474b32afe65c55a29ee43258d6642af471f75b76717001459df6b3f815544f48f07aa0c455d1c5d8fbec14dd57421841c8322791f884496c6e7380b99f4b18265ad83a3607b51095f48734f1e85c60d1c2c8ca97245de67590e743902e9c63669913aed7549995dd092f8c75227b634f596a6a1fdb120aca177f583b845b105e6a18ad72aa748177afa249bac1177b10238ef6282f52c579d32b9619f19d1ff0880b06ec6d8ff37735b39d21fd64ca8ba2cb386dae021372ac91896bb45cb15a5a9b4c1871659cbde893890bc45ddebd4a8aeee3b259f27027a7acab9e563d93043390dcadb997cb8c5e48496e5cf21de47931d68ed4a2a225db7a33463e28d318668aa7a6174f921750b59d0a163ed473adbe6426411f08a813280fc383b4a0cdad902b24398d4559d61df261495c84504880858254900f8ebddc92ab17740dbb4e4b460b7f649cfabdb1387fee72a7cfcf4eb6abda088b143051b23cb2bde96cb4ab640a4de6e612f5d75c5ada0b09da6e385809ed568c9aaed972fa1dd8bf93f0df683a4a5634c1458eb9d8bd64bdc726ffbc42e0b311cee588e3d8e084a380eab0c5a72cf0fe5cb36f4949f2ef2ca0552f4f022dde48e83eb48cd5fdc137b8955131693cf3be678caca0a17baf7b1fa2b21cd2740fb0c024be13e18de0c677255897e47b62573d3f4f78fd941c4f7fa95f45a3ddd7df061c99562fc69fe39811351b2b7c0119d059acb1744554afa4a3b0f1cf46929628a04d5c82d4e6d61e9b9c261853ec839a49bff12175a26d00a0d770d80eb9abfa584cb9cc45b3dae7da59f907c71181b910195f75682ad18b6adc10c371e6f9b5df57837e6224c9f3026f2502f17c976f4699382667b73fe0c82b1cd40b9374dcc6fdfcb0aa230b848b229e29dfb64278bf7c20b5026f90f1cb82c7fc83b6b4b8520f1e04e0e3cf85f15cf7615386b7a8f3d7614039c2476c4b71d5139d9291d590439de5bd6978405f3c73e897fae77874a3e708393d2aa222b53c4363f71b2dcfb8310bb1ca0983bd256c8153fbbf6319df8f2b5cae14556d5d77eab9f54582d34931161d84945a7685bcc597450d92934e96bafa4242bed07ed32d4efebdbb69b5511e35afbf4af0cc22576c048b39b1ac11aa619231610d7f5e801ac4042b36f55e475f08a690918d753a7fda460a3291bb16ce53a85419b0e8ddaa79376d33435f9d9e4b3338160282381313fe5a6b6c51a9bd469867b166957611fa14ba87566cbbdb1884dd80f35f565150fd4afac95f360d2e73541510a4e2c9df35004542174829101aef3d118e376110a162698a8f0c7798a38ed4a7f8c169de9ae80ab61423fe232f0c07bf8c230a73a597bcfcae77f0b743d678a736613f24859641e79df4d0f8d11b718aff8699a8c860bc7980ee606f91308379684d4475ba94fc0db87fa0002eff063304a4dba84208e21c8333f54a34f979c597daa3e03d4c472014847c220ae81011e80020fd664a580a66dcbdb0bf520d0daea6672cd4afe7c58daf9b280966b99563c9e27201336aafe2e263ae884fefe73143124ed052a398c171b6a1fbb98934ec64dec4498109f4c7a4e24defe6e907d1d8dab93c9ea7b7ff368093653403e78ef952a5846e6a8887d25e382935a4f1db5e000d4b4597b48594f9d8165dae0e287c044b984529a4c78f630aab85bb5dd5001e5ac670c9fd08e121418ba5fdf9bafa4e014de17132dc7beb2e03e737248397c68f507c85a9ad48aafc4bdef906c10617819d450262aca05461fa9c9e3987733d4e512a7fca7e71c23ff5828d7aeacbc3fc1ebe6c6d4df231f77c7a60eb4692376d8de24c8ff230ad6d8a8425fdbe3fc59b58a1f02e285dc196c42d9d5c554c073c2b3602890618a6c7447c77798f02a2168fee8f76f0ea5daf8d76b431802dbf37f4d47cabc6007707f8fed5acbcd8882fe173913a43bbc3f960dc386c522b639c7fa3366b130d44a188e0b31b6f4ddd55e2ee4ab96250c8c1f462b35267a9cd56c0cb53c8dfe6eb04d8bac32a3c4b2846178de752cb43f8923c200e96dbd2e53bb8cb98793265caa632b1984d95f8141cb521ed1b96c627c9b94d1c837fdcf462cbd547edeeb794600b84da867ae4e8b3da5b35d4efaa772e4050efadf98ae54c91d29729aad5c07f5137ae2c60e893eeb0cab4fec6f60a75ceca3a864c44aa6ee4297480814c1550f37429ed0e4115ed054adefaf7e2f7f134033b5c5eed545b219a999e22f94692b235b88cd2fef4dfacd7af8377767837f7c7e5efb6c3785cbb8bec37e6a0fa7c9e93a9b8d65bc60130e6f10fefbb4abbf162b46d7750c8c56c2893b5cecfddcee180ee207c7328d9d6d7bd9d47c0ce03f395ee51b1c66aa205daa3d858fd88d228ae08171c5a1bce9a3b7b46ab33857354c8a2046d4e89f8a8bb16a8c471f5e45bc554fb0bba973ebcc2c0602e24a3ba9d2bc97a1660a150bb5ce9ec5227598cfdbd24ab7cc27278c1265dcfb04cffbd95b086a5d48af233f9620fbb79d9829d7bfe5f0819fdd67d91bb775ea91dd06c051c85833c8f436a6f7ac7bdeff837961bbcc3e5708a55e850655c50fc6c7a19482aa8bd84d4d066598af48c4392ef43c03d1a0c62667ee190340d363e876b413f406f3000103d45fa1ca22e0539a67dca8542c0ab8acf971b27e92a2a189866f70f7ef05b1dc953e38d66f3409d28c540275072ad4cfc11675c46bc038066a1ec7edd436c73bf540fe950b3b5ee9802807b0f7d5453ecfa80854194c2a6ad1648ecef8834db8200a306e73147224b8e623a655edcf56e6b7c49f55a54887b66b09421b7166f5716e1f32dd37d72c63c9b403738b7f3c6943ef6164c4d1af94dffa11f8c453a29334424ff2da6ab41c87868dab2e10cc109b1e0c4cb0f627bcebd8a953adb0f399f492a34b9c463b4132d9d5a2b7b509bf88c5c966e8407b1e0d3383033b264fd11bd98434b0890dc75ae12a123a26d88aab18f6fd426cab13f94bfdb039747b310c4275db81c0ef6bc78ed6cd028a40efe10af1b79141fbf6537f50b8f1555f9a3b09fa87a664f799beb20fc8d4160face9ec2786ee6388e6cc87b83af6ff1982dac00ea79b55a2318d7a50ba03261536c3baf7cd82a3e269fda765ac640dcb0a8767cbd2835bd233ba9f295b5d40adcc2e79406d6fc81de4ce126a7ecbf95baca940fffb42a32575ce7aeb49e3a4f393dee9f9065a43b86c9d289a1f8ff2295cc6ee2de7f39d5fd11fbf7c83bd66108c37ebf6b9a613c1ea6911a6d37f17b0579c4c899893d0556d784127590f5724de652099a52de782e413ee717709c2ca147556648e895dd94afadf7d3bd0624edbe481b680387f84e723634c885bea4a1821cb14ad9bdb9583d2df3c7f5016db544cc4b8606c5ec6afbc90e70995f6c0e6e68d86cfb615ba5cb11fbea7c197b3e4a091ce0a4d6e068b1c683de716211c75459834ecc01c57c5e99d277e615dee33851b93728f1109b526946d51bc06fa74d88dddd7211c0abe1151d3706511073dbd05f96e740de142a4b28e2e0d3ad6eb0505e87576415571e6441994529abb72226eacc033490d433cbb4e22111f99339173f5346543c4e0734d207065cec1d2641a0879125d6ec360edb700d076861abca65e0b2ccacba80d106694a2d6fe671b3ba22ee11a86c176ba5c99bf04c893fe98fed07d594b4c991761fcf6452b0e04d6bb286038f2b8450bd8428e73f6821e337491eaed9c0b6db00e7b9928fae6362d18c5a4c297805c7b32ea3044b0d0e7ef0f54a6a8a0f98992329fbe9fb548acaff36e103233c8903523f9ce1069cfbe24c57e935b35606d477b780eeeabc88e3b9677586c2f5111e74e60f2dc8efa76fbf614327e7dd144fd626fdbfcf5db7fc9456e181c135d3d620ac5c5c4ab4346b78ca0d26ba79ff4b37b62451ce7bfd72d8bd6d8ff2822f99e7f0f936c1c963231154716d57b9bbe8d76514826555cee884177d747adc187d9f9857d31d9493930ed8cd5e5912963894915407d42b593fd13ced44aaf9abb778e318dfe82a7a71a36e5d2068f553b6204403db397a67df79f581335c5e8743436f1ef20a2f2fc32bdaec6bf0a1177c18e95a89eff2e6d15ed1aa4acd7051c13848e93497f9732bfc5ab96f9300fc283d44242542215f180953d3c298cb4e7fa093b6189b42a9f103e7cccea7c2ea80d70f45c1cec4d5174a4fdfe174258c3b9cfd6625806cc94a2e83152edef02304e669f77ce30dbbf2e5b6373f92e39612b06f7659be3dc690698fc84d379c57dfb09cc5c79a94cd414c2da0fd8f6c308329b918461922c580c194bf330c512bf201ce16d819fa2b1c6a3a4581f8ba1302bde3258439b2deacb5f6294e205be135b4a5e96856f964f339e6199b72736dcf1b8564f166948ba7c728a0f29bc95dfd50be0cc4970a51653db6a2ee04acc108a84155fd6e6291a722c049cd815393594a49cc0b1f2070c05abcf0c35836afe2fc25f0b2fb8bcd4cc201ae57055e51583a8276491b09ad2d5eea7c61dbaa6ca1e1d94470ae720adef511296877526cb49f7ff818d97b8015a399eb4bea2c2398050ff67539e0a81c5068feb9a23b009d23468fe5d3e3df9ac688df4ea6e4b7e633896e3279f18cbce83020b14f2b8cb93cac5961be48f8c5c75a92eb89b09faa1f5d7dcc6496770999355364439630a84aaa9802f2a2068ef8371b72282d6f90e800fbdfc7c169da8dbd623d6f0d09e929bb92e4e1f1bf62f3a787ea73f43201d21102341c8b54edcd471cc40561cea5854fd7237d6417546534b89384cb5345ee49f4de8dfa3d62b9bf13fa97b085987dbcd3cb433d5b15be9044b49999d132f1922cd99fb2b37fa9181b49e5ee6f4474402dd4ee54cb9e89af464940b105da4b53625e73958b409bac1ae5672f608ce5e5a47dfb164184c4864485c6fe95a023ae71f237f94eabe09ff5dbecf1a84c815f99d67810c1f6fdfab3cc3a03fc38d60c8b27df471fdbf58fe8625f930cf53a57beb063c9098600cc02b97c8dab2d5ce2c4f4a4684a0cbd94193abe643176a9551f4c8139adc1597916d789dfc1dda5b0d0287fcbec35121d55ea725b22460aef8deeed83b45f80b4fd0520f51fba58a0155112a88218f2bbe4bf76cbd3f2ae97d89cd8d9cca10b7e349c3045f4e85e9d85f05642f4d8e91467c4e4a0cd5503f5220ec8b906a79d0f311cb4bac3438b93310d8e21da011bd7ee65107adf85d8eb0a73c2f4a5ed65b2b38dcd53bd7ad9e94194696a0c92c72aa1e2029eae56884817f968c4fac9073e9a1f82283808de4be312e08ccd74450e43d5e96a57efe9ffb98122a8c9a968e1635e029ce4a46282129562356d83f89c51b91a8b6c36cb4c5596218c747ec671e1b41cbc34fece7ec85d327ea80e973a247a0be9423aad44fbae70347deda698d00366d20c3676afda493d3955fe2a4822c9028a6cf52435a6a41c4f66a2bde16bfcdf2a3165df7911f7d06a30ac9fa1663c30adbe5c66b201c39a1b7e597395976e600675f3402c643d334fe365e66ed2882260ee4f92f6a088925cc1ed1ff4969fe25431a5660fd4f9d0328384550f3c9029be93ecff2e7822ff4d94cdb893c26269428cb196db1f16ff27e263348286c8ff8bf932cab11cbf0880be61c78fbe26ad65e49ca08d16a5e3a627a4781b3931d017c0a5c5a21726403b927c1499c2dd7fba9d498206d94933d61862b1842b594c71d168e4905700fa3dd3e7234ee5926a1055a78a2daac92bbcdd102ad15748e38d492ad472fcb37383f36c84ebcffb68a18975e91f472397bee05e8dac74ccf51f2e8d9600765269ff2043f8de046ccd0ec342f1af5d85fb2c2b5c22a643bb9fdc2f6bcd8e2985c0d9e04168926ae2c9dbdb0b3f3ba6b62bd4182bed8cc045c2a17d1f486f68f576d1113ceefd365c57f44e93f0631f10448e81d3fa75ef08eb14aa4c94e3eeb27d8482144942045d954978ec8d047f9adb816697899d43392e4d453b597f77e7f0cbd8edd1691eb70ef46447d040a162f1fd69a7862f44a2c76acae891c29bef5efa4db4b3b927fdec936b5c3906bf95582a4cbe53f2fee3584f4066248c7a9c4de9c38e257501e8acf9fcbb422634c06af6c0ab01c530e8310876edffa217038e2675d45eb4e0e9711b861766b785dd4030f8487ac8b1a955b0817365a2a079dc6168593ff0fa8769e9b3811fa8a5e897c77328e04a972ee839458e9f47358f026faae1de145a6067d4caedea95eb5bf468e8878b9d0c76cc0c1678503ada16faa9c1cec4bd802727dee7e3bf22b8962edcdf4b8511b648e6c4e962c997172b6fab313fb56662ce331c7a79b5a6ebbf1cae3111c5af8e350b4395df9e9ed809a649dada2d210bb33fa4308567bdbcab37e431cf4ca3e14127fd34073e70d943bfc3ea79ac2cbf36f7091020f866cc6c11e28e92c3e05941ac70705a7ab129aee2fcf7f54216556835d4f0e74143a379c4204d0800ac3e0164962cb76c5ee53d412968882acfebee5e15a5176b1657faa9a5daedef97e6c10131c15bc97dedd618e2bd0cd24d962163f30a137a3efbe45ff4c419dd6b4a36f94b42a82166a990266baea677c5ecf13f4dd0cfac3a00613bdf8fc5c3255d4dedb10faf50d7595eefe7d56d634b88751845820f97a76e71d5eb085f6b398a8546466c7df4357512955f10c829997e8357aa17eb02271d02578b0763d60912029a52783807ef2cac990cef99a420824800d65ed51b455503edce75b856fd66de64bcb378e4d0b3338c592110bc830049456691247a5d811dd23197e4ef9b259a5b9155a514d72939e093f6c7e4c84dee8b156d0d6efa4bf52049847192955f83a57b105a66b92ba445ad1e2e612f634cf5d8ee0d080db1e73abad0fea77f62b349190e36e9f705b6f4e76a8ea71785d3546c9e0a52791346005591110fd130ee70b4692eaff4db49ce1372f99edf53f720e5f694de56371486e716b06ba8ae1e09b62bd071b33d9e97b1a3de7ab41ede5973d86666e6b4999fd830502624f4ee35a9c8f7a238113ad33e34484055c0f46ef9d77c26aa2e0cea0877f112c0b866bc9d38a73247b62f72027cd578306989e7653052cdf34b211571846b36b0974e54275eaf1fe56c5fadaf8d3a75e7249ead4ca072abad76d2005b94b63272dbe71e2ed96acb8188f0c903714d4b525958b6c61b0b5bf09635d821b5bc6772fd493220f50b9c36f3f23efb13b192ae489f27d5f0780823646388776c6ad252709b3a29e01c7dd15171ab25247d1b66b659cc6939f6ada6632799738a2e6ef0693243c4b708bb7c27f632f85ad337654966c3719baa62437eaf6a0b1b83a5cce0c88d5dad52e3b393784dff7f417057870c33becd96f6d9bde73462af9366617510102acf91e454cccd7c4ce512adcc5658e13fbd43269e1c612fa75801a39a8cba3fb19208d2d03a547898beffc6ffc1f7a49d6cd4d132b8e1fef1c8400ad58e573ae704913a27522b08eaeef7b6cf25af93e626e6467e57423aa5fee873f06c6ae509baa4b820b00c212123ce4fa0f623912619eb81e893e07bc07757565d64e3ab3f0e22fa88ad2f32c7bb59ece9cb0e2f80f", 0x2000, &(0x7f0000002f00)={&(0x7f00000021c0)={0x50, 0xfffffffffffffff5, 0x9, {0x7, 0x24, 0x8, 0x5000, 0xffc0, 0xf3c3, 0xc5, 0x4}}, &(0x7f0000002240)={0x18, 0x0, 0x10000, {0x2a9}}, &(0x7f0000002280)={0x18, 0x0, 0x6f3, {0x2}}, &(0x7f00000022c0)={0x18, 0x0, 0x0, {0x2}}, &(0x7f0000002300)={0x18, 0x0, 0x1}, &(0x7f0000002340)={0x28, 0x0, 0xfffffffffffffffb, {{0x401, 0x0, 0x2}}}, &(0x7f0000002380)={0x60, 0x0, 0xffff, {{0x100000000, 0xffff, 0xc29, 0x61fc, 0x5, 0x9, 0x0, 0x9}}}, &(0x7f0000002400)={0x18, 0x0, 0x5, {0x40e4e2df}}, &(0x7f0000002440)={0x11, 0x0, 0x5, {'\x00'}}, &(0x7f0000002480)={0x20, 0x0, 0xffffffff, {0x0, 0x1}}, &(0x7f00000024c0)={0x78, 0x0, 0x0, {0x8, 0x81, 0x0, {0x5, 0x9, 0x3, 0x6, 0x40, 0x4, 0x7, 0x8001, 0x50, 0x1000, 0x3, 0x0, 0x0, 0x4}}}, &(0x7f0000002540)={0x90, 0x0, 0x9, {0x3, 0x1, 0x3f, 0xfffffffffffffffc, 0x80000000, 0x4, {0x6, 0x5, 0x7ff, 0x80000000, 0x3, 0x3, 0x60000, 0xffff81e2, 0x978, 0x8000, 0x4, 0x0, 0xee00, 0xfffffff9, 0x8000}}}, &(0x7f0000002600)={0x150, 0x0, 0xffff, [{0x2, 0xc6a0, 0x7, 0x8, '-@/.+@*'}, {0x2, 0x3, 0xa, 0x3c, '/dev/fuse\x00'}, {0x5, 0x1, 0xd, 0x7e, '*{-#%,::\xba$^-+'}, {0x1, 0x0, 0x7, 0x2, '[#)\'%{$'}, {0x1, 0xe65, 0x5, 0x9, '&*,*9'}, {0x1, 0x3ff, 0x0, 0x4}, {0x2, 0x8000, 0xa, 0x81, '/dev/fuse\x00'}, {0x2, 0x3957, 0xa, 0x1, '/dev/fuse\x00'}, {0x4, 0x40, 0xe, 0x1, '[/*(\xa3:,+\'@:\xbc$('}]}, &(0x7f0000002800)={0x518, 0x0, 0x6, [{{0x3, 0x1, 0x10001, 0xffffffffffffffff, 0x1ff, 0x1, {0x3, 0x8, 0x0, 0x80, 0x10001, 0x100000001, 0x1, 0x56f0, 0x2, 0xc000, 0x0, 0x0, 0xee01, 0x9, 0xfff}}, {0x3, 0x9, 0xa, 0x8001, '/dev/fuse\x00'}}, {{0x0, 0x1, 0x0, 0x623, 0x7f, 0x3, {0x4, 0x10000000, 0x6, 0x7, 0x0, 0x9, 0x0, 0x16f, 0xff, 0x8000, 0xfff, 0x0, 0x0, 0x7f, 0x8}}, {0x4, 0x1, 0x8, 0x6, '{\'/{[**@'}}, {{0x5, 0x0, 0x10000, 0x5, 0xa1d, 0x4, {0x6, 0x7, 0x80, 0x1f, 0x4, 0x5, 0x9, 0x69a9, 0xfffffffa, 0x2000, 0x3f8, 0xee00, 0x0, 0x4, 0x1}}, {0x1, 0xffffffffffffffff, 0xa, 0x0, '/dev/fuse\x00'}}, {{0x2, 0x2, 0x8, 0x1, 0x7, 0x8, {0x3, 0x115, 0x7, 0x8, 0x8, 0x6, 0x5, 0xa6d, 0x400, 0x8000, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x8}}, {0x2, 0x101, 0x0, 0x1}}, {{0x1, 0x0, 0x3, 0x8, 0x0, 0x80, {0x3, 0x7fffffffffffffff, 0x2, 0xffffffff, 0x4fa00000, 0x7, 0x7f, 0x1d, 0xfffffffe, 0xc000, 0xffffff81, 0x0, 0xee01, 0x7, 0x1}}, {0x2, 0x4, 0x1, 0x80000001, '\x00'}}, {{0x5, 0x1, 0x6, 0x7ab, 0x476e, 0x4, {0x0, 0x646b, 0x3, 0x0, 0x68e, 0x0, 0x3, 0x8, 0x200, 0xc000, 0x401, 0x0, 0xffffffffffffffff, 0x3, 0xffffff00}}, {0x6, 0x9, 0xd, 0x1f, '!$&(-\xe4/()]+])'}}, {{0x3, 0x1, 0xadd, 0x1000, 0x9, 0x6, {0x3, 0x1, 0x60, 0x0, 0x1f, 0x5, 0x592, 0x5, 0x1, 0xa000, 0x1, 0x0, 0xee01, 0x1, 0x22d33caf}}, {0x0, 0x9, 0x0, 0x3f}}, {{0x1, 0x3, 0x369, 0xffffffffffffffff, 0x20000000, 0x6, {0x1, 0x80, 0x68, 0x1, 0x10000, 0x5, 0x588, 0x800, 0x0, 0x4000, 0x9, 0x0, 0x0, 0xa3000000, 0x8}}, {0x5, 0x9, 0x1, 0x9, '\x00'}}]}, &(0x7f0000002e00)={0xa0, 0x0, 0x5, {{0x6, 0x0, 0x6, 0x7, 0x68180000, 0xfff, {0x5, 0x7, 0x3, 0x9, 0x7, 0x3b99, 0x4, 0xffffff7f, 0xff, 0xc000, 0x4, r3, r11, 0x0, 0x3}}, {0x0, 0x8}}}, &(0x7f0000002ec0)={0x20, 0x0, 0x8000, {0x935, 0x0, 0x100, 0x9}}}) (async)
ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(0xffffffffffffffff, 0x80dc5521, &(0x7f0000000040)=""/153) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}}}, 0xa) (async)

[ 2341.176588][ T1370] CPU: 1 PID: 1370 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2341.187257][ T1370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2341.197437][ T1370] Call Trace:
[ 2341.200842][ T1370]  <TASK>
[ 2341.203822][ T1370]  dump_stack_lvl+0xcd/0x134
[ 2341.208476][ T1370]  should_fail.cold+0x5/0xa
[ 2341.213044][ T1370]  _copy_from_user+0x2a/0x170
[ 2341.217961][ T1370]  input_event_from_user+0x131/0x3a0
[ 2341.223321][ T1370]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2341.229193][ T1370]  evdev_write+0x356/0x760
[ 2341.233678][ T1370]  ? evdev_read+0xe30/0xe30
[ 2341.238222][ T1370]  ? apparmor_file_permission+0x264/0x4e0
[ 2341.244078][ T1370]  ? bpf_lsm_file_permission+0x5/0x10
[ 2341.249507][ T1370]  ? security_file_permission+0xab/0xd0
[ 2341.255090][ T1370]  vfs_write+0x2d7/0xdd0
[ 2341.259355][ T1370]  ? evdev_read+0xe30/0xe30
[ 2341.263901][ T1370]  ? vfs_read+0x930/0x930
[ 2341.268539][ T1370]  ? __fget_files+0x26a/0x440
[ 2341.273436][ T1370]  ? __fget_light+0xe5/0x270
[ 2341.278079][ T1370]  ksys_write+0x1e8/0x250
[ 2341.282542][ T1370]  ? __ia32_sys_read+0xb0/0xb0
[ 2341.287414][ T1370]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2341.293333][ T1370]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2341.299365][ T1370]  do_syscall_64+0x35/0xb0
[ 2341.303813][ T1370]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2341.309722][ T1370] RIP: 0033:0x7eff6688a649
[ 2341.314168][ T1370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2341.333794][ T1370] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2341.342225][ T1370] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2341.350213][ T1370] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2341.359690][ T1370] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2341.367775][ T1370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
13:51:49 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe800000000000000000000000000ebb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:49 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRESOCT], 0x8)

13:51:49 executing program 1:
ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f00000000c0)={0x2, 0x4, {0x9, @struct={0x7, 0xcf9f}, <r0=>0x0, 0x0, 0x5, 0x8d0a, 0x6, 0x3f, 0x80, @usage=0x7, 0x8, 0x9, [0x2, 0xfff, 0x0, 0x5, 0x9a1b, 0xaa8]}, {0x3, @struct={0x9, 0x80}, 0x0, 0x0, 0x81, 0x8001, 0x3f, 0x9, 0x8, @usage=0x100000000, 0x8001, 0x0, [0x3, 0x8, 0x1, 0x9, 0x7ce, 0x9]}, {0x7, @struct={0x2, 0xffff}, 0x0, 0x6, 0xef45, 0x8f4, 0x2, 0x8000, 0x0, @usage=0x3, 0x0, 0x1000, [0x9, 0x3, 0x4e0, 0x6, 0x4, 0x6]}, {0x20000000000000, 0x8, 0x2020000000000}}) (async)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000001580)={0x0, 0x0, {0x0, @struct}, {0x0, @struct}, {0x0, @usage, <r1=>0x0}}) (async)
ioctl$sock_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000040)={0x0, @l2tp={0x2, 0x0, @empty, 0x80000}, @l2={0x1f, 0x6, @any, 0x992}, @nl=@unspec, 0x700, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)='veth0_macvtap\x00', 0x0, 0x0, 0x114})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000003c0)={0x0, ""/256, 0x0, 0x0, <r2=>0x0})
recvmsg(0xffffffffffffffff, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000001840)=""/91, 0x5b}, {&(0x7f00000018c0)=""/80, 0x50}], 0x2, &(0x7f0000001940)=""/34, 0x22}, 0x2002) (async)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000280)={"e6696328276c80ede1cbb140551427cb", r2, 0x0, {0x0, 0x3}, {0x0, 0x8007}, 0x28e, [0x0, 0x0, 0x0, 0x10008, 0x0, 0x4, 0x0, 0x0, 0x0, 0x80, 0x100, 0x78, 0x3, 0x0, 0xfffffffffffffff8]}) (async)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000001e00)={0x0, 0x0, {0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000840)={{}, r2, 0x3, @unused=[0x0, 0x6, 0x70000000, 0xffb], @devid=r3})
ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000002b80)={0x6, 0x4, {0x6, @usage=0xfffffffffffff389, r3, 0xff, 0x800, 0x3, 0x80000001, 0x5, 0xe0, @usage=0xffffffffffffffff, 0x0, 0x1, [0x8, 0xcae, 0x8, 0x3, 0x1000, 0x5]}, {0x0, @struct={0x6}, 0x0, 0x1, 0x9, 0x8a, 0x6, 0x4, 0x1e, @usage=0x80000001, 0xd55e, 0x1, [0x10000, 0xffffffff, 0x6, 0x3, 0x8348d65, 0x9]}, {0x101, @struct={0x0, 0x4}, r1, 0xfe97, 0x3, 0x80000001, 0xffffffff, 0x3, 0x3, @usage=0x8001, 0x0, 0x4, [0xfffffffffffffffe, 0xe730, 0x1f, 0x7, 0x3, 0x85]}, {0x401, 0x6, 0x7ff}})
r4 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r4, &(0x7f0000000040)="e2", 0x1800)
r5 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r5, &(0x7f0000000040)="e2", 0x1800) (async)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000001a80)={"a11583a4c9d4f748f08e71f414e9b99f", 0x0, <r6=>0x0, {0x9, 0x9}, {0x2000000000}, 0x400, [0x9, 0x5, 0x7fffffff, 0x38000000, 0x20, 0x0, 0x8, 0x60, 0x5, 0x6, 0x7ff, 0x6b, 0xfb4, 0x3c, 0x9, 0x3]})
ioctl$BTRFS_IOC_RM_DEV_V2(r4, 0x5000943a, &(0x7f0000001b80)={{r5}, r6, 0x10, @unused=[0x5, 0x5, 0x6, 0x8], @name="8953a3cce1e91e2b924fd13d6b2f1d9d05f267f5c950407fa032f5ce24b43e2e2040b5a99155d0db94cc92dd6e7de8fcc7dfcb1b693e534363f4ba64a53bf55235a0f703bd1a3ccbf6b698adbcf89c17d1e8b6544db46f1cbd4b6d4c23cd99a01033d4eabaf6656aacc8b5e30d3ab009f9de20a5c0af4eb3b3c68eb16c542eeaece81544fe57bfab5253a985e8120e446e31af29f2a34dc73e4f5b99f891330088f7e8832ffe80cdac91a03457fd91371320a4a14dcaf724f60146564485d26365226c3995f6072e76ee2ec9dd83997c4b90f68441c90dff7f9ac5a6172b98c9a08ebd0304103ada15f3f6a3ab5479583bf9d7881769367b805c5479e63df3579c1fdc703ca17786736f71ff0368e01df8eaaa98215b4ea88e8ace1c9bc717125d2371d595bc91ec8b00a21fc3942fca26115878a98f6ed3fddad1f485c890fbfc6f4759444b8925550a026515e217d13a5f389587d327402fab3a3b0f8dc8a5d44978d7fd9a1f27ca59dc6eb78dc85149ca906f3dcd9669b6a300328999842e47c3c1aa808817075b368ef3d2600f8769c26c3395d9f7dd5db43f508e66d92efc50b9d0e4636003c9cfcc5fdcfb013db63481d94f2b068f9f8c41414adba25a0c0b69942fbfbf0b0db0a121641f9b40a6d61e530245031bfb5f7b899f0dae1fe1e482c4e57deb34b2be31f0b00995063c4a55ab475666277fcc8ca336c4f240c1733765e4379b2b50787a4185f72007430ac4b82a2b40bd45d84bfe52dec9445914dea4681cf4f450c451f59583521ac2f09de10c15be1dcc18e62e053f162e8318e9da0d0e724d2f64da2915d056d8796c4c6fc16ef86fcdeeb84898e3dfa125dd2b197fa5ffb99001e9a66a2c2bce973b3f41283e1abf59bf270022f6bce991fe7422c40da92b3548816faf72964b0d12de2ae9d3cb7bfc169a342fc7b2452860c6294ed1a4ed93f562fb492a7eaa16b2a50784537f1e4e361bf02d769c12718a1e3ccfb496b258546f4f7bfae59b382cb129447e7273d29c620d76930a8828bc1b1cabc2f1566fa4e5649cad521c50910d746732442a830e572981e4091efd25ce85aac82412b91f01e4a1c7fc056166148430db5c922d96cfbfc6575b862ab04459af315ab6ab74a12982eb5b15d44f99206e751c738e156a69202e4cf3a87ff4a1f247f0d411c3bc92837e9852275ba100434489f3a983dec0670827f3f855dd881138f46bde3fedbcb07901d88ccf754c74cd4e8d435e1e856d813f89f10811d4feb92aa6c0fbdfeb9552c0e2faea761db232e1a705073d07373f6e93ba546b227573f82185ff7caf174799eda460f64dfd7512d499ce30728912d052f48f8aa2a2a37b49772ba4d37df6c8e5dd01f95c0a661d4c565886f9e800282c5ef9d731b15c86cda9608f346d861b734b95efb0f5a39f4e0baef573cb75dc4e6d0a61f2d8c7350df9506e34248322c0527ffe1db1b158c39ffa614bbf43220811cafb4443efe76a42ceb834df6297015d4803469eb34d551627fd4036300b3dfa57147f9d59aace31c0051b72b634893efe2b3bf8586e6fa19e67f35675be59c55fc08638df6fda6b24c564b787106bfdbc0e07b352f63a442a3d3f9b7abd5aec6a74de6968c19e519554b408c09c017a8fea1deabcd7f7bfa729e42bac8044fbe4c4832b2580110bdf3052d78d18e8ff07c42d916de2c5103e471592f6e8becbd07a75f3fc2fa2d683749b9fb5e1678e33d0b2e0bd63d4089f2bc7c939df5ae35124be69b4915295d8c8366c7e4c363f3c24c0047dd782e44495bffb20cb43d311bf3d829a9033436eaa3f9d4920f3011212e64657e5844415409babc095934b71bcced24764b0180f49dd46a5de5a34c3f33fc2b562b906a4dc2ec7e9eac0bd7865af098f09bcfafb8b9aee894d5ccf08cc7bb2e2842edd89e987007cd431ae0c84d6041d6b278fa28208ba527b1fbfdae3f06295729c703be48cbb120e3a1b4115bd380d08a2aee553c02bf68f92aa868ae25485dc50b4bcff74e255b445816e31dd65da91e9ba7b39ac62c3fea89f9ce508c7b5182a95eaa0975aff80113ddc8fd66685d9c104fdfaf88e94ce748d401def43418a7301f508e21dde3ed2709f08ce6c0b6323d0e88ac11a891cda445a6ed7f04b5b9759d2dfff76da12078aab5f9934fd9f5d8160f3ac06940e70a4ca5ebcb3946f2a0274e034516e9c15828bb5b58ac1a05dafe8e9be9173a5739445cdc635ef93bb099f0832de6fd13d540cf4a59c48830c1a96d94ab4e25c3555ad285a52a8de146bef6e5610cbd8ba6731faa443e8f07d7e4bbe0d0a223c27b1ad2a35875ce10b22f0ee424cdc5b8ceaba1e27e049ffb56a286fc3ee53146b821f88b47086631ec9ac268af137348ae9be05283bfe540e10b9d8722b16def244aca92a36d3493288216f8f21211cc4085f231ee7378f844e5a4e581f6b6b7ecd4ce343285cc01dec423d95724beebbdf021f865704e0dc0955a911a2b9dfb8625bbdf28b440222cafaccb66e9ace17be09de9afc715c67768a24b78c8fc2110e4fd8f10717c3af9bc97586a3ef52d9401e3f51b9e23745ad77107fea32d52a48533e9672ed96a9fddbb0b2f770cd89c4b903377ac6422893d1d675b12aa5107a78cdf92373ca6850b055d46b8025304715eaaaf5e3dc2182162f0ca031bed9cd7a1740fb296c3493bee769cda0b588986d7cfc7ceb0dfa1a6ccd34e72b37904fddfae1dd43030659475737acd914d1e3e7ce914479435e19544614133e930492b63ab70ac02c3297fa41d8eeff488dffc882ad47a2fbd9d40a2a29e29c41dc9eec5085b359d400c033e60a6b2ea586c0e3091c5131fe6e033f02688c02de99426ae4730c3455949908ca8b6656ff6026933822cc1c2ebd9e04a72f796c436db4a411a54f159bf15117227fb70da000ee9d253f76e0d8c8ad96c1031a7163e01a5d0d82934355383bb65a2d5e280546ca5022aba1d5116791889dca3c144b11e33390f482d65d9bfb72d04d4fc33230bbda1101f6c3d04cc8445c5b6979f0cafaa5d19e3e640dde96634b807a3c464065822fa1029c871c1d7c7c78dc73134acd6634b1ec10a61699239faca4b9688b9c4483962a614f1e9c33910b19090f6a7e0c42213a228eae4e88ab57dfecf9fb358c5a7d9ffa3eab7e56074bfb2b27f93a29fe0a0a29ad1ec9c24c76063e292b97bd1331cfb30e3f282ff6d55e7f9928a648987aa2b44fc81a29caf4a0c18cc858489220716042664e717af5a14449430dd0bd6ff6164eb6df0d94c95196314bcdd7c2f9dddf99ea4ca06f41ea228c6e4cd2e14d9b36fec40aea2c334f092d43e239e4658773205f8ee4c7fce73ee167a18743adf0a4f8dc615e3e0b650a2b091bc1cd8d65de3dd4261f295ddc12d5418094cb1918b9726c153dcaff4abc5231e83af68a8076aabb56a6e335b250678f94a418a18f984684f8cd2f74e9a9fdd704d09daf782e393ae8709851d64ac9e204693da609f5c99fcef207fc8b3f3a567f69b63804164411c57d944c889dc5c6754dcd56a60c2fd16965bfd5ecb0b3bf67b7267af51724c78b97f734a13ece7909919ff174d3b968868066a3af72517c0f75daddf4e512691d613ede3234c51e7e92ff9de09e92da608f4a69f5e9d1480c8f7e0511f2f023c1093777669372d0371e5c7553b1df591d33aadb6f8fa94c5256ee327e9aa501040d53b8362ea26fadc7acf09add07b96758702d53e69f08fadaaa10ca1e6296e0088eb778a978e0ad2c671da201d08feb489ee16b7d12c3dfa5d342f9f1812002d741e571ae9c6c8ef5bd89ced6aee571b0d3425eb89632e0b64fb977a0ffd80c96986b8934bbe00b95c51f86d6ca34acb9bde814097a85bc166b3369da4192e32b4e71757c0935fb5107f59c12f5da7410fd0e88cede2b48a5efcff32d294c4ee6de9b48fffb81269c69128b9c2ebdea2a439bed0ac96bbd8d28c952c4f1569c178b80adbeddd089529615ff829460f2c8b81dca2c2ffaabd90f9f981e49103068db46951de30c720a9a882ebe10b9e60e803eb58fbf0a8e4b4f2b2962f008891408095a09b74f95ead091e7ce62bf2bcf01f379c2f6fab740e71e51dc44552be24e12729d2aacd9b849a02719d541a474d1df4daaf545b7702645fc3ceb1d305b8a8803f7ec5f95c0f36f78f8b68c0b2e0b91ef9ef27fa6735b44fdef353cca39adbb803f1f38ba2363405e6f7c61364aa1fe76b43ed6a2d8222afec4aaf053d6179afaea4afa1a872f84ecdc4657cfae2a992dc8adf16ff2db886b47cd4b815845b05ff05e72cf60467e6839b1221a7d5bc84545d7ff51c34ce240c5d6162e837b1ae5b7ecced4fa3432be1c64c048a41317bfe7145c3a408a9b2c449359dd861541bb90f2a447782fb6acc7f0b376f03dc7f648dc4bc498858fa052859c51dd42217c8409c89c2d3cc4fee2cb7688f0b8b77bac86c7c46fc8c477f938802069ad34273fe0748db7ddc8bce4b7a4e5764b44fc43e6363c57bd5a93173c964adbec3872c07a2d6314e679f6dc950950db36fa18ac443eb584f2710a1efabb995ee741c0910e9f465263f52204a89d953b6601a21f481a1264332e5ec0065d6ac5021aa7ee95ec030af6c42bcf549639f2b782180cad29a0eec929756efd492f11949b47ca353ce72c7caa5f1a2d3ffc559aa368f5223e291f1abe1f6811beb8b3e9e4fc0026e29416e3d2b80af983cfeb6b9023603da9e4402e9e0c00ae48eb96158993c91c10ad423527ae211f0869db959d109abb3b4a364822e4d6133e99548b86c7f1ca03e72daa112cce1070c695792f2c46efc656c4f78f88f038678e14706576587c0f195b85c7470c5a2a49d987776057398c4d9d5776e606f4e80dc0bce161e0505841d6e0ec18a3d022a4ca1aa1c731ca0878b3400fdbe7e51f1d59e49103cffcd9298616d9406ddd258a9b526103b68cc6e02e71b5d2665ad480e44dd89ecccc21d25c055a473401aad23ca550c49c334c5c2950f30117ec84f2c37abb7a046c43e9935d42212cfa08783aa3833a3a49dbaf437179999557f878a9101be2882edd618d5f792d9cca47095ab15f993bd7c9bbb741e29663fb4d5ae686657a6e5b573013c41b7a53587ef6152f425140bb8c0389caa16e7c6da061af8bf48e6e0d8a9c90b5b05b96f82ebbf41cd0cc9ef11bc63310ebd603e53ff442af5fe61814c4c18af6b6acecb1810ba12b2f4d8bb5b64fa4f7b10cdb6638b15e1a430753fc81047d53043dd6b96bd84a88b3293e2b14f1c666813f9e3f2200e7ec9626d0fa6636b5773ef1a75e6d0fd611603d8997c149f14b8ed378edfe8f37cf7aa0e42a1a7ebef62e998a0b3f4acc28491c8403097890b6987184ca4c86be7418103fc9976042a346cf96203d5f29bd9268be4321c8dc0568601ce794665f7b631549da902e1338937e4233ed33dfaab33b2ba2404195bbbe3933f9340d0b74584d2e27dad4b17b6db2eaf9343f12699e722897fb45fa3d3989789d87908bb1770d867ca2b97f342abc9cbb69f5fc52f4eab1ac36aab74ed4196c54b0e1a4d919d1f3818532aa06c8f6cf87b42b60d3d3bf24c1f804ef2802b75a349c18202bbef86a9b63f885cba5d22be3cf1447fc2bddc28e46b84ca038da511553bf64d14fa5f34113429cd7934f500f06b7791718dd1597512b2e45002f2a0eec"}) (async)
ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f00000004c0)={r0, "8801813fa11a51478e39ae2a15565dd9"})
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000001980)=ANY=[@ANYBLOB="03c9007c3e4ab2b542bfbe0c7891115ba28634dfc079c35b8ab86781e02b52ed3310cf91c80a3fc00079e60a62bbb7f049732359363d5ecd477afc7bbb8c53ff07000033d37fb88810454a14f40b8a2a3d7d1f46d91d73696269f75a33aaee89d17c8c588b64603bcb101300000000000000000000000000008aec0d02a14faadcc8b298e028078110ef3ed9309d630b2efa03d8bb658b482397476bbc34f2cf4146d2be4e5535988c69f56127b952001897bddb274da63e0843411a284847c9ae41f36fcf0391bab2effa0fa1e0ec5fb3166d01b6b805dcca9fd842933f057955d5e509933833571ed29540bb7f8ffa3b"], 0x80)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(0xffffffffffffffff, 0x40485404, &(0x7f00000014c0)={{0xfffffffffffffffc, 0x0, 0xb66, 0x2, 0x41e}, 0xffffffffffffffe0, 0x9}) (async)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000002f80)=ANY=[@ANYBLOB="0100000001000000180000de02abd8ea53296efdc97900", @ANYRES32, @ANYBLOB="02000000000000002e2f66696c653000"])

[ 2341.375766][ T1370] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2341.383858][ T1370]  </TASK>
13:51:49 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 95)

13:51:49 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe800000000000000000000000000fbb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:49 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRESOCT], 0x8)

13:51:49 executing program 1:
r0 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000004, 0x12, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r0, &(0x7f0000000080)=@IORING_OP_READ_FIXED={0x4, 0x2, 0x0, @fd_index=0x8, 0x2415, 0x8, 0x1ff, 0x8, 0x0, {0x3}}, 0x3f)
mmap$fb(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000006, 0x10, 0xffffffffffffffff, 0x58000)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
r1 = dup(0xffffffffffffffff)
ioctl$FBIO_WAITFORVSYNC(r1, 0x40044620, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="02c9500c00082d400000004e6b3374534d7fe130b8e2cb68cc5c27b404ef92ccbdbf77e71aa968c5e2c4f4e481f294adbaeb29026388dd0620d4194f9350f9870f413c6c0c7f152390dcdb"], 0x11)

13:51:49 executing program 1:
r0 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000004, 0x12, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r0, &(0x7f0000000080)=@IORING_OP_READ_FIXED={0x4, 0x2, 0x0, @fd_index=0x8, 0x2415, 0x8, 0x1ff, 0x8, 0x0, {0x3}}, 0x3f)
mmap$fb(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000006, 0x10, 0xffffffffffffffff, 0x58000) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async, rerun: 32)
r1 = dup(0xffffffffffffffff) (rerun: 32)
ioctl$FBIO_WAITFORVSYNC(r1, 0x40044620, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="02c9500c00082d400000004e6b3374534d7fe130b8e2cb68cc5c27b404ef92ccbdbf77e71aa968c5e2c4f4e481f294adbaeb29026388dd0620d4194f9350f9870f413c6c0c7f152390dcdb"], 0x11)

13:51:49 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi_and_pscan_mode={{0x22, 0x6a}, {0x7, [{@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x1, 0x3, 0x3, "af2103", 0x1, 0x82}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x1, 0x9, 0xc1, "7c69a4", 0x1, 0x6}, {@none, 0x5, 0x4b, 0xc6, "fd6f25", 0x8, 0xe2}, {@none, 0x2, 0x2, 0x1, "2cdc4b", 0x5, 0x2}, {@any, 0x1, 0x0, 0xe1, "ac46ab", 0x1, 0x9}, {@any, 0x0, 0x40, 0x9, "fc46e6", 0x9, 0x1f}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x80, 0x6f, 0x1, "5fe5bd", 0x53, 0x20}]}}}, 0x6d)

13:51:49 executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x3c, 0x7, 0x6, 0x401, 0x0, 0x0, {0xc, 0x0, 0x5}, [@IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x87}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0xc0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@ipv6_newrule={0x24, 0x18, 0x409, 0x0, 0x0, {}, [@FIB_RULE_POLICY=@FRA_GOTO={0x8, 0x1e, 0x7}]}, 0x24}}, 0x0)
preadv(r1, &(0x7f0000003500)=[{&(0x7f0000000240)=""/210, 0xd2}, {&(0x7f0000000000)=""/30, 0x1e}, {&(0x7f0000000040)=""/96, 0x60}, {&(0x7f0000000340)=""/4096, 0x1000}, {&(0x7f0000000140)=""/169, 0xa9}, {&(0x7f0000001340)=""/47, 0x2f}, {&(0x7f0000001380)=""/4096, 0x1000}, {&(0x7f0000002380)=""/167, 0xa7}, {&(0x7f0000002440)=""/165, 0xa5}, {&(0x7f0000002500)=""/4096, 0x1000}], 0xa, 0x20, 0x8)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000004c0)={'tunl0\x00', &(0x7f0000000400)={'syztnl1\x00', <r2=>0x0, 0x7, 0x7842, 0x8, 0x8, {{0x19, 0x4, 0x1, 0x16, 0x64, 0x67, 0x0, 0x0, 0x29, 0x0, @rand_addr=0x64010100, @remote, {[@ra={0x94, 0x4, 0x1}, @ssrr={0x89, 0x27, 0x96, [@remote, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, @multicast2, @local, @rand_addr=0x64010100, @dev={0xac, 0x14, 0x14, 0x3a}, @loopback, @dev={0xac, 0x14, 0x14, 0x38}]}, @cipso={0x86, 0x18, 0x3, [{0x5, 0x12, "7e5aed66303a0fa92f621518650989a0"}]}, @generic={0x82, 0xa, "e3b704bb5fd2a60b"}]}}}}})
sendmsg$nl_route(r1, &(0x7f0000000580)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)=@ipv4_delroute={0x2c, 0x19, 0x0, 0x70bd28, 0x25dfdbfd, {0x2, 0x80, 0x0, 0x9, 0x0, 0x3, 0xc8, 0xb, 0x400}, [@RTA_IIF={0x8, 0x3, r2}, @RTA_SRC={0x8, 0x2, @remote}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x4000)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x68, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x1f}, @NFTA_SET_EXPR={0x2c, 0x11, 0x0, 0x1, @meta={{0x9}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_META_DREG={0x8}, @NFTA_META_SREG={0x8}, @NFTA_META_KEY={0x8}]}}}]}], {0x14, 0x10}}, 0xb0}}, 0x0)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
sendmsg$NFT_MSG_GETTABLE(r0, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)={0xbc, 0x1, 0xa, 0x3, 0x0, 0x0, {0x5, 0x0, 0x4}, [@NFTA_TABLE_USERDATA={0x90, 0x6, "9aac11d53a0b0fe2b9540c32850b9dbb9450cdca189b4dfa016810f603191677c98236e3da984084b29b316f3d1be8fea8dc25cfb5c74b4f10a4bac3218112947e5affb048fd746a3cc3f9493c3125c7217d1f677531a79e446a3c2fe744a9de1989dafd945423941cac92549b75850ab635820cf3edd8ae68358f6114eb3e0090154353f6dc9474920efcd7"}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x2}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x2}]}, 0xbc}}, 0x20000000)

13:51:49 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000000010bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:49 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi_and_pscan_mode={{0x22, 0x6a}, {0x7, [{@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x1, 0x3, 0x3, "af2103", 0x1, 0x82}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x1, 0x9, 0xc1, "7c69a4", 0x1, 0x6}, {@none, 0x5, 0x4b, 0xc6, "fd6f25", 0x8, 0xe2}, {@none, 0x2, 0x2, 0x1, "2cdc4b", 0x5, 0x2}, {@any, 0x1, 0x0, 0xe1, "ac46ab", 0x1, 0x9}, {@any, 0x0, 0x40, 0x9, "fc46e6", 0x9, 0x1f}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x80, 0x6f, 0x1, "5fe5bd", 0x53, 0x20}]}}}, 0x6d)

[ 2341.570496][ T1402] FAULT_INJECTION: forcing a failure.
[ 2341.570496][ T1402] name fail_usercopy, interval 1, probability 0, space 0, times 0
13:51:49 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000000024bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:49 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi_and_pscan_mode={{0x22, 0x6a}, {0x7, [{@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x1, 0x3, 0x3, "af2103", 0x1, 0x82}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x1, 0x9, 0xc1, "7c69a4", 0x1, 0x6}, {@none, 0x5, 0x4b, 0xc6, "fd6f25", 0x8, 0xe2}, {@none, 0x2, 0x2, 0x1, "2cdc4b", 0x5, 0x2}, {@any, 0x1, 0x0, 0xe1, "ac46ab", 0x1, 0x9}, {@any, 0x0, 0x40, 0x9, "fc46e6", 0x9, 0x1f}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x80, 0x6f, 0x1, "5fe5bd", 0x53, 0x20}]}}}, 0x6d)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi_and_pscan_mode={{0x22, 0x6a}, {0x7, [{@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x1, 0x3, 0x3, "af2103", 0x1, 0x82}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x1, 0x9, 0xc1, "7c69a4", 0x1, 0x6}, {@none, 0x5, 0x4b, 0xc6, "fd6f25", 0x8, 0xe2}, {@none, 0x2, 0x2, 0x1, "2cdc4b", 0x5, 0x2}, {@any, 0x1, 0x0, 0xe1, "ac46ab", 0x1, 0x9}, {@any, 0x0, 0x40, 0x9, "fc46e6", 0x9, 0x1f}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x80, 0x6f, 0x1, "5fe5bd", 0x53, 0x20}]}}}, 0x6d) (async)

[ 2341.639374][ T1402] CPU: 0 PID: 1402 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2341.649776][ T1402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2341.659864][ T1402] Call Trace:
[ 2341.663173][ T1402]  <TASK>
[ 2341.666136][ T1402]  dump_stack_lvl+0xcd/0x134
[ 2341.670781][ T1402]  should_fail.cold+0x5/0xa
[ 2341.675338][ T1402]  _copy_from_user+0x2a/0x170
[ 2341.680068][ T1402]  input_event_from_user+0x131/0x3a0
[ 2341.685410][ T1402]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2341.691280][ T1402]  evdev_write+0x356/0x760
[ 2341.695753][ T1402]  ? evdev_read+0xe30/0xe30
[ 2341.700302][ T1402]  ? apparmor_file_permission+0x264/0x4e0
[ 2341.706077][ T1402]  ? bpf_lsm_file_permission+0x5/0x10
[ 2341.711508][ T1402]  ? security_file_permission+0xab/0xd0
[ 2341.717160][ T1402]  vfs_write+0x2d7/0xdd0
[ 2341.721459][ T1402]  ? evdev_read+0xe30/0xe30
[ 2341.726008][ T1402]  ? vfs_read+0x930/0x930
[ 2341.730402][ T1402]  ? __fget_files+0x26a/0x440
[ 2341.735139][ T1402]  ? __fget_light+0xe5/0x270
[ 2341.739788][ T1402]  ksys_write+0x1e8/0x250
[ 2341.744192][ T1402]  ? __ia32_sys_read+0xb0/0xb0
[ 2341.749067][ T1402]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2341.754989][ T1402]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2341.760999][ T1402]  do_syscall_64+0x35/0xb0
[ 2341.765441][ T1402]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2341.771358][ T1402] RIP: 0033:0x7eff6688a649
[ 2341.775798][ T1402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2341.795427][ T1402] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2341.803975][ T1402] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2341.811979][ T1402] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2341.819970][ T1402] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2341.828928][ T1402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
13:51:50 executing program 1:
r0 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000004, 0x12, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r0, &(0x7f0000000080)=@IORING_OP_READ_FIXED={0x4, 0x2, 0x0, @fd_index=0x8, 0x2415, 0x8, 0x1ff, 0x8, 0x0, {0x3}}, 0x3f)
mmap$fb(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000006, 0x10, 0xffffffffffffffff, 0x58000)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async, rerun: 64)
r1 = dup(0xffffffffffffffff) (rerun: 64)
ioctl$FBIO_WAITFORVSYNC(r1, 0x40044620, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="02c9500c00082d400000004e6b3374534d7fe130b8e2cb68cc5c27b404ef92ccbdbf77e71aa968c5e2c4f4e481f294adbaeb29026388dd0620d4194f9350f9870f413c6c0c7f152390dcdb"], 0x11)

[ 2341.836915][ T1402] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2341.844923][ T1402]  </TASK>
13:51:50 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 96)

13:51:50 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="044dc0cf5f03455cc74b48786c2112e1935d9e1d558a4e4ca261e59856e3aa40744b59191decebfb941c1e3ba7d0"], 0x8)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x3, 0x2a}, @l2cap_cid_signaling={{0x26}, [@l2cap_disconn_rsp={{0x7, 0x7, 0x4}, {0x1, 0x7e}}, @l2cap_disconn_req={{0x6, 0xff, 0x4}, {0x401, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x2, 0x2}, {0x5}}, @l2cap_create_chan_req={{0xc, 0x7e, 0x5}, {0x369a, 0x1, 0x4}}, @l2cap_move_chan_req={{0xe, 0x1, 0x3}, {0x3, 0x1}}]}}, 0x2f)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x8e22, 0x2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x2, 0x19}, @l2cap_cid_signaling={{0x15}, [@l2cap_move_chan_req={{0xe, 0xfe, 0x3}, {0x9, 0x8}}, @l2cap_disconn_rsp={{0x7, 0x8, 0x4}, {0x7, 0x4}}, @l2cap_cmd_rej_unk={{0x1, 0x3f, 0x2}, {0x4}}]}}, 0x1e)

13:51:50 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000000026bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:50 executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x3c, 0x7, 0x6, 0x401, 0x0, 0x0, {0xc, 0x0, 0x5}, [@IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x87}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0xc0) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@ipv6_newrule={0x24, 0x18, 0x409, 0x0, 0x0, {}, [@FIB_RULE_POLICY=@FRA_GOTO={0x8, 0x1e, 0x7}]}, 0x24}}, 0x0) (async)
preadv(r1, &(0x7f0000003500)=[{&(0x7f0000000240)=""/210, 0xd2}, {&(0x7f0000000000)=""/30, 0x1e}, {&(0x7f0000000040)=""/96, 0x60}, {&(0x7f0000000340)=""/4096, 0x1000}, {&(0x7f0000000140)=""/169, 0xa9}, {&(0x7f0000001340)=""/47, 0x2f}, {&(0x7f0000001380)=""/4096, 0x1000}, {&(0x7f0000002380)=""/167, 0xa7}, {&(0x7f0000002440)=""/165, 0xa5}, {&(0x7f0000002500)=""/4096, 0x1000}], 0xa, 0x20, 0x8) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000004c0)={'tunl0\x00', &(0x7f0000000400)={'syztnl1\x00', <r2=>0x0, 0x7, 0x7842, 0x8, 0x8, {{0x19, 0x4, 0x1, 0x16, 0x64, 0x67, 0x0, 0x0, 0x29, 0x0, @rand_addr=0x64010100, @remote, {[@ra={0x94, 0x4, 0x1}, @ssrr={0x89, 0x27, 0x96, [@remote, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, @multicast2, @local, @rand_addr=0x64010100, @dev={0xac, 0x14, 0x14, 0x3a}, @loopback, @dev={0xac, 0x14, 0x14, 0x38}]}, @cipso={0x86, 0x18, 0x3, [{0x5, 0x12, "7e5aed66303a0fa92f621518650989a0"}]}, @generic={0x82, 0xa, "e3b704bb5fd2a60b"}]}}}}})
sendmsg$nl_route(r1, &(0x7f0000000580)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)=@ipv4_delroute={0x2c, 0x19, 0x0, 0x70bd28, 0x25dfdbfd, {0x2, 0x80, 0x0, 0x9, 0x0, 0x3, 0xc8, 0xb, 0x400}, [@RTA_IIF={0x8, 0x3, r2}, @RTA_SRC={0x8, 0x2, @remote}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x4000) (async)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x68, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x1f}, @NFTA_SET_EXPR={0x2c, 0x11, 0x0, 0x1, @meta={{0x9}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_META_DREG={0x8}, @NFTA_META_SREG={0x8}, @NFTA_META_KEY={0x8}]}}}]}], {0x14, 0x10}}, 0xb0}}, 0x0)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa) (async)
sendmsg$NFT_MSG_GETTABLE(r0, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)={0xbc, 0x1, 0xa, 0x3, 0x0, 0x0, {0x5, 0x0, 0x4}, [@NFTA_TABLE_USERDATA={0x90, 0x6, "9aac11d53a0b0fe2b9540c32850b9dbb9450cdca189b4dfa016810f603191677c98236e3da984084b29b316f3d1be8fea8dc25cfb5c74b4f10a4bac3218112947e5affb048fd746a3cc3f9493c3125c7217d1f677531a79e446a3c2fe744a9de1989dafd945423941cac92549b75850ab635820cf3edd8ae68358f6114eb3e0090154353f6dc9474920efcd7"}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x2}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x2}]}, 0xbc}}, 0x20000000)

13:51:50 executing program 1:
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xfc}, "8d3a8fdb0e615c767a8f2d35879ce8a79b8184ed87e6503d6c086df70ad3600a07ed7eecd5520708877bc853c1e8bb0d7f4cdb0fc8f5d41a8d83a74c0e84ec81b5541b8f0313132b2edf4fc1029cf4bb6e5f4a54cb24c11bb8372ee03a8f7ea346e58b714926f1ff5994d6195b7f89023bf410858dfb80ba1015d419e45905924523ae5c0bbdb48fc833e7e42fb34473eccbcc0ebca81c045bdb61a81b4813db933a758fcd8bb4a4b1b2492974139e6f4fb61e8822c76d373933ca6979c17da89ec437e285de4b60f44085a43e53706152567eda20cdad2f08ff52365b247986a3fef593f5d3637c2521db0edfea0092a42132e42c23ae6ff516f8b5"}, 0x100)

13:51:50 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000000028bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:50 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="044dc0cf5f03455cc74b48786c2112e1935d9e1d558a4e4ca261e59856e3aa40744b59191decebfb941c1e3ba7d0"], 0x8) (async)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x3, 0x2a}, @l2cap_cid_signaling={{0x26}, [@l2cap_disconn_rsp={{0x7, 0x7, 0x4}, {0x1, 0x7e}}, @l2cap_disconn_req={{0x6, 0xff, 0x4}, {0x401, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x2, 0x2}, {0x5}}, @l2cap_create_chan_req={{0xc, 0x7e, 0x5}, {0x369a, 0x1, 0x4}}, @l2cap_move_chan_req={{0xe, 0x1, 0x3}, {0x3, 0x1}}]}}, 0x2f)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x8e22, 0x2}}}}, 0x11) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x2, 0x19}, @l2cap_cid_signaling={{0x15}, [@l2cap_move_chan_req={{0xe, 0xfe, 0x3}, {0x9, 0x8}}, @l2cap_disconn_rsp={{0x7, 0x8, 0x4}, {0x7, 0x4}}, @l2cap_cmd_rej_unk={{0x1, 0x3f, 0x2}, {0x4}}]}}, 0x1e)

13:51:50 executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x3c, 0x7, 0x6, 0x401, 0x0, 0x0, {0xc, 0x0, 0x5}, [@IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x87}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0xc0) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@ipv6_newrule={0x24, 0x18, 0x409, 0x0, 0x0, {}, [@FIB_RULE_POLICY=@FRA_GOTO={0x8, 0x1e, 0x7}]}, 0x24}}, 0x0) (async)
preadv(r1, &(0x7f0000003500)=[{&(0x7f0000000240)=""/210, 0xd2}, {&(0x7f0000000000)=""/30, 0x1e}, {&(0x7f0000000040)=""/96, 0x60}, {&(0x7f0000000340)=""/4096, 0x1000}, {&(0x7f0000000140)=""/169, 0xa9}, {&(0x7f0000001340)=""/47, 0x2f}, {&(0x7f0000001380)=""/4096, 0x1000}, {&(0x7f0000002380)=""/167, 0xa7}, {&(0x7f0000002440)=""/165, 0xa5}, {&(0x7f0000002500)=""/4096, 0x1000}], 0xa, 0x20, 0x8) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000004c0)={'tunl0\x00', &(0x7f0000000400)={'syztnl1\x00', <r2=>0x0, 0x7, 0x7842, 0x8, 0x8, {{0x19, 0x4, 0x1, 0x16, 0x64, 0x67, 0x0, 0x0, 0x29, 0x0, @rand_addr=0x64010100, @remote, {[@ra={0x94, 0x4, 0x1}, @ssrr={0x89, 0x27, 0x96, [@remote, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, @multicast2, @local, @rand_addr=0x64010100, @dev={0xac, 0x14, 0x14, 0x3a}, @loopback, @dev={0xac, 0x14, 0x14, 0x38}]}, @cipso={0x86, 0x18, 0x3, [{0x5, 0x12, "7e5aed66303a0fa92f621518650989a0"}]}, @generic={0x82, 0xa, "e3b704bb5fd2a60b"}]}}}}})
sendmsg$nl_route(r1, &(0x7f0000000580)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)=@ipv4_delroute={0x2c, 0x19, 0x0, 0x70bd28, 0x25dfdbfd, {0x2, 0x80, 0x0, 0x9, 0x0, 0x3, 0xc8, 0xb, 0x400}, [@RTA_IIF={0x8, 0x3, r2}, @RTA_SRC={0x8, 0x2, @remote}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x4000)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x68, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x1f}, @NFTA_SET_EXPR={0x2c, 0x11, 0x0, 0x1, @meta={{0x9}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_META_DREG={0x8}, @NFTA_META_SREG={0x8}, @NFTA_META_KEY={0x8}]}}}]}], {0x14, 0x10}}, 0xb0}}, 0x0) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa) (async)
sendmsg$NFT_MSG_GETTABLE(r0, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)={0xbc, 0x1, 0xa, 0x3, 0x0, 0x0, {0x5, 0x0, 0x4}, [@NFTA_TABLE_USERDATA={0x90, 0x6, "9aac11d53a0b0fe2b9540c32850b9dbb9450cdca189b4dfa016810f603191677c98236e3da984084b29b316f3d1be8fea8dc25cfb5c74b4f10a4bac3218112947e5affb048fd746a3cc3f9493c3125c7217d1f677531a79e446a3c2fe744a9de1989dafd945423941cac92549b75850ab635820cf3edd8ae68358f6114eb3e0090154353f6dc9474920efcd7"}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x2}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x2}]}, 0xbc}}, 0x20000000)

13:51:50 executing program 1:
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xfc}, "8d3a8fdb0e615c767a8f2d35879ce8a79b8184ed87e6503d6c086df70ad3600a07ed7eecd5520708877bc853c1e8bb0d7f4cdb0fc8f5d41a8d83a74c0e84ec81b5541b8f0313132b2edf4fc1029cf4bb6e5f4a54cb24c11bb8372ee03a8f7ea346e58b714926f1ff5994d6195b7f89023bf410858dfb80ba1015d419e45905924523ae5c0bbdb48fc833e7e42fb34473eccbcc0ebca81c045bdb61a81b4813db933a758fcd8bb4a4b1b2492974139e6f4fb61e8822c76d373933ca6979c17da89ec437e285de4b60f44085a43e53706152567eda20cdad2f08ff52365b247986a3fef593f5d3637c2521db0edfea0092a42132e42c23ae6ff516f8b5"}, 0x100)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xfc}, "8d3a8fdb0e615c767a8f2d35879ce8a79b8184ed87e6503d6c086df70ad3600a07ed7eecd5520708877bc853c1e8bb0d7f4cdb0fc8f5d41a8d83a74c0e84ec81b5541b8f0313132b2edf4fc1029cf4bb6e5f4a54cb24c11bb8372ee03a8f7ea346e58b714926f1ff5994d6195b7f89023bf410858dfb80ba1015d419e45905924523ae5c0bbdb48fc833e7e42fb34473eccbcc0ebca81c045bdb61a81b4813db933a758fcd8bb4a4b1b2492974139e6f4fb61e8822c76d373933ca6979c17da89ec437e285de4b60f44085a43e53706152567eda20cdad2f08ff52365b247986a3fef593f5d3637c2521db0edfea0092a42132e42c23ae6ff516f8b5"}, 0x100) (async)

13:51:50 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000000140bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:50 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="044dc0cf5f03455cc74b48786c2112e1935d9e1d558a4e4ca261e59856e3aa40744b59191decebfb941c1e3ba7d0"], 0x8)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x3, 0x2a}, @l2cap_cid_signaling={{0x26}, [@l2cap_disconn_rsp={{0x7, 0x7, 0x4}, {0x1, 0x7e}}, @l2cap_disconn_req={{0x6, 0xff, 0x4}, {0x401, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x2, 0x2}, {0x5}}, @l2cap_create_chan_req={{0xc, 0x7e, 0x5}, {0x369a, 0x1, 0x4}}, @l2cap_move_chan_req={{0xe, 0x1, 0x3}, {0x3, 0x1}}]}}, 0x2f) (async)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x8e22, 0x2}}}}, 0x11) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x2, 0x19}, @l2cap_cid_signaling={{0x15}, [@l2cap_move_chan_req={{0xe, 0xfe, 0x3}, {0x9, 0x8}}, @l2cap_disconn_rsp={{0x7, 0x8, 0x4}, {0x7, 0x4}}, @l2cap_cmd_rej_unk={{0x1, 0x3f, 0x2}, {0x4}}]}}, 0x1e)

13:51:50 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000000060bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2342.170319][ T1456] FAULT_INJECTION: forcing a failure.
[ 2342.170319][ T1456] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2342.192110][ T1456] CPU: 1 PID: 1456 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2342.202508][ T1456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2342.212789][ T1456] Call Trace:
[ 2342.216105][ T1456]  <TASK>
[ 2342.219069][ T1456]  dump_stack_lvl+0xcd/0x134
[ 2342.223719][ T1456]  should_fail.cold+0x5/0xa
[ 2342.228289][ T1456]  _copy_from_user+0x2a/0x170
[ 2342.233024][ T1456]  input_event_from_user+0x131/0x3a0
[ 2342.238361][ T1456]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2342.244244][ T1456]  evdev_write+0x356/0x760
[ 2342.248737][ T1456]  ? evdev_read+0xe30/0xe30
[ 2342.253287][ T1456]  ? apparmor_file_permission+0x264/0x4e0
[ 2342.259035][ T1456]  ? bpf_lsm_file_permission+0x5/0x10
[ 2342.264460][ T1456]  ? security_file_permission+0xab/0xd0
[ 2342.270030][ T1456]  vfs_write+0x2d7/0xdd0
[ 2342.274299][ T1456]  ? evdev_read+0xe30/0xe30
[ 2342.278818][ T1456]  ? vfs_read+0x930/0x930
[ 2342.283168][ T1456]  ? __fget_files+0x26a/0x440
[ 2342.287873][ T1456]  ? __fget_light+0xe5/0x270
[ 2342.292571][ T1456]  ksys_write+0x1e8/0x250
[ 2342.296957][ T1456]  ? __ia32_sys_read+0xb0/0xb0
[ 2342.301844][ T1456]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2342.307767][ T1456]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2342.313696][ T1456]  do_syscall_64+0x35/0xb0
[ 2342.318130][ T1456]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2342.324039][ T1456] RIP: 0033:0x7eff6688a649
[ 2342.328486][ T1456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2342.348299][ T1456] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2342.356733][ T1456] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
13:51:50 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 97)

13:51:50 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="0436070000ccff003718d80000"], 0xa)

13:51:50 executing program 1:
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xfc}, "8d3a8fdb0e615c767a8f2d35879ce8a79b8184ed87e6503d6c086df70ad3600a07ed7eecd5520708877bc853c1e8bb0d7f4cdb0fc8f5d41a8d83a74c0e84ec81b5541b8f0313132b2edf4fc1029cf4bb6e5f4a54cb24c11bb8372ee03a8f7ea346e58b714926f1ff5994d6195b7f89023bf410858dfb80ba1015d419e45905924523ae5c0bbdb48fc833e7e42fb34473eccbcc0ebca81c045bdb61a81b4813db933a758fcd8bb4a4b1b2492974139e6f4fb61e8822c76d373933ca6979c17da89ec437e285de4b60f44085a43e53706152567eda20cdad2f08ff52365b247986a3fef593f5d3637c2521db0edfea0092a42132e42c23ae6ff516f8b5"}, 0x100)

13:51:50 executing program 4:
r0 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r0, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010)
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r4}]}, 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_LINK={0x8, 0x1, r4}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
ioctl$CAPI_GET_MANUFACTURER(r0, 0xc0044306, &(0x7f0000000000)=0x101)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)

13:51:50 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000005865bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2342.364995][ T1456] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2342.373011][ T1456] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2342.381371][ T1456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2342.389399][ T1456] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2342.397420][ T1456]  </TASK>
13:51:50 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="0436070000ccff003718d80000"], 0xa)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="0436070000ccff003718d80000"], 0xa) (async)

13:51:50 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000000081bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:50 executing program 1:
syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x0, 0x8}, {0xc000, 0x1, 0x40, 0x2}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_complete={{0x3, 0xb}, {0x3, 0xc8, @any, 0x1, 0x6f}}}, 0xe)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000280)=0x4100, 0x4)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f0000000100)=[{&(0x7f00000007c0)="580000001400192340834b80043f679a2cff00804824ca945f640094000500289d5aaa000000000000008449bb06d383d537b300f0fffeff2c707f8f00ff200000000010000100090a00"/88, 0x58}], 0x1)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xf5}, "e6a8debdf18b43883c6ff6e29e3f6f0ef3aadcc56d5818d810e67560310f549aba6543dadb04488cb383ebff9aed47bf1f238f53372a32174d492c26c46d6f26131ad28f369851db95fd809d302ab5b05cbde923df867ca7fada48218879f5d3c86c7ea15827eabe6ba9ebcd15406ad5f79b89091886e75cd0b0b5922716a36981d02e3e67206b05da9bbf7fde89974bcd3bf2ed81440f0fd531a64803761b09d6072f39f957704fb12eeb8460b2decd4f1a1025d073ca74de0d403c554a5f1c3984074d386d025cb305aebf6b1210808e87c9bacd465341006132549bac0674b1ad230491a63fdfc10638a0bd3f98cdcbfb707d5a"}, 0xf9)

[ 2342.485066][ T1466] FAULT_INJECTION: forcing a failure.
[ 2342.485066][ T1466] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2342.514893][ T1466] CPU: 1 PID: 1466 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2342.525288][ T1466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2342.535360][ T1466] Call Trace:
[ 2342.538656][ T1466]  <TASK>
[ 2342.541597][ T1466]  dump_stack_lvl+0xcd/0x134
[ 2342.546211][ T1466]  should_fail.cold+0x5/0xa
[ 2342.550738][ T1466]  _copy_from_user+0x2a/0x170
[ 2342.555442][ T1466]  input_event_from_user+0x131/0x3a0
[ 2342.560748][ T1466]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2342.566588][ T1466]  evdev_write+0x356/0x760
[ 2342.571019][ T1466]  ? evdev_read+0xe30/0xe30
[ 2342.575536][ T1466]  ? apparmor_file_permission+0x264/0x4e0
[ 2342.581309][ T1466]  ? bpf_lsm_file_permission+0x5/0x10
[ 2342.586703][ T1466]  ? security_file_permission+0xab/0xd0
[ 2342.592270][ T1466]  vfs_write+0x2d7/0xdd0
[ 2342.598194][ T1466]  ? evdev_read+0xe30/0xe30
[ 2342.602712][ T1466]  ? vfs_read+0x930/0x930
[ 2342.607086][ T1466]  ? __fget_files+0x26a/0x440
[ 2342.611784][ T1466]  ? __fget_light+0xe5/0x270
[ 2342.616392][ T1466]  ksys_write+0x1e8/0x250
[ 2342.620828][ T1466]  ? __ia32_sys_read+0xb0/0xb0
[ 2342.625617][ T1466]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2342.631533][ T1466]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2342.637459][ T1466]  do_syscall_64+0x35/0xb0
[ 2342.641894][ T1466]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2342.648063][ T1466] RIP: 0033:0x7eff6688a649
[ 2342.652496][ T1466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2342.672131][ T1466] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2342.680685][ T1466] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
13:51:50 executing program 4:
r0 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r0, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010)
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r4}]}, 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_LINK={0x8, 0x1, r4}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
ioctl$CAPI_GET_MANUFACTURER(r0, 0xc0044306, &(0x7f0000000000)=0x101)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200) (async)
sendmsg$nl_route(r0, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010) (async)
socket(0x10, 0x2, 0x0) (async)
write(r1, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32) (async)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$packet(0x11, 0x3, 0x300) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) (async)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r4}]}, 0x34}}, 0x0) (async)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_LINK={0x8, 0x1, r4}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10) (async)
ioctl$CAPI_GET_MANUFACTURER(r0, 0xc0044306, &(0x7f0000000000)=0x101) (async)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (async)

13:51:51 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="0436070000ccff003718d80000"], 0xa)

13:51:51 executing program 1:
syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x0, 0x8}, {0xc000, 0x1, 0x40, 0x2}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_complete={{0x3, 0xb}, {0x3, 0xc8, @any, 0x1, 0x6f}}}, 0xe) (async)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000280)=0x4100, 0x4) (async)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f0000000100)=[{&(0x7f00000007c0)="580000001400192340834b80043f679a2cff00804824ca945f640094000500289d5aaa000000000000008449bb06d383d537b300f0fffeff2c707f8f00ff200000000010000100090a00"/88, 0x58}], 0x1) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xf5}, "e6a8debdf18b43883c6ff6e29e3f6f0ef3aadcc56d5818d810e67560310f549aba6543dadb04488cb383ebff9aed47bf1f238f53372a32174d492c26c46d6f26131ad28f369851db95fd809d302ab5b05cbde923df867ca7fada48218879f5d3c86c7ea15827eabe6ba9ebcd15406ad5f79b89091886e75cd0b0b5922716a36981d02e3e67206b05da9bbf7fde89974bcd3bf2ed81440f0fd531a64803761b09d6072f39f957704fb12eeb8460b2decd4f1a1025d073ca74de0d403c554a5f1c3984074d386d025cb305aebf6b1210808e87c9bacd465341006132549bac0674b1ad230491a63fdfc10638a0bd3f98cdcbfb707d5a"}, 0xf9)

[ 2342.688758][ T1466] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2342.696740][ T1466] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2342.704724][ T1466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2342.712716][ T1466] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2342.720732][ T1466]  </TASK>
13:51:51 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000000087bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:51 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 98)

13:51:51 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0xa)

13:51:51 executing program 4:
r0 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r0, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010)
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r4}]}, 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_LINK={0x8, 0x1, r4}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
ioctl$CAPI_GET_MANUFACTURER(r0, 0xc0044306, &(0x7f0000000000)=0x101)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200) (async)
sendmsg$nl_route(r0, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010) (async)
socket(0x10, 0x2, 0x0) (async)
write(r1, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32) (async)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$packet(0x11, 0x3, 0x300) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) (async)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r4}]}, 0x34}}, 0x0) (async)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_LINK={0x8, 0x1, r4}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10) (async)
ioctl$CAPI_GET_MANUFACTURER(r0, 0xc0044306, &(0x7f0000000000)=0x101) (async)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (async)

13:51:51 executing program 1:
syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x0, 0x8}, {0xc000, 0x1, 0x40, 0x2}}}}, 0x15) (async, rerun: 32)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2) (rerun: 32)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_complete={{0x3, 0xb}, {0x3, 0xc8, @any, 0x1, 0x6f}}}, 0xe) (async)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000280)=0x4100, 0x4) (async)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f0000000100)=[{&(0x7f00000007c0)="580000001400192340834b80043f679a2cff00804824ca945f640094000500289d5aaa000000000000008449bb06d383d537b300f0fffeff2c707f8f00ff200000000010000100090a00"/88, 0x58}], 0x1) (async, rerun: 64)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xf5}, "e6a8debdf18b43883c6ff6e29e3f6f0ef3aadcc56d5818d810e67560310f549aba6543dadb04488cb383ebff9aed47bf1f238f53372a32174d492c26c46d6f26131ad28f369851db95fd809d302ab5b05cbde923df867ca7fada48218879f5d3c86c7ea15827eabe6ba9ebcd15406ad5f79b89091886e75cd0b0b5922716a36981d02e3e67206b05da9bbf7fde89974bcd3bf2ed81440f0fd531a64803761b09d6072f39f957704fb12eeb8460b2decd4f1a1025d073ca74de0d403c554a5f1c3984074d386d025cb305aebf6b1210808e87c9bacd465341006132549bac0674b1ad230491a63fdfc10638a0bd3f98cdcbfb707d5a"}, 0xf9) (rerun: 64)

13:51:51 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000ffffa888bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:51 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0xa)

13:51:51 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x41}, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @inquiry_info={{0x2, 0x39}, {0x4, [{@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0xd0, 0x8, 0x1, "846d59", 0x7a}, {@any, 0x0, 0x5, 0x23, "081c82", 0x3}, {@none, 0x20, 0x0, 0x80, "81b37d", 0x2}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0xfe, 0x6, 0x2, "d0d652", 0x6}]}}}, 0x3c)

13:51:51 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000ffffff9ebb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2342.972504][ T1502] FAULT_INJECTION: forcing a failure.
[ 2342.972504][ T1502] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2343.029679][ T1502] CPU: 0 PID: 1502 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2343.040077][ T1502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2343.050152][ T1502] Call Trace:
[ 2343.053494][ T1502]  <TASK>
[ 2343.056445][ T1502]  dump_stack_lvl+0xcd/0x134
[ 2343.061159][ T1502]  should_fail.cold+0x5/0xa
[ 2343.065692][ T1502]  _copy_from_user+0x2a/0x170
[ 2343.070394][ T1502]  input_event_from_user+0x131/0x3a0
[ 2343.075706][ T1502]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2343.081631][ T1502]  evdev_write+0x356/0x760
[ 2343.086062][ T1502]  ? evdev_read+0xe30/0xe30
[ 2343.090581][ T1502]  ? apparmor_file_permission+0x264/0x4e0
[ 2343.096420][ T1502]  ? bpf_lsm_file_permission+0x5/0x10
[ 2343.101809][ T1502]  ? security_file_permission+0xab/0xd0
[ 2343.107374][ T1502]  vfs_write+0x2d7/0xdd0
[ 2343.111632][ T1502]  ? evdev_read+0xe30/0xe30
[ 2343.116160][ T1502]  ? vfs_read+0x930/0x930
[ 2343.120512][ T1502]  ? __fget_files+0x26a/0x440
[ 2343.125211][ T1502]  ? __fget_light+0xe5/0x270
[ 2343.129822][ T1502]  ksys_write+0x1e8/0x250
[ 2343.134169][ T1502]  ? __ia32_sys_read+0xb0/0xb0
[ 2343.138950][ T1502]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2343.144883][ T1502]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2343.150805][ T1502]  do_syscall_64+0x35/0xb0
[ 2343.155239][ T1502]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2343.161174][ T1502] RIP: 0033:0x7eff6688a649
[ 2343.165600][ T1502] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2343.185221][ T1502] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2343.193650][ T1502] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2343.201721][ T1502] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2343.209711][ T1502] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2343.217690][ T1502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
13:51:51 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0xa)

13:51:51 executing program 4:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800)
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800)
ioctl$EVIOCSKEYCODE_V2(0xffffffffffffffff, 0x40284504, &(0x7f0000000080)={0x1, 0x10, 0x469, 0x9, "a8566dc689ab5bb508f7cb1ec9091be622e6a7bf0f8c2a967e0b1f116899a355"})
r2 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r2, &(0x7f0000000040)="e2", 0x1800)
ioctl$EVIOCSFF(r2, 0x40304580, &(0x7f0000000000)={0x55, 0x5db, 0x8, {0x1, 0x1}, {0x2718, 0x100}, @cond=[{0xffff, 0x1ff, 0x6, 0x1000, 0x0, 0x2}, {0x9, 0x7ff, 0xff33, 0x8, 0x78e3, 0x8}]})
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES64=r0, @ANYRESDEC=r1, @ANYRES64=r0, @ANYRESDEC=r0, @ANYBLOB="a46d6aa25f6c541d5f3c227c95207e0de67581138a019ae25c92a86b65f172f44cef9603d1720d7b40cfed3de19d6d2a2b2ce88b690e866611", @ANYRESOCT, @ANYRESOCT=r0], 0xfffffe6d)

13:51:51 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async, rerun: 32)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x41}, 0x2) (async, rerun: 32)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @inquiry_info={{0x2, 0x39}, {0x4, [{@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0xd0, 0x8, 0x1, "846d59", 0x7a}, {@any, 0x0, 0x5, 0x23, "081c82", 0x3}, {@none, 0x20, 0x0, 0x80, "81b37d", 0x2}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0xfe, 0x6, 0x2, "d0d652", 0x6}]}}}, 0x3c)

13:51:51 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000000002afbb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2343.225772][ T1502] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2343.233950][ T1502]  </TASK>
13:51:52 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 99)

13:51:52 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async, rerun: 32)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x41}, 0x2) (async, rerun: 32)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT, 0x2) (async, rerun: 64)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @inquiry_info={{0x2, 0x39}, {0x4, [{@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0xd0, 0x8, 0x1, "846d59", 0x7a}, {@any, 0x0, 0x5, 0x23, "081c82", 0x3}, {@none, 0x20, 0x0, 0x80, "81b37d", 0x2}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0xfe, 0x6, 0x2, "d0d652", 0x6}]}}}, 0x3c) (rerun: 64)

13:51:52 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04360700000000005300"], 0xa)

13:51:52 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000000000bdbb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:52 executing program 4:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800)
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (async)
ioctl$EVIOCSKEYCODE_V2(0xffffffffffffffff, 0x40284504, &(0x7f0000000080)={0x1, 0x10, 0x469, 0x9, "a8566dc689ab5bb508f7cb1ec9091be622e6a7bf0f8c2a967e0b1f116899a355"}) (async)
r2 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r2, &(0x7f0000000040)="e2", 0x1800) (async)
ioctl$EVIOCSFF(r2, 0x40304580, &(0x7f0000000000)={0x55, 0x5db, 0x8, {0x1, 0x1}, {0x2718, 0x100}, @cond=[{0xffff, 0x1ff, 0x6, 0x1000, 0x0, 0x2}, {0x9, 0x7ff, 0xff33, 0x8, 0x78e3, 0x8}]}) (async)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES64=r0, @ANYRESDEC=r1, @ANYRES64=r0, @ANYRESDEC=r0, @ANYBLOB="a46d6aa25f6c541d5f3c227c95207e0de67581138a019ae25c92a86b65f172f44cef9603d1720d7b40cfed3de19d6d2a2b2ce88b690e866611", @ANYRESOCT, @ANYRESOCT=r0], 0xfffffe6d)

13:51:52 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000000001c6bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:52 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04360700000000005300"], 0xa)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04360700000000005300"], 0xa) (async)

13:51:52 executing program 4:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800)
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (async)
ioctl$EVIOCSKEYCODE_V2(0xffffffffffffffff, 0x40284504, &(0x7f0000000080)={0x1, 0x10, 0x469, 0x9, "a8566dc689ab5bb508f7cb1ec9091be622e6a7bf0f8c2a967e0b1f116899a355"}) (async)
r2 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r2, &(0x7f0000000040)="e2", 0x1800) (async)
ioctl$EVIOCSFF(r2, 0x40304580, &(0x7f0000000000)={0x55, 0x5db, 0x8, {0x1, 0x1}, {0x2718, 0x100}, @cond=[{0xffff, 0x1ff, 0x6, 0x1000, 0x0, 0x2}, {0x9, 0x7ff, 0xff33, 0x8, 0x78e3, 0x8}]})
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES64=r0, @ANYRESDEC=r1, @ANYRES64=r0, @ANYRESDEC=r0, @ANYBLOB="a46d6aa25f6c541d5f3c227c95207e0de67581138a019ae25c92a86b65f172f44cef9603d1720d7b40cfed3de19d6d2a2b2ce88b690e866611", @ANYRESOCT, @ANYRESOCT=r0], 0xfffffe6d)

13:51:52 executing program 1:
r0 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r0, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010)
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r4}]}, 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_LINK={0x8, 0x1, r4}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, &(0x7f0000000100)={0x4993, 0x3, &(0x7f0000000040)=[0x6, 0x5, 0x101], &(0x7f0000000080), &(0x7f00000000c0)=[0x2, 0x400]})
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0xfd09)

[ 2343.812404][ T1544] FAULT_INJECTION: forcing a failure.
[ 2343.812404][ T1544] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2343.865504][ T1544] CPU: 0 PID: 1544 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2343.875890][ T1544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2343.885985][ T1544] Call Trace:
[ 2343.889284][ T1544]  <TASK>
[ 2343.892243][ T1544]  dump_stack_lvl+0xcd/0x134
[ 2343.896865][ T1544]  should_fail.cold+0x5/0xa
[ 2343.901430][ T1544]  _copy_from_user+0x2a/0x170
[ 2343.906129][ T1544]  input_event_from_user+0x131/0x3a0
[ 2343.911433][ T1544]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2343.917263][ T1544]  evdev_write+0x356/0x760
[ 2343.921716][ T1544]  ? evdev_read+0xe30/0xe30
[ 2343.926229][ T1544]  ? apparmor_file_permission+0x264/0x4e0
[ 2343.931964][ T1544]  ? bpf_lsm_file_permission+0x5/0x10
[ 2343.937349][ T1544]  ? security_file_permission+0xab/0xd0
[ 2343.942914][ T1544]  vfs_write+0x2d7/0xdd0
[ 2343.947167][ T1544]  ? evdev_read+0xe30/0xe30
[ 2343.951686][ T1544]  ? vfs_read+0x930/0x930
[ 2343.956037][ T1544]  ? __fget_files+0x26a/0x440
[ 2343.960732][ T1544]  ? __fget_light+0xe5/0x270
[ 2343.965334][ T1544]  ksys_write+0x1e8/0x250
[ 2343.969679][ T1544]  ? __ia32_sys_read+0xb0/0xb0
[ 2343.974476][ T1544]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2343.980400][ T1544]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2343.986321][ T1544]  do_syscall_64+0x35/0xb0
[ 2343.990766][ T1544]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2343.996680][ T1544] RIP: 0033:0x7eff6688a649
[ 2344.001117][ T1544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2344.020826][ T1544] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2344.029256][ T1544] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2344.037263][ T1544] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2344.045287][ T1544] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2344.053290][ T1544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
13:51:52 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04360700000000005300"], 0xa)

13:51:52 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000000000cbbb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2344.061278][ T1544] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2344.069286][ T1544]  </TASK>
13:51:52 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800) (fail_nth: 100)

13:51:52 executing program 4:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000040)={0x3, 0x40, 0xfa00, {{0xa, 0x4e24, 0x0, @private1, 0x3}, {0xa, 0x4e21, 0x100, @mcast1, 0xffff}, 0xffffffffffffffff, 0x200}}, 0x48)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="53ce"], 0x8)

13:51:52 executing program 1:
r0 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r0, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010) (async)
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r4}]}, 0x34}}, 0x0) (async)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_LINK={0x8, 0x1, r4}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10) (async)
ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, &(0x7f0000000100)={0x4993, 0x3, &(0x7f0000000040)=[0x6, 0x5, 0x101], &(0x7f0000000080), &(0x7f00000000c0)=[0x2, 0x400]})
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0xfd09)

13:51:52 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0x1d)

13:51:52 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000000000e5bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:52 executing program 4:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000040)={0x3, 0x40, 0xfa00, {{0xa, 0x4e24, 0x0, @private1, 0x3}, {0xa, 0x4e21, 0x100, @mcast1, 0xffff}, 0xffffffffffffffff, 0x200}}, 0x48) (async)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="53ce"], 0x8)

[ 2344.199053][ T1560] FAULT_INJECTION: forcing a failure.
[ 2344.199053][ T1560] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2344.274368][ T1560] CPU: 0 PID: 1560 Comm: syz-executor.2 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2344.284769][ T1560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2344.294867][ T1560] Call Trace:
[ 2344.298220][ T1560]  <TASK>
[ 2344.301181][ T1560]  dump_stack_lvl+0xcd/0x134
[ 2344.305829][ T1560]  should_fail.cold+0x5/0xa
[ 2344.310385][ T1560]  _copy_from_user+0x2a/0x170
[ 2344.315111][ T1560]  input_event_from_user+0x131/0x3a0
13:51:52 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000fffffff0bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:52 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0x1d)

13:51:52 executing program 1:
r0 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r0, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010)
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32) (async)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r4}]}, 0x34}}, 0x0) (async)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_LINK={0x8, 0x1, r4}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10) (async)
ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, &(0x7f0000000100)={0x4993, 0x3, &(0x7f0000000040)=[0x6, 0x5, 0x101], &(0x7f0000000080), &(0x7f00000000c0)=[0x2, 0x400]}) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0xfd09)

13:51:52 executing program 4:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000040)={0x3, 0x40, 0xfa00, {{0xa, 0x4e24, 0x0, @private1, 0x3}, {0xa, 0x4e21, 0x100, @mcast1, 0xffff}, 0xffffffffffffffff, 0x200}}, 0x48)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="53ce"], 0x8)

13:51:52 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0x1d)

[ 2344.320443][ T1560]  ? input_ff_effect_from_user+0x2c0/0x2c0
[ 2344.326309][ T1560]  evdev_write+0x356/0x760
[ 2344.330784][ T1560]  ? evdev_read+0xe30/0xe30
[ 2344.335332][ T1560]  ? apparmor_file_permission+0x264/0x4e0
[ 2344.341105][ T1560]  ? bpf_lsm_file_permission+0x5/0x10
[ 2344.346541][ T1560]  ? security_file_permission+0xab/0xd0
13:51:52 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000000000fcbb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2344.346589][ T1560]  vfs_write+0x2d7/0xdd0
[ 2344.346620][ T1560]  ? evdev_read+0xe30/0xe30
[ 2344.346650][ T1560]  ? vfs_read+0x930/0x930
[ 2344.346692][ T1560]  ? __fget_files+0x26a/0x440
[ 2344.346731][ T1560]  ? __fget_light+0xe5/0x270
13:51:52 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1800)

13:51:52 executing program 4:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x102, 0x0)
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f00000005c0)={0x2, 0x0, 0x1a, 0x1f, 0x17c, &(0x7f00000001c0)="8ea48bb1087012cc82f8f03101dac220f0fe22fd0722de64d8bb415163503418144546b85cfc854f4e7ab526b487bc91e51b3c5810b73e788de3bc8325a337d0a0cf3098134eac9a80d43c96b26f167e47573ef60e50429b77ccbf770022bb0b85d6bdbd1ec4231604ddfe49b6610f76f8227b3cc74a06a7601bfa3c5349a2f37e470c68935319e4a27888d4476c52d9b6a8cc4939290496c8a317a746a31c3c90ac0a00eaace974a09215233af66060bdf78801808b80f563d0dc3cc6a98a2772112c0d3920229fb986f5a73079818ab4c3e50bc9650d56a1f32f761c3bc69b68104b0e1a685c7fc4ec1df3eed07e46221e851f7d95df887dfd33d37a8165f7ef408bd4b686f87c99f7c61c48a9329a60ebadf32a3192e6189d9e405bacf294f1c318dfd2607eba586e662dd40a1abb72675fae7643d58feb43642efdcac2696f01d7e5964fd22be28c52d05fa646aa484105583828f85613469a66e751cfc3c4d0dde90c0b25b77107e4d6f83b2eb364cc3875359a2641bccf020e1e454e09cbce05402fbcbdb742cd64f69a11b4948c21ba3114f26cce6d0c4116df8578df4d672aae6662a1522ce66ee1e0b27e7d6e026eb9f5134ef32b207a2efee62cd456e192ffe14824b3c648bceb87006285721a03963ef16c9dffe5cccaa1680bfeaa2bd9a7186dc996692e85e3eff417e8e85e1207e04bc09143913254d275f151936058b1658f5991b48ecb59ef013dbc09c1492463f4332c29bac6d622616458fd393cc3614e2a2ea8c8302eab410b0c13e014771f6b0284308c4caa8283af2d22807c5be9a89a3c045534006a6ab76812e7251bb4d65df4a4a5d9275015abd44fd4f30ec94af57a4f03779c40a972bfc1e7cde40beb6ffd73b25847262c5443f9ab849471bae975bc72f6b696dad73424082715f86d354a9aff51899ad1e25464bcb9ce7fc08deca2a9a2f386f603c0368b5e39ffa9fe181eeb5e6e039bbe04532cbf8d7d182a52d02a6930900e5d25f6d11d594ae7ef85cfc18410352af3e0cc7f8297ea57d50f1688ba1336f341c1a7777512d01c04923a81d5cb870c31a894f25ffcb3cac0602358b56d4a32d5ae481c61d83de584bd6190ca92037a29b0cd36ce83448693ecb31f62f64fa4ec181be24405296ea5cc21d73f4d6a71dc741c5fee2ee07ceac6714e803a7b00cad24ba8a0f9f0c93017393828af81cf61a7a99ebcdca1ad52f6eb6ac121d183b00cbffcc71d3f5c300e18ee44d348333d6383dac6a0458aa5c86bd9e02c5240e8c6ab5859fad7474ad4b821a0f48058444735fcedbe65cb9817d7eccfb12fe07c2b966a15f1f77817a0333d0f8a4455b9c89114756b4424606f1f02c256aa324f22d18ba2f527a45ae722d3398876df1729f4fc124c16089e315333b81f21e9be7f0287b096895726431b579f9a99afd38e"})
sendmsg$RDMA_NLDEV_CMD_STAT_SET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x60, 0x1410, 0x100, 0x70bd25, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8, 0x15, 0x1}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x1}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8, 0x15, 0x2}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8, 0x15, 0x5}, @RDMA_NLDEV_ATTR_STAT_AUTO_MODE_MASK={0x8, 0x4c, 0x1}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000004}, 0x40000)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="f57e"], 0x8)

13:51:52 executing program 3:
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x114}, @l2cap_cid_signaling={{0x110}, [@l2cap_move_chan_req={{0xe, 0x2, 0x3}, {0x7, 0x7}}, @l2cap_create_chan_req={{0xc, 0x18, 0x5}, {0x8000, 0x8, 0x40}}, @l2cap_info_rsp={{0xb, 0x80, 0xf4}, {0x3, 0x5, "62c9d94892625add568a1f4f5021c34d67e8908754b66f46bf59f86c769e807bd806c8e5ea7a4f283aa4c5aa023cdcbbf759bae34dafa25d4475e15fc80b0b3d319ecfe183a7536ba1aac22e643edd55084fc35d4232fb1d87eeb69cf00a94375a77e2c15aba20d7af11452dd488a379adeac9a09d04b474d0ee1ef375e1c35187afc05aae5ca377c864a8c7a4b72e2b1d7393fda315b857f1416173a054375e791ffc06523f60679f3ad7465f6f3a819bdf15d9ba95190d0d9b31a51820a6c55b28c7807d138052b53c8b21f4e4e7dbfa8867d2942b3c16d28e93d5369ea288940ef40b8fc134f131e35e8ec92d8fde"}}, @l2cap_move_chan_rsp={{0xf, 0x3f, 0x4}, {0x9, 0x9}}]}}, 0x119)

13:51:52 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000fffffffcbb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:52 executing program 3:
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x114}, @l2cap_cid_signaling={{0x110}, [@l2cap_move_chan_req={{0xe, 0x2, 0x3}, {0x7, 0x7}}, @l2cap_create_chan_req={{0xc, 0x18, 0x5}, {0x8000, 0x8, 0x40}}, @l2cap_info_rsp={{0xb, 0x80, 0xf4}, {0x3, 0x5, "62c9d94892625add568a1f4f5021c34d67e8908754b66f46bf59f86c769e807bd806c8e5ea7a4f283aa4c5aa023cdcbbf759bae34dafa25d4475e15fc80b0b3d319ecfe183a7536ba1aac22e643edd55084fc35d4232fb1d87eeb69cf00a94375a77e2c15aba20d7af11452dd488a379adeac9a09d04b474d0ee1ef375e1c35187afc05aae5ca377c864a8c7a4b72e2b1d7393fda315b857f1416173a054375e791ffc06523f60679f3ad7465f6f3a819bdf15d9ba95190d0d9b31a51820a6c55b28c7807d138052b53c8b21f4e4e7dbfa8867d2942b3c16d28e93d5369ea288940ef40b8fc134f131e35e8ec92d8fde"}}, @l2cap_move_chan_rsp={{0xf, 0x3f, 0x4}, {0x9, 0x9}}]}}, 0x119)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x114}, @l2cap_cid_signaling={{0x110}, [@l2cap_move_chan_req={{0xe, 0x2, 0x3}, {0x7, 0x7}}, @l2cap_create_chan_req={{0xc, 0x18, 0x5}, {0x8000, 0x8, 0x40}}, @l2cap_info_rsp={{0xb, 0x80, 0xf4}, {0x3, 0x5, "62c9d94892625add568a1f4f5021c34d67e8908754b66f46bf59f86c769e807bd806c8e5ea7a4f283aa4c5aa023cdcbbf759bae34dafa25d4475e15fc80b0b3d319ecfe183a7536ba1aac22e643edd55084fc35d4232fb1d87eeb69cf00a94375a77e2c15aba20d7af11452dd488a379adeac9a09d04b474d0ee1ef375e1c35187afc05aae5ca377c864a8c7a4b72e2b1d7393fda315b857f1416173a054375e791ffc06523f60679f3ad7465f6f3a819bdf15d9ba95190d0d9b31a51820a6c55b28c7807d138052b53c8b21f4e4e7dbfa8867d2942b3c16d28e93d5369ea288940ef40b8fc134f131e35e8ec92d8fde"}}, @l2cap_move_chan_rsp={{0xf, 0x3f, 0x4}, {0x9, 0x9}}]}}, 0x119) (async)

[ 2344.346765][ T1560]  ksys_write+0x1e8/0x250
[ 2344.346794][ T1560]  ? __ia32_sys_read+0xb0/0xb0
13:51:52 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000001ffdbb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:52 executing program 4:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x102, 0x0)
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f00000005c0)={0x2, 0x0, 0x1a, 0x1f, 0x17c, &(0x7f00000001c0)="8ea48bb1087012cc82f8f03101dac220f0fe22fd0722de64d8bb415163503418144546b85cfc854f4e7ab526b487bc91e51b3c5810b73e788de3bc8325a337d0a0cf3098134eac9a80d43c96b26f167e47573ef60e50429b77ccbf770022bb0b85d6bdbd1ec4231604ddfe49b6610f76f8227b3cc74a06a7601bfa3c5349a2f37e470c68935319e4a27888d4476c52d9b6a8cc4939290496c8a317a746a31c3c90ac0a00eaace974a09215233af66060bdf78801808b80f563d0dc3cc6a98a2772112c0d3920229fb986f5a73079818ab4c3e50bc9650d56a1f32f761c3bc69b68104b0e1a685c7fc4ec1df3eed07e46221e851f7d95df887dfd33d37a8165f7ef408bd4b686f87c99f7c61c48a9329a60ebadf32a3192e6189d9e405bacf294f1c318dfd2607eba586e662dd40a1abb72675fae7643d58feb43642efdcac2696f01d7e5964fd22be28c52d05fa646aa484105583828f85613469a66e751cfc3c4d0dde90c0b25b77107e4d6f83b2eb364cc3875359a2641bccf020e1e454e09cbce05402fbcbdb742cd64f69a11b4948c21ba3114f26cce6d0c4116df8578df4d672aae6662a1522ce66ee1e0b27e7d6e026eb9f5134ef32b207a2efee62cd456e192ffe14824b3c648bceb87006285721a03963ef16c9dffe5cccaa1680bfeaa2bd9a7186dc996692e85e3eff417e8e85e1207e04bc09143913254d275f151936058b1658f5991b48ecb59ef013dbc09c1492463f4332c29bac6d622616458fd393cc3614e2a2ea8c8302eab410b0c13e014771f6b0284308c4caa8283af2d22807c5be9a89a3c045534006a6ab76812e7251bb4d65df4a4a5d9275015abd44fd4f30ec94af57a4f03779c40a972bfc1e7cde40beb6ffd73b25847262c5443f9ab849471bae975bc72f6b696dad73424082715f86d354a9aff51899ad1e25464bcb9ce7fc08deca2a9a2f386f603c0368b5e39ffa9fe181eeb5e6e039bbe04532cbf8d7d182a52d02a6930900e5d25f6d11d594ae7ef85cfc18410352af3e0cc7f8297ea57d50f1688ba1336f341c1a7777512d01c04923a81d5cb870c31a894f25ffcb3cac0602358b56d4a32d5ae481c61d83de584bd6190ca92037a29b0cd36ce83448693ecb31f62f64fa4ec181be24405296ea5cc21d73f4d6a71dc741c5fee2ee07ceac6714e803a7b00cad24ba8a0f9f0c93017393828af81cf61a7a99ebcdca1ad52f6eb6ac121d183b00cbffcc71d3f5c300e18ee44d348333d6383dac6a0458aa5c86bd9e02c5240e8c6ab5859fad7474ad4b821a0f48058444735fcedbe65cb9817d7eccfb12fe07c2b966a15f1f77817a0333d0f8a4455b9c89114756b4424606f1f02c256aa324f22d18ba2f527a45ae722d3398876df1729f4fc124c16089e315333b81f21e9be7f0287b096895726431b579f9a99afd38e"}) (async)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x60, 0x1410, 0x100, 0x70bd25, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8, 0x15, 0x1}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x1}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8, 0x15, 0x2}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8, 0x15, 0x5}, @RDMA_NLDEV_ATTR_STAT_AUTO_MODE_MASK={0x8, 0x4c, 0x1}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000004}, 0x40000) (async)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="f57e"], 0x8)

13:51:52 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x18)

[ 2344.346823][ T1560]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2344.346859][ T1560]  ? syscall_enter_from_user_mode+0x22/0xb0
[ 2344.346903][ T1560]  do_syscall_64+0x35/0xb0
[ 2344.346933][ T1560]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2344.346962][ T1560] RIP: 0033:0x7eff6688a649
[ 2344.346987][ T1560] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2344.347014][ T1560] RSP: 002b:00007eff6798d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2344.347043][ T1560] RAX: ffffffffffffffda RBX: 00007eff6699bf80 RCX: 00007eff6688a649
[ 2344.347063][ T1560] RDX: 0000000000001800 RSI: 0000000020000040 RDI: 0000000000000004
[ 2344.347083][ T1560] RBP: 00007eff6798d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2344.347101][ T1560] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[ 2344.347119][ T1560] R13: 00007eff66ecfb1f R14: 00007eff6798d300 R15: 0000000000022000
[ 2344.347157][ T1560]  </TASK>
[ 2344.406071][ T1239] ieee802154 phy0 wpan0: encryption failed: -22
13:51:53 executing program 1:
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x29, @empty, 0x4e20, 0x3, 'nq\x00', 0x28, 0x1d, 0xf}, 0x2c)
socket$inet(0x2, 0x3, 0x7fffffff)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

13:51:53 executing program 3:
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x114}, @l2cap_cid_signaling={{0x110}, [@l2cap_move_chan_req={{0xe, 0x2, 0x3}, {0x7, 0x7}}, @l2cap_create_chan_req={{0xc, 0x18, 0x5}, {0x8000, 0x8, 0x40}}, @l2cap_info_rsp={{0xb, 0x80, 0xf4}, {0x3, 0x5, "62c9d94892625add568a1f4f5021c34d67e8908754b66f46bf59f86c769e807bd806c8e5ea7a4f283aa4c5aa023cdcbbf759bae34dafa25d4475e15fc80b0b3d319ecfe183a7536ba1aac22e643edd55084fc35d4232fb1d87eeb69cf00a94375a77e2c15aba20d7af11452dd488a379adeac9a09d04b474d0ee1ef375e1c35187afc05aae5ca377c864a8c7a4b72e2b1d7393fda315b857f1416173a054375e791ffc06523f60679f3ad7465f6f3a819bdf15d9ba95190d0d9b31a51820a6c55b28c7807d138052b53c8b21f4e4e7dbfa8867d2942b3c16d28e93d5369ea288940ef40b8fc134f131e35e8ec92d8fde"}}, @l2cap_move_chan_rsp={{0xf, 0x3f, 0x4}, {0x9, 0x9}}]}}, 0x119)

13:51:53 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000000080febb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:53 executing program 4:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x102, 0x0)
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f00000005c0)={0x2, 0x0, 0x1a, 0x1f, 0x17c, &(0x7f00000001c0)="8ea48bb1087012cc82f8f03101dac220f0fe22fd0722de64d8bb415163503418144546b85cfc854f4e7ab526b487bc91e51b3c5810b73e788de3bc8325a337d0a0cf3098134eac9a80d43c96b26f167e47573ef60e50429b77ccbf770022bb0b85d6bdbd1ec4231604ddfe49b6610f76f8227b3cc74a06a7601bfa3c5349a2f37e470c68935319e4a27888d4476c52d9b6a8cc4939290496c8a317a746a31c3c90ac0a00eaace974a09215233af66060bdf78801808b80f563d0dc3cc6a98a2772112c0d3920229fb986f5a73079818ab4c3e50bc9650d56a1f32f761c3bc69b68104b0e1a685c7fc4ec1df3eed07e46221e851f7d95df887dfd33d37a8165f7ef408bd4b686f87c99f7c61c48a9329a60ebadf32a3192e6189d9e405bacf294f1c318dfd2607eba586e662dd40a1abb72675fae7643d58feb43642efdcac2696f01d7e5964fd22be28c52d05fa646aa484105583828f85613469a66e751cfc3c4d0dde90c0b25b77107e4d6f83b2eb364cc3875359a2641bccf020e1e454e09cbce05402fbcbdb742cd64f69a11b4948c21ba3114f26cce6d0c4116df8578df4d672aae6662a1522ce66ee1e0b27e7d6e026eb9f5134ef32b207a2efee62cd456e192ffe14824b3c648bceb87006285721a03963ef16c9dffe5cccaa1680bfeaa2bd9a7186dc996692e85e3eff417e8e85e1207e04bc09143913254d275f151936058b1658f5991b48ecb59ef013dbc09c1492463f4332c29bac6d622616458fd393cc3614e2a2ea8c8302eab410b0c13e014771f6b0284308c4caa8283af2d22807c5be9a89a3c045534006a6ab76812e7251bb4d65df4a4a5d9275015abd44fd4f30ec94af57a4f03779c40a972bfc1e7cde40beb6ffd73b25847262c5443f9ab849471bae975bc72f6b696dad73424082715f86d354a9aff51899ad1e25464bcb9ce7fc08deca2a9a2f386f603c0368b5e39ffa9fe181eeb5e6e039bbe04532cbf8d7d182a52d02a6930900e5d25f6d11d594ae7ef85cfc18410352af3e0cc7f8297ea57d50f1688ba1336f341c1a7777512d01c04923a81d5cb870c31a894f25ffcb3cac0602358b56d4a32d5ae481c61d83de584bd6190ca92037a29b0cd36ce83448693ecb31f62f64fa4ec181be24405296ea5cc21d73f4d6a71dc741c5fee2ee07ceac6714e803a7b00cad24ba8a0f9f0c93017393828af81cf61a7a99ebcdca1ad52f6eb6ac121d183b00cbffcc71d3f5c300e18ee44d348333d6383dac6a0458aa5c86bd9e02c5240e8c6ab5859fad7474ad4b821a0f48058444735fcedbe65cb9817d7eccfb12fe07c2b966a15f1f77817a0333d0f8a4455b9c89114756b4424606f1f02c256aa324f22d18ba2f527a45ae722d3398876df1729f4fc124c16089e315333b81f21e9be7f0287b096895726431b579f9a99afd38e"}) (async)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x60, 0x1410, 0x100, 0x70bd25, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8, 0x15, 0x1}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x1}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8, 0x15, 0x2}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8, 0x15, 0x5}, @RDMA_NLDEV_ATTR_STAT_AUTO_MODE_MASK={0x8, 0x4c, 0x1}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000004}, 0x40000) (async)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="f57e"], 0x8)

13:51:53 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x30)

13:51:53 executing program 3:
ioctl$IOC_PR_PREEMPT(0xffffffffffffffff, 0x401870cb, &(0x7f0000000000)={0xffff, 0xf859, 0x8000, 0x7ff})
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="04360700ffffffff0b00"], 0xa)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}, {@none}}}, 0x9)

[ 2344.406126][ T1239] ieee802154 phy1 wpan1: encryption failed: -22
13:51:53 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x48)

13:51:53 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe800000000000000000000000c0febb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:53 executing program 4:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='attr/current\x00')
r1 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r1, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010)
r2 = socket(0x10, 0x2, 0x0)
write(r2, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32)
recvmmsg(r2, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r5}]}, 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(r2, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r1}, @GTPA_LINK={0x8, 0x1, r5}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0}, './file0\x00'})

13:51:53 executing program 1:
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x29, @empty, 0x4e20, 0x3, 'nq\x00', 0x28, 0x1d, 0xf}, 0x2c)
socket$inet(0x2, 0x3, 0x7fffffff)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x29, @empty, 0x4e20, 0x3, 'nq\x00', 0x28, 0x1d, 0xf}, 0x2c) (async)
socket$inet(0x2, 0x3, 0x7fffffff) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)

13:51:53 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x60)

13:51:53 executing program 1:
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x29, @empty, 0x4e20, 0x3, 'nq\x00', 0x28, 0x1d, 0xf}, 0x2c) (async)
socket$inet(0x2, 0x3, 0x7fffffff) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

13:51:53 executing program 3:
ioctl$IOC_PR_PREEMPT(0xffffffffffffffff, 0x401870cb, &(0x7f0000000000)={0xffff, 0xf859, 0x8000, 0x7ff})
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="04360700ffffffff0b00"], 0xa) (async)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}, {@none}}}, 0x9)

13:51:53 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000000000ffbb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:53 executing program 4:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='attr/current\x00') (async)
r1 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r1, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010) (async)
r2 = socket(0x10, 0x2, 0x0)
write(r2, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32) (async, rerun: 64)
recvmmsg(r2, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) (async, rerun: 64)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r5}]}, 0x34}}, 0x0) (async, rerun: 64)
sendmsg$GTP_CMD_GETPDP(r2, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r1}, @GTPA_LINK={0x8, 0x1, r5}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10) (rerun: 64)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0}, './file0\x00'})

13:51:53 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x78)

13:51:53 executing program 1:
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

13:51:53 executing program 3:
ioctl$IOC_PR_PREEMPT(0xffffffffffffffff, 0x401870cb, &(0x7f0000000000)={0xffff, 0xf859, 0x8000, 0x7ff}) (async)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="04360700ffffffff0b00"], 0xa) (async)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}, {@none}}}, 0x9)

13:51:53 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000088a8ffffbb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:53 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x90)

13:51:53 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04510700000000000006"], 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @HCI_EV_INQUIRY_COMPLETE={{0x1, 0x1}}}, 0x4)

13:51:53 executing program 4:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='attr/current\x00') (async)
r1 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r1, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010) (async, rerun: 64)
r2 = socket(0x10, 0x2, 0x0) (rerun: 64)
write(r2, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32) (async)
recvmmsg(r2, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
r3 = socket$nl_route(0x10, 0x3, 0x0) (async)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r5}]}, 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(r2, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r1}, @GTPA_LINK={0x8, 0x1, r5}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0}, './file0\x00'})

13:51:53 executing program 1:
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

13:51:53 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000f0ffffbb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:53 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04510700000000000006"], 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @HCI_EV_INQUIRY_COMPLETE={{0x1, 0x1}}}, 0x4)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04510700000000000006"], 0xa) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @HCI_EV_INQUIRY_COMPLETE={{0x1, 0x1}}}, 0x4) (async)

13:51:53 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0xa8)

13:51:53 executing program 1:
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)

13:51:53 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe800000000000000000007fffffffbb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:53 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04510700000000000006"], 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @HCI_EV_INQUIRY_COMPLETE={{0x1, 0x1}}}, 0x4)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04510700000000000006"], 0xa) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @HCI_EV_INQUIRY_COMPLETE={{0x1, 0x1}}}, 0x4) (async)

13:51:53 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0xc0)

13:51:53 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040d30bfb88aa43ecc7dff7fe7c8acfd4b37cd151c89c14da498c4c44ae070f959f3bec24ecda4cd40f248bcaae916cb1509ff51356370bafee7c971efca19f3df2e1b48598a1afb229ce65a57c651a0a73bb69e1070021d8b9b34ecbcd67e7e74afa96f76024355fd48348879b2457b06418c35cd447363980f6b02e11953b8c7165a2808ddc1fb8bcc5f840f3d2bd6f176008a090000007e9da2c4f4b2a1c3174a9749b2338066a504153ad1c936c9"], 0x8)

13:51:53 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi_and_pscan_mode={{0x22, 0x10}, {0x1, [{@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x9, 0x34, 0x1, "a2c2ca", 0x58ff, 0x2}]}}}, 0x13)

13:51:53 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe800000000000000000009effffffbb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:53 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0436f200000000000000"], 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_si_security={{0x2, 0x7}, {0x1, 0xfff7, 0x2, 0x7f}}}, 0xa)

13:51:53 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0xd8)

13:51:53 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040d30bfb88aa43ecc7dff7fe7c8acfd4b37cd151c89c14da498c4c44ae070f959f3bec24ecda4cd40f248bcaae916cb1509ff51356370bafee7c971efca19f3df2e1b48598a1afb229ce65a57c651a0a73bb69e1070021d8b9b34ecbcd67e7e74afa96f76024355fd48348879b2457b06418c35cd447363980f6b02e11953b8c7165a2808ddc1fb8bcc5f840f3d2bd6f176008a090000007e9da2c4f4b2a1c3174a9749b2338066a504153ad1c936c9"], 0x8)

13:51:53 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi_and_pscan_mode={{0x22, 0x10}, {0x1, [{@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x9, 0x34, 0x1, "a2c2ca", 0x58ff, 0x2}]}}}, 0x13)

13:51:53 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0436f200000000000000"], 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_si_security={{0x2, 0x7}, {0x1, 0xfff7, 0x2, 0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0436f200000000000000"], 0xa) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_si_security={{0x2, 0x7}, {0x1, 0xfff7, 0x2, 0x7f}}}, 0xa) (async)

13:51:53 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0xf0)

13:51:53 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi_and_pscan_mode={{0x22, 0x10}, {0x1, [{@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x9, 0x34, 0x1, "a2c2ca", 0x58ff, 0x2}]}}}, 0x13)

13:51:53 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040d30bfb88aa43ecc7dff7fe7c8acfd4b37cd151c89c14da498c4c44ae070f959f3bec24ecda4cd40f248bcaae916cb1509ff51356370bafee7c971efca19f3df2e1b48598a1afb229ce65a57c651a0a73bb69e1070021d8b9b34ecbcd67e7e74afa96f76024355fd48348879b2457b06418c35cd447363980f6b02e11953b8c7165a2808ddc1fb8bcc5f840f3d2bd6f176008a090000007e9da2c4f4b2a1c3174a9749b2338066a504153ad1c936c9"], 0x8)

13:51:53 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000f0ffffffbb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:53 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0436f200000000000000"], 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_si_security={{0x2, 0x7}, {0x1, 0xfff7, 0x2, 0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0436f200000000000000"], 0xa) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_si_security={{0x2, 0x7}, {0x1, 0xfff7, 0x2, 0x7f}}}, 0xa) (async)

13:51:53 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000fcffffffbb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:53 executing program 3:
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_notify={{0x18, 0x17}, {@any, "fe179b33eb3179489bc432899f556d4c", 0x8}}}, 0x1a)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x59, 0xc9, 0x4}}}, 0x7)

13:51:53 executing program 1:
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)="448dc2ec7c48f6ca6cc6735b9af59733706c3d6ae17aa2c417063d8a0f6597c857dd83c81e7c3696e64c24465d6692edab82928cd1de961f8ac474ddb5cdaee2100e990552faa9605946069e82b2a694bd496e036270cb9f1c699ffeba77d13fca", 0x61}, {&(0x7f00000000c0)="6286ab0b0a09335b84c94a2a1cf57ba6bb24daec5b6a747b35ff4d3911d8cf35f557fd8bdc7b59051488f1ed2f07a0f6a7fec790809e377fe0c1030a3180afe5db6fe75972dd634f203d1f0e05e11e0b302bb8c1c1a8b37ceb502b424fed2d9ff127fae08bd8c78229e60b4fe1c9741e99c1a0e633f26662a2883d66f8b61cb3f4908c35e2d68d0d91e064a79b5df91d52a2419d6f7d6130567b928746", 0x9d}], 0x2, &(0x7f00000001c0)=[{0x80, 0x115, 0x800, "175d0d9f4ecaa2a665f6ef577f31eb1bba286033682727fc75b1713511a151f13fb0a3faaeb23f5cb25c0742eacfac49dc52938d76501344fe1199d5c453870c9d5931467ae16d6264991c58196519d7fad5e5d48600d3997f152d88a0459e6bc0a8d65b48b42269a80a54aa"}, {0x108, 0x118, 0x7fff, "4eed3a4179434f65ca783433e10a83ea7bb9a3531576224ce1da32fb9638b7c460b726dbac463d30ee051c853c72d73664772ea39357a46b13875492a4740ba2ec50074cf939206ec3915a5ff7a345a7adb57e5f2b98531ea1f3dc03cf012d9513329cabd20ba162945ba9c58490fc8438d243284d3ba87da61a80527a929d1ee2fbf2d0486e5e01ce4d47be5a4e69596a29116925ae43e338570a85f41f04ef53facd09db4afa125cb4c42f1f8b5cc9bf3f03f4e6db1e558b999c8e78937ff72c1c903f7f365bbb7774c99c6f52e48b8e5762d34752b4cc9a6045ad8e70abda28d8f5b74eb0998a443740c74f29c5eba0bd9f"}], 0x188}, 0x20048890)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_EVENT_PKT={0x4, @hci_ev_logical_link_complete={{0x45, 0x5}, {0x0, 0xc8, 0xc8, 0x1f}}}, 0x8)

13:51:53 executing program 4:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800)
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="021ec421391fbd945a54c11a6fdd11b454a25bc46abf40721fd63c8affd3e2cc1d48864384bd01c8f1cffeabf7015b49ba7c0b30340b43e02d6685ee800dfd93d55360cd5f991917351894297b545f5cdf41331713cbd8b8f6c8e67b69e4966c661a3294f7126dde6305dddef47319427be3e967e60fd5e85caf218c0ade2e9730bba09316828aa2acfc36b13c4dd5202e1a64ab118607cceebd93db2e4e790a3a6a747d046c8bd5a5d8988d868a70b92ec4a804c01c6453e42f65935bff467610aaa3c7543ec8f4f42c006f04ec4cc701172a1c6df068f10c9f8700a3f9eb5f31a50855703dc1b63d7414db9e4684245abb10feba3c", @ANYRES8, @ANYRES64=r0, @ANYBLOB="246912e85be08f0fdfdd7fd48fbe5325f0e881550586e3142a70aecd390b162e81c85624a55e06adce094eb9bfb6f97f1f52da58a1c1d22948434861cc3ce9a5a19a0bb1ba1c50b1364a59bfcc5679d33afd26031d53d6f408c2d2ef56529597ddbd13334b8bdf77e8ee965453b897460f10e2ec746c4cdef30672a42ed42712d857985325d5091e754c0361c6398b0507a5fff268e4a7dec823d4007828e2c8de8db695c2b9057d9d4fd7586f3ca2a97b1b2ad46bbe7ad09d49ed7d170f4a6043f1f57c94408c48863e96ddf5a97de0495ba225045284538a", @ANYRES32=r0, @ANYRESDEC=0x0], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0xf}, {0x1, [{@none, 0x4, 0xfa, "70e20d", 0x6, 0x70}]}}}, 0x12)

13:51:53 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x108)

13:51:53 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000020000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:53 executing program 3:
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_notify={{0x18, 0x17}, {@any, "fe179b33eb3179489bc432899f556d4c", 0x8}}}, 0x1a)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x59, 0xc9, 0x4}}}, 0x7)

13:51:54 executing program 1:
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)="448dc2ec7c48f6ca6cc6735b9af59733706c3d6ae17aa2c417063d8a0f6597c857dd83c81e7c3696e64c24465d6692edab82928cd1de961f8ac474ddb5cdaee2100e990552faa9605946069e82b2a694bd496e036270cb9f1c699ffeba77d13fca", 0x61}, {&(0x7f00000000c0)="6286ab0b0a09335b84c94a2a1cf57ba6bb24daec5b6a747b35ff4d3911d8cf35f557fd8bdc7b59051488f1ed2f07a0f6a7fec790809e377fe0c1030a3180afe5db6fe75972dd634f203d1f0e05e11e0b302bb8c1c1a8b37ceb502b424fed2d9ff127fae08bd8c78229e60b4fe1c9741e99c1a0e633f26662a2883d66f8b61cb3f4908c35e2d68d0d91e064a79b5df91d52a2419d6f7d6130567b928746", 0x9d}], 0x2, &(0x7f00000001c0)=[{0x80, 0x115, 0x800, "175d0d9f4ecaa2a665f6ef577f31eb1bba286033682727fc75b1713511a151f13fb0a3faaeb23f5cb25c0742eacfac49dc52938d76501344fe1199d5c453870c9d5931467ae16d6264991c58196519d7fad5e5d48600d3997f152d88a0459e6bc0a8d65b48b42269a80a54aa"}, {0x108, 0x118, 0x7fff, "4eed3a4179434f65ca783433e10a83ea7bb9a3531576224ce1da32fb9638b7c460b726dbac463d30ee051c853c72d73664772ea39357a46b13875492a4740ba2ec50074cf939206ec3915a5ff7a345a7adb57e5f2b98531ea1f3dc03cf012d9513329cabd20ba162945ba9c58490fc8438d243284d3ba87da61a80527a929d1ee2fbf2d0486e5e01ce4d47be5a4e69596a29116925ae43e338570a85f41f04ef53facd09db4afa125cb4c42f1f8b5cc9bf3f03f4e6db1e558b999c8e78937ff72c1c903f7f365bbb7774c99c6f52e48b8e5762d34752b4cc9a6045ad8e70abda28d8f5b74eb0998a443740c74f29c5eba0bd9f"}], 0x188}, 0x20048890) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_EVENT_PKT={0x4, @hci_ev_logical_link_complete={{0x45, 0x5}, {0x0, 0xc8, 0xc8, 0x1f}}}, 0x8)

13:51:54 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x120)

[ 2345.670299][T15356] Bluetooth: hci8: ACL packet for unknown connection handle 1054
13:51:54 executing program 4:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800)
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="021ec421391fbd945a54c11a6fdd11b454a25bc46abf40721fd63c8affd3e2cc1d48864384bd01c8f1cffeabf7015b49ba7c0b30340b43e02d6685ee800dfd93d55360cd5f991917351894297b545f5cdf41331713cbd8b8f6c8e67b69e4966c661a3294f7126dde6305dddef47319427be3e967e60fd5e85caf218c0ade2e9730bba09316828aa2acfc36b13c4dd5202e1a64ab118607cceebd93db2e4e790a3a6a747d046c8bd5a5d8988d868a70b92ec4a804c01c6453e42f65935bff467610aaa3c7543ec8f4f42c006f04ec4cc701172a1c6df068f10c9f8700a3f9eb5f31a50855703dc1b63d7414db9e4684245abb10feba3c", @ANYRES8, @ANYRES64=r0, @ANYBLOB="246912e85be08f0fdfdd7fd48fbe5325f0e881550586e3142a70aecd390b162e81c85624a55e06adce094eb9bfb6f97f1f52da58a1c1d22948434861cc3ce9a5a19a0bb1ba1c50b1364a59bfcc5679d33afd26031d53d6f408c2d2ef56529597ddbd13334b8bdf77e8ee965453b897460f10e2ec746c4cdef30672a42ed42712d857985325d5091e754c0361c6398b0507a5fff268e4a7dec823d4007828e2c8de8db695c2b9057d9d4fd7586f3ca2a97b1b2ad46bbe7ad09d49ed7d170f4a6043f1f57c94408c48863e96ddf5a97de0495ba225045284538a", @ANYRES32=r0, @ANYRESDEC=0x0], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0xf}, {0x1, [{@none, 0x4, 0xfa, "70e20d", 0x6, 0x70}]}}}, 0x12)
syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01) (async)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800) (async)
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="021ec421391fbd945a54c11a6fdd11b454a25bc46abf40721fd63c8affd3e2cc1d48864384bd01c8f1cffeabf7015b49ba7c0b30340b43e02d6685ee800dfd93d55360cd5f991917351894297b545f5cdf41331713cbd8b8f6c8e67b69e4966c661a3294f7126dde6305dddef47319427be3e967e60fd5e85caf218c0ade2e9730bba09316828aa2acfc36b13c4dd5202e1a64ab118607cceebd93db2e4e790a3a6a747d046c8bd5a5d8988d868a70b92ec4a804c01c6453e42f65935bff467610aaa3c7543ec8f4f42c006f04ec4cc701172a1c6df068f10c9f8700a3f9eb5f31a50855703dc1b63d7414db9e4684245abb10feba3c", @ANYRES8, @ANYRES64=r0, @ANYBLOB="246912e85be08f0fdfdd7fd48fbe5325f0e881550586e3142a70aecd390b162e81c85624a55e06adce094eb9bfb6f97f1f52da58a1c1d22948434861cc3ce9a5a19a0bb1ba1c50b1364a59bfcc5679d33afd26031d53d6f408c2d2ef56529597ddbd13334b8bdf77e8ee965453b897460f10e2ec746c4cdef30672a42ed42712d857985325d5091e754c0361c6398b0507a5fff268e4a7dec823d4007828e2c8de8db695c2b9057d9d4fd7586f3ca2a97b1b2ad46bbe7ad09d49ed7d170f4a6043f1f57c94408c48863e96ddf5a97de0495ba225045284538a", @ANYRES32=r0, @ANYRESDEC=0x0], 0x8) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0xf}, {0x1, [{@none, 0x4, 0xfa, "70e20d", 0x6, 0x70}]}}}, 0x12) (async)

13:51:54 executing program 3:
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_notify={{0x18, 0x17}, {@any, "fe179b33eb3179489bc432899f556d4c", 0x8}}}, 0x1a)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x59, 0xc9, 0x4}}}, 0x7)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_notify={{0x18, 0x17}, {@any, "fe179b33eb3179489bc432899f556d4c", 0x8}}}, 0x1a) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x59, 0xc9, 0x4}}}, 0x7) (async)

13:51:54 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x138)

13:51:54 executing program 1:
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)="448dc2ec7c48f6ca6cc6735b9af59733706c3d6ae17aa2c417063d8a0f6597c857dd83c81e7c3696e64c24465d6692edab82928cd1de961f8ac474ddb5cdaee2100e990552faa9605946069e82b2a694bd496e036270cb9f1c699ffeba77d13fca", 0x61}, {&(0x7f00000000c0)="6286ab0b0a09335b84c94a2a1cf57ba6bb24daec5b6a747b35ff4d3911d8cf35f557fd8bdc7b59051488f1ed2f07a0f6a7fec790809e377fe0c1030a3180afe5db6fe75972dd634f203d1f0e05e11e0b302bb8c1c1a8b37ceb502b424fed2d9ff127fae08bd8c78229e60b4fe1c9741e99c1a0e633f26662a2883d66f8b61cb3f4908c35e2d68d0d91e064a79b5df91d52a2419d6f7d6130567b928746", 0x9d}], 0x2, &(0x7f00000001c0)=[{0x80, 0x115, 0x800, "175d0d9f4ecaa2a665f6ef577f31eb1bba286033682727fc75b1713511a151f13fb0a3faaeb23f5cb25c0742eacfac49dc52938d76501344fe1199d5c453870c9d5931467ae16d6264991c58196519d7fad5e5d48600d3997f152d88a0459e6bc0a8d65b48b42269a80a54aa"}, {0x108, 0x118, 0x7fff, "4eed3a4179434f65ca783433e10a83ea7bb9a3531576224ce1da32fb9638b7c460b726dbac463d30ee051c853c72d73664772ea39357a46b13875492a4740ba2ec50074cf939206ec3915a5ff7a345a7adb57e5f2b98531ea1f3dc03cf012d9513329cabd20ba162945ba9c58490fc8438d243284d3ba87da61a80527a929d1ee2fbf2d0486e5e01ce4d47be5a4e69596a29116925ae43e338570a85f41f04ef53facd09db4afa125cb4c42f1f8b5cc9bf3f03f4e6db1e558b999c8e78937ff72c1c903f7f365bbb7774c99c6f52e48b8e5762d34752b4cc9a6045ad8e70abda28d8f5b74eb0998a443740c74f29c5eba0bd9f"}], 0x188}, 0x20048890) (async, rerun: 64)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async, rerun: 64)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_EVENT_PKT={0x4, @hci_ev_logical_link_complete={{0x45, 0x5}, {0x0, 0xc8, 0xc8, 0x1f}}}, 0x8)

13:51:54 executing program 3:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="25340709001700150000f82124c03571137d29e752dec414a737234d0623435b6aa7db98d4aa22ed1f04bb985ea0a0fd3459648ee0c619e20dabb2217db1de090f5b4d19591412350af8b3a0872e283231d4e21fc501098865c51afa895706cc16fc745fdd5a366d666df4cd6b7195e3e6924e0dc7760bb6a7f19efd40f48f749a5e8f36791b9bc515dbdf4048433c40daf1650724711f10af7cae0b9a66efb30d851fcf690f2bbedc27186d8a29ddc3f91ee62af6bdc3ae03e29952fe8550cfdad17b175a10079c3943091244ffaa3f0b6c896b2ad14ca5edae83091c49ff010c063cde7e15b9d5976e873df11cb77eb0adbec062daa676da33a584fe50228254b6de5684e0dd350603c5517792482dd432398edc64c60200f991debfb1a20698b37ec55ac5e88122b0e9c2f151c5f934f8f6771a98372b38a8868d038ff4b36de289813fac555cde82074d381946e342181211c758b854bcab87c000"], 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x81}, 0x2)
syz_emit_vhci(0xfffffffffffffffc, 0x0)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

13:51:54 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000030000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:54 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x150)

13:51:54 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000040000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:54 executing program 4:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800) (async)
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="021ec421391fbd945a54c11a6fdd11b454a25bc46abf40721fd63c8affd3e2cc1d48864384bd01c8f1cffeabf7015b49ba7c0b30340b43e02d6685ee800dfd93d55360cd5f991917351894297b545f5cdf41331713cbd8b8f6c8e67b69e4966c661a3294f7126dde6305dddef47319427be3e967e60fd5e85caf218c0ade2e9730bba09316828aa2acfc36b13c4dd5202e1a64ab118607cceebd93db2e4e790a3a6a747d046c8bd5a5d8988d868a70b92ec4a804c01c6453e42f65935bff467610aaa3c7543ec8f4f42c006f04ec4cc701172a1c6df068f10c9f8700a3f9eb5f31a50855703dc1b63d7414db9e4684245abb10feba3c", @ANYRES8, @ANYRES64=r0, @ANYBLOB="246912e85be08f0fdfdd7fd48fbe5325f0e881550586e3142a70aecd390b162e81c85624a55e06adce094eb9bfb6f97f1f52da58a1c1d22948434861cc3ce9a5a19a0bb1ba1c50b1364a59bfcc5679d33afd26031d53d6f408c2d2ef56529597ddbd13334b8bdf77e8ee965453b897460f10e2ec746c4cdef30672a42ed42712d857985325d5091e754c0361c6398b0507a5fff268e4a7dec823d4007828e2c8de8db695c2b9057d9d4fd7586f3ca2a97b1b2ad46bbe7ad09d49ed7d170f4a6043f1f57c94408c48863e96ddf5a97de0495ba225045284538a", @ANYRES32=r0, @ANYRESDEC=0x0], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0xf}, {0x1, [{@none, 0x4, 0xfa, "70e20d", 0x6, 0x70}]}}}, 0x12)

[ 2345.799218][T15356] Bluetooth: hci8: ACL packet for unknown connection handle 1054
[ 2345.819052][T15356] Bluetooth: hci8: ACL packet for unknown connection handle 1054
13:51:54 executing program 3:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="25340709001700150000f82124c03571137d29e752dec414a737234d0623435b6aa7db98d4aa22ed1f04bb985ea0a0fd3459648ee0c619e20dabb2217db1de090f5b4d19591412350af8b3a0872e283231d4e21fc501098865c51afa895706cc16fc745fdd5a366d666df4cd6b7195e3e6924e0dc7760bb6a7f19efd40f48f749a5e8f36791b9bc515dbdf4048433c40daf1650724711f10af7cae0b9a66efb30d851fcf690f2bbedc27186d8a29ddc3f91ee62af6bdc3ae03e29952fe8550cfdad17b175a10079c3943091244ffaa3f0b6c896b2ad14ca5edae83091c49ff010c063cde7e15b9d5976e873df11cb77eb0adbec062daa676da33a584fe50228254b6de5684e0dd350603c5517792482dd432398edc64c60200f991debfb1a20698b37ec55ac5e88122b0e9c2f151c5f934f8f6771a98372b38a8868d038ff4b36de289813fac555cde82074d381946e342181211c758b854bcab87c000"], 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x81}, 0x2)
syz_emit_vhci(0xfffffffffffffffc, 0x0)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="25340709001700150000f82124c03571137d29e752dec414a737234d0623435b6aa7db98d4aa22ed1f04bb985ea0a0fd3459648ee0c619e20dabb2217db1de090f5b4d19591412350af8b3a0872e283231d4e21fc501098865c51afa895706cc16fc745fdd5a366d666df4cd6b7195e3e6924e0dc7760bb6a7f19efd40f48f749a5e8f36791b9bc515dbdf4048433c40daf1650724711f10af7cae0b9a66efb30d851fcf690f2bbedc27186d8a29ddc3f91ee62af6bdc3ae03e29952fe8550cfdad17b175a10079c3943091244ffaa3f0b6c896b2ad14ca5edae83091c49ff010c063cde7e15b9d5976e873df11cb77eb0adbec062daa676da33a584fe50228254b6de5684e0dd350603c5517792482dd432398edc64c60200f991debfb1a20698b37ec55ac5e88122b0e9c2f151c5f934f8f6771a98372b38a8868d038ff4b36de289813fac555cde82074d381946e342181211c758b854bcab87c000"], 0xa) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x81}, 0x2) (async)
syz_emit_vhci(0xfffffffffffffffc, 0x0) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)

13:51:54 executing program 3:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="25340709001700150000f82124c03571137d29e752dec414a737234d0623435b6aa7db98d4aa22ed1f04bb985ea0a0fd3459648ee0c619e20dabb2217db1de090f5b4d19591412350af8b3a0872e283231d4e21fc501098865c51afa895706cc16fc745fdd5a366d666df4cd6b7195e3e6924e0dc7760bb6a7f19efd40f48f749a5e8f36791b9bc515dbdf4048433c40daf1650724711f10af7cae0b9a66efb30d851fcf690f2bbedc27186d8a29ddc3f91ee62af6bdc3ae03e29952fe8550cfdad17b175a10079c3943091244ffaa3f0b6c896b2ad14ca5edae83091c49ff010c063cde7e15b9d5976e873df11cb77eb0adbec062daa676da33a584fe50228254b6de5684e0dd350603c5517792482dd432398edc64c60200f991debfb1a20698b37ec55ac5e88122b0e9c2f151c5f934f8f6771a98372b38a8868d038ff4b36de289813fac555cde82074d381946e342181211c758b854bcab87c000"], 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x81}, 0x2)
syz_emit_vhci(0xfffffffffffffffc, 0x0)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="25340709001700150000f82124c03571137d29e752dec414a737234d0623435b6aa7db98d4aa22ed1f04bb985ea0a0fd3459648ee0c619e20dabb2217db1de090f5b4d19591412350af8b3a0872e283231d4e21fc501098865c51afa895706cc16fc745fdd5a366d666df4cd6b7195e3e6924e0dc7760bb6a7f19efd40f48f749a5e8f36791b9bc515dbdf4048433c40daf1650724711f10af7cae0b9a66efb30d851fcf690f2bbedc27186d8a29ddc3f91ee62af6bdc3ae03e29952fe8550cfdad17b175a10079c3943091244ffaa3f0b6c896b2ad14ca5edae83091c49ff010c063cde7e15b9d5976e873df11cb77eb0adbec062daa676da33a584fe50228254b6de5684e0dd350603c5517792482dd432398edc64c60200f991debfb1a20698b37ec55ac5e88122b0e9c2f151c5f934f8f6771a98372b38a8868d038ff4b36de289813fac555cde82074d381946e342181211c758b854bcab87c000"], 0xa) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x81}, 0x2) (async)
syz_emit_vhci(0xfffffffffffffffc, 0x0) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)

13:51:54 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000050000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:54 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x2, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_req={{0x14, 0x8, 0xa}, {0x101, 0x3ff, 0x3, 0x59, 0x7ff}}}}, 0x17)

13:51:54 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x168)

13:51:54 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000060000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:54 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04010100000000000000"], 0xa)

13:51:54 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x2, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_req={{0x14, 0x8, 0xa}, {0x101, 0x3ff, 0x3, 0x59, 0x7ff}}}}, 0x17)

13:51:54 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[], 0x8)

[ 2345.976309][T15356] Bluetooth: hci8: ACL packet for unknown connection handle 1054
13:51:54 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[], 0x8)
syz_emit_vhci(&(0x7f0000000140)=ANY=[], 0x8) (async)

13:51:54 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x180)

13:51:54 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04010100000000000000"], 0xa)

13:51:54 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000070000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:54 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x2, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_req={{0x14, 0x8, 0xa}, {0x101, 0x3ff, 0x3, 0x59, 0x7ff}}}}, 0x17)

13:51:54 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[], 0x8)

13:51:54 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x198)

13:51:54 executing program 1:
signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0)
pselect6(0x40, &(0x7f0000000e40), 0x0, &(0x7f0000000ec0)={0x9}, 0x0, 0x0)
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0)
signalfd4(r0, &(0x7f00000003c0), 0x8, 0x0)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

13:51:54 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000080000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:54 executing program 4:
ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000000640)=0x8)
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x8100, 0x8)
r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='cgroup.stat\x00', 0x0, 0x0)
getsockopt$inet6_opts(r1, 0x29, 0x39, &(0x7f0000000080)=""/99, &(0x7f0000000100)=0x63)
syz_emit_vhci(&(0x7f0000000380)=ANY=[@ANYBLOB="040df3dab5d49f06aaac39994c876a1aff4651c61fdf5440a2f686c869a138f4a1a372f89767fbd5a1717430e5fa6ce7a790900a64b87550af5373dd1b06b5738dee2d06a75c8d424a8b19f34a197d0ba3d4dcbd7cdf634ced25334e05126e36a42df0eaebea3b698e33b50e1c55c7099475b1e2f4bc7c6345d71e56b14a07b490f6cc195a30d0bfec528ca33910f9990a921a84054021bb63109bbb49636acd42b1c56facebc0ab2847c84a36cad75105349b05c4998ea0ad538bec458c566151b8c361421904d28b0503e58295f8e2f9475c58cf40460e72e5e41de801c0a7e314344f633334cf4e21ce3825b5cf3d0ca30b80a97fe2d6f1b11315b5bef0eadc0fddccef1583c88156"], 0x8)
r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180), 0x80000, 0x0)
sendmsg$nl_crypto(r2, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000300)={&(0x7f0000000200)=ANY=[@ANYBLOB="f8000000120000ff25bd7000fedbdf25647262675f6e6f70725f73686132353600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000400000000000000000000080001000800000008000100ff0700000800010001000000"], 0xf8}, 0x1, 0x0, 0x0, 0x43887e8232f1967f}, 0x80002)
r3 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000140), 0x400000, 0x0)
write$binfmt_script(r3, &(0x7f00000004c0)={'#! ', './file0', [{0x20, '+\\'}, {0x20, '/dev/dlm_plock\x00'}, {0x20, '-&(^P-H({{-/('}, {0x20, '/dev/dlm_plock\x00'}, {0x20, 'cgroup.stat\x00'}, {0x20, 'cgroup.stat\x00'}], 0xa, "468532c0b4f6cd62f0c4b6aa5f1e1c06ba73d5db7e36154024556da0d458bb8cc6b11882e0de1f7578630a941a13a3263535419171446bc0ec82d9ec7f7a4f2185679c2b88b5c8377f5b20d2a769dde89aeac29f373a34dd8dbc20fe84d106deb02defdc5572207cae4bc29483c6c17f7446ca695836ac346189654cb3c22f6876f3b5a8943b0cfc8908741eb791321deb019a06aaef81cf1b64b6135ff4ea847fd6bd5c882a653bffe36a06b07519195faaa8f27aaf451d496d90d556afcddc5869e5b5176892a9bc93d22034599a10de962cd4567ae7faef2b9d0ce20a343547937437b43536c6b8f713722052fc56acf0a61c62b22d2e5b83dc12d8"}, 0x153)

13:51:54 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04010100000000000000"], 0xa)

13:51:54 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1b0)

13:51:54 executing program 4:
ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000000640)=0x8)
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x8100, 0x8)
r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='cgroup.stat\x00', 0x0, 0x0)
getsockopt$inet6_opts(r1, 0x29, 0x39, &(0x7f0000000080)=""/99, &(0x7f0000000100)=0x63)
syz_emit_vhci(&(0x7f0000000380)=ANY=[@ANYBLOB="040df3dab5d49f06aaac39994c876a1aff4651c61fdf5440a2f686c869a138f4a1a372f89767fbd5a1717430e5fa6ce7a790900a64b87550af5373dd1b06b5738dee2d06a75c8d424a8b19f34a197d0ba3d4dcbd7cdf634ced25334e05126e36a42df0eaebea3b698e33b50e1c55c7099475b1e2f4bc7c6345d71e56b14a07b490f6cc195a30d0bfec528ca33910f9990a921a84054021bb63109bbb49636acd42b1c56facebc0ab2847c84a36cad75105349b05c4998ea0ad538bec458c566151b8c361421904d28b0503e58295f8e2f9475c58cf40460e72e5e41de801c0a7e314344f633334cf4e21ce3825b5cf3d0ca30b80a97fe2d6f1b11315b5bef0eadc0fddccef1583c88156"], 0x8)
r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180), 0x80000, 0x0)
sendmsg$nl_crypto(r2, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000300)={&(0x7f0000000200)=ANY=[@ANYBLOB="f8000000120000ff25bd7000fedbdf25647262675f6e6f70725f73686132353600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000400000000000000000000080001000800000008000100ff0700000800010001000000"], 0xf8}, 0x1, 0x0, 0x0, 0x43887e8232f1967f}, 0x80002)
r3 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000140), 0x400000, 0x0)
write$binfmt_script(r3, &(0x7f00000004c0)={'#! ', './file0', [{0x20, '+\\'}, {0x20, '/dev/dlm_plock\x00'}, {0x20, '-&(^P-H({{-/('}, {0x20, '/dev/dlm_plock\x00'}, {0x20, 'cgroup.stat\x00'}, {0x20, 'cgroup.stat\x00'}], 0xa, "468532c0b4f6cd62f0c4b6aa5f1e1c06ba73d5db7e36154024556da0d458bb8cc6b11882e0de1f7578630a941a13a3263535419171446bc0ec82d9ec7f7a4f2185679c2b88b5c8377f5b20d2a769dde89aeac29f373a34dd8dbc20fe84d106deb02defdc5572207cae4bc29483c6c17f7446ca695836ac346189654cb3c22f6876f3b5a8943b0cfc8908741eb791321deb019a06aaef81cf1b64b6135ff4ea847fd6bd5c882a653bffe36a06b07519195faaa8f27aaf451d496d90d556afcddc5869e5b5176892a9bc93d22034599a10de962cd4567ae7faef2b9d0ce20a343547937437b43536c6b8f713722052fc56acf0a61c62b22d2e5b83dc12d8"}, 0x153)
ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000000640)=0x8) (async)
openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x8100, 0x8) (async)
openat$cgroup_ro(r0, &(0x7f0000000040)='cgroup.stat\x00', 0x0, 0x0) (async)
getsockopt$inet6_opts(r1, 0x29, 0x39, &(0x7f0000000080)=""/99, &(0x7f0000000100)=0x63) (async)
syz_emit_vhci(&(0x7f0000000380)=ANY=[@ANYBLOB="040df3dab5d49f06aaac39994c876a1aff4651c61fdf5440a2f686c869a138f4a1a372f89767fbd5a1717430e5fa6ce7a790900a64b87550af5373dd1b06b5738dee2d06a75c8d424a8b19f34a197d0ba3d4dcbd7cdf634ced25334e05126e36a42df0eaebea3b698e33b50e1c55c7099475b1e2f4bc7c6345d71e56b14a07b490f6cc195a30d0bfec528ca33910f9990a921a84054021bb63109bbb49636acd42b1c56facebc0ab2847c84a36cad75105349b05c4998ea0ad538bec458c566151b8c361421904d28b0503e58295f8e2f9475c58cf40460e72e5e41de801c0a7e314344f633334cf4e21ce3825b5cf3d0ca30b80a97fe2d6f1b11315b5bef0eadc0fddccef1583c88156"], 0x8) (async)
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180), 0x80000, 0x0) (async)
sendmsg$nl_crypto(r2, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000300)={&(0x7f0000000200)=ANY=[@ANYBLOB="f8000000120000ff25bd7000fedbdf25647262675f6e6f70725f73686132353600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000400000000000000000000080001000800000008000100ff0700000800010001000000"], 0xf8}, 0x1, 0x0, 0x0, 0x43887e8232f1967f}, 0x80002) (async)
openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000140), 0x400000, 0x0) (async)
write$binfmt_script(r3, &(0x7f00000004c0)={'#! ', './file0', [{0x20, '+\\'}, {0x20, '/dev/dlm_plock\x00'}, {0x20, '-&(^P-H({{-/('}, {0x20, '/dev/dlm_plock\x00'}, {0x20, 'cgroup.stat\x00'}, {0x20, 'cgroup.stat\x00'}], 0xa, "468532c0b4f6cd62f0c4b6aa5f1e1c06ba73d5db7e36154024556da0d458bb8cc6b11882e0de1f7578630a941a13a3263535419171446bc0ec82d9ec7f7a4f2185679c2b88b5c8377f5b20d2a769dde89aeac29f373a34dd8dbc20fe84d106deb02defdc5572207cae4bc29483c6c17f7446ca695836ac346189654cb3c22f6876f3b5a8943b0cfc8908741eb791321deb019a06aaef81cf1b64b6135ff4ea847fd6bd5c882a653bffe36a06b07519195faaa8f27aaf451d496d90d556afcddc5869e5b5176892a9bc93d22034599a10de962cd4567ae7faef2b9d0ce20a343547937437b43536c6b8f713722052fc56acf0a61c62b22d2e5b83dc12d8"}, 0x153) (async)

13:51:54 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000090000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:54 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)

13:51:54 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1c8)

13:51:54 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa) (async)

13:51:54 executing program 4:
ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000000640)=0x8) (async, rerun: 32)
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x8100, 0x8) (rerun: 32)
r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='cgroup.stat\x00', 0x0, 0x0)
getsockopt$inet6_opts(r1, 0x29, 0x39, &(0x7f0000000080)=""/99, &(0x7f0000000100)=0x63) (async)
syz_emit_vhci(&(0x7f0000000380)=ANY=[@ANYBLOB="040df3dab5d49f06aaac39994c876a1aff4651c61fdf5440a2f686c869a138f4a1a372f89767fbd5a1717430e5fa6ce7a790900a64b87550af5373dd1b06b5738dee2d06a75c8d424a8b19f34a197d0ba3d4dcbd7cdf634ced25334e05126e36a42df0eaebea3b698e33b50e1c55c7099475b1e2f4bc7c6345d71e56b14a07b490f6cc195a30d0bfec528ca33910f9990a921a84054021bb63109bbb49636acd42b1c56facebc0ab2847c84a36cad75105349b05c4998ea0ad538bec458c566151b8c361421904d28b0503e58295f8e2f9475c58cf40460e72e5e41de801c0a7e314344f633334cf4e21ce3825b5cf3d0ca30b80a97fe2d6f1b11315b5bef0eadc0fddccef1583c88156"], 0x8) (async)
r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180), 0x80000, 0x0)
sendmsg$nl_crypto(r2, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000300)={&(0x7f0000000200)=ANY=[@ANYBLOB="f8000000120000ff25bd7000fedbdf25647262675f6e6f70725f73686132353600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000400000000000000000000080001000800000008000100ff0700000800010001000000"], 0xf8}, 0x1, 0x0, 0x0, 0x43887e8232f1967f}, 0x80002) (async, rerun: 32)
r3 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000140), 0x400000, 0x0) (rerun: 32)
write$binfmt_script(r3, &(0x7f00000004c0)={'#! ', './file0', [{0x20, '+\\'}, {0x20, '/dev/dlm_plock\x00'}, {0x20, '-&(^P-H({{-/('}, {0x20, '/dev/dlm_plock\x00'}, {0x20, 'cgroup.stat\x00'}, {0x20, 'cgroup.stat\x00'}], 0xa, "468532c0b4f6cd62f0c4b6aa5f1e1c06ba73d5db7e36154024556da0d458bb8cc6b11882e0de1f7578630a941a13a3263535419171446bc0ec82d9ec7f7a4f2185679c2b88b5c8377f5b20d2a769dde89aeac29f373a34dd8dbc20fe84d106deb02defdc5572207cae4bc29483c6c17f7446ca695836ac346189654cb3c22f6876f3b5a8943b0cfc8908741eb791321deb019a06aaef81cf1b64b6135ff4ea847fd6bd5c882a653bffe36a06b07519195faaa8f27aaf451d496d90d556afcddc5869e5b5176892a9bc93d22034599a10de962cd4567ae7faef2b9d0ce20a343547937437b43536c6b8f713722052fc56acf0a61c62b22d2e5b83dc12d8"}, 0x153)

13:51:54 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000000a0000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:55 executing program 1:
signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0) (async)
pselect6(0x40, &(0x7f0000000e40), 0x0, &(0x7f0000000ec0)={0x9}, 0x0, 0x0) (async)
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0)
signalfd4(r0, &(0x7f00000003c0), 0x8, 0x0) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

13:51:55 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1e0)

13:51:55 executing program 4:
io_uring_register$IORING_REGISTER_PROBE(0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x0, 0x0, 0x0, '\x00', [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}]}, 0x22)
syz_emit_vhci(&(0x7f0000000140)=ANY=[], 0x8)
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0x38)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xba}, "08907218aca25d6932a231d58cdf470084cc7908d0cdd78021ea66811ae5594bff3388f432597d7b6a1917f8f08cd4de3367c230b529f096e7fc3e3471471e69910cf48a6261725a017f1b3ed01e77ba52f3126f1327b3ff690756566488c1497afeeb459a6d1ec896d57d9d0b49a6f6f30d0d927c501b7aa2a7b93950fece4f47c008422de845b6a79592b921904ce3c038bbbe8cdec3c18014d39f41d2ace95d56a9eaff613014ff9ad193f7dbc2899770316e57aee7fc88b0"}, 0xbe)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_host_features={{0x3d, 0xe}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, "44d296b510340b7d"}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x3, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_req={{0x14, 0x0, 0xa}, {0x6, 0x1f, 0x8000, 0x4, 0x3f}}}}, 0x17)
syz_emit_vhci(&(0x7f00000002c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x0, 0xa}, {0x0, 0x7f, 0x3ff, 0xe5, 0x8}}}}, 0x17)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_move_chan_cfm={{0x10, 0x7, 0x4}, {0xfc01, 0x1}}]}}, 0x11)

13:51:55 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000000c0000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:55 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)

13:51:55 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB], 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xfe}, "3b96d7fe68e0c6e8265fc4f1040e87e5ffb053f8c4d2f3d6d334957a855d4b555de29df1afe8d8740f614d0b3fa96783cbc6b2d87414cec19a20177677716d9ed92408e8f8f84983f3eb79fbe42745b754a0b350d4ed6fab72af3c882402383943bbe272fe0a0ced6d179a7450bd2dadc36073937b57c7d6be51fddba3ca5137248eb13c8df861e95f0103af994cf0179bdbcea83eb5d16edfe153095ba505d68762efcac7865d9f21e33c330346d4aa6f67f9b589150f16a1c671622a62a1e08292caa935955b20f648a6ad6109a5be622f52a7bd41dd412c75ec1fe813a080f16fac0dad8c464bd5a6f05dd80d0e6fbbb3e58b7657340672f3bb4fa264"}, 0x102)

13:51:55 executing program 4:
io_uring_register$IORING_REGISTER_PROBE(0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x0, 0x0, 0x0, '\x00', [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}]}, 0x22) (async)
syz_emit_vhci(&(0x7f0000000140)=ANY=[], 0x8) (async)
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0x38) (async)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xba}, "08907218aca25d6932a231d58cdf470084cc7908d0cdd78021ea66811ae5594bff3388f432597d7b6a1917f8f08cd4de3367c230b529f096e7fc3e3471471e69910cf48a6261725a017f1b3ed01e77ba52f3126f1327b3ff690756566488c1497afeeb459a6d1ec896d57d9d0b49a6f6f30d0d927c501b7aa2a7b93950fece4f47c008422de845b6a79592b921904ce3c038bbbe8cdec3c18014d39f41d2ace95d56a9eaff613014ff9ad193f7dbc2899770316e57aee7fc88b0"}, 0xbe) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_host_features={{0x3d, 0xe}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, "44d296b510340b7d"}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x3, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_req={{0x14, 0x0, 0xa}, {0x6, 0x1f, 0x8000, 0x4, 0x3f}}}}, 0x17) (async)
syz_emit_vhci(&(0x7f00000002c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x0, 0xa}, {0x0, 0x7f, 0x3ff, 0xe5, 0x8}}}}, 0x17) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_move_chan_cfm={{0x10, 0x7, 0x4}, {0xfc01, 0x1}}]}}, 0x11)

13:51:55 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1f8)

13:51:55 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000000e0000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2347.087642][T15356] Bluetooth: Unexpected continuation frame (len 12)
13:51:55 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x210)

13:51:55 executing program 4:
io_uring_register$IORING_REGISTER_PROBE(0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x0, 0x0, 0x0, '\x00', [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}]}, 0x22) (async)
syz_emit_vhci(&(0x7f0000000140)=ANY=[], 0x8) (async)
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0x38) (async)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xba}, "08907218aca25d6932a231d58cdf470084cc7908d0cdd78021ea66811ae5594bff3388f432597d7b6a1917f8f08cd4de3367c230b529f096e7fc3e3471471e69910cf48a6261725a017f1b3ed01e77ba52f3126f1327b3ff690756566488c1497afeeb459a6d1ec896d57d9d0b49a6f6f30d0d927c501b7aa2a7b93950fece4f47c008422de845b6a79592b921904ce3c038bbbe8cdec3c18014d39f41d2ace95d56a9eaff613014ff9ad193f7dbc2899770316e57aee7fc88b0"}, 0xbe)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_host_features={{0x3d, 0xe}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, "44d296b510340b7d"}}}, 0x11) (async)
syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x3, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_req={{0x14, 0x0, 0xa}, {0x6, 0x1f, 0x8000, 0x4, 0x3f}}}}, 0x17) (async)
syz_emit_vhci(&(0x7f00000002c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x0, 0xa}, {0x0, 0x7f, 0x3ff, 0xe5, 0x8}}}}, 0x17) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_move_chan_cfm={{0x10, 0x7, 0x4}, {0xfc01, 0x1}}]}}, 0x11)

13:51:55 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB], 0xa) (async, rerun: 32)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2) (async, rerun: 32)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xfe}, "3b96d7fe68e0c6e8265fc4f1040e87e5ffb053f8c4d2f3d6d334957a855d4b555de29df1afe8d8740f614d0b3fa96783cbc6b2d87414cec19a20177677716d9ed92408e8f8f84983f3eb79fbe42745b754a0b350d4ed6fab72af3c882402383943bbe272fe0a0ced6d179a7450bd2dadc36073937b57c7d6be51fddba3ca5137248eb13c8df861e95f0103af994cf0179bdbcea83eb5d16edfe153095ba505d68762efcac7865d9f21e33c330346d4aa6f67f9b589150f16a1c671622a62a1e08292caa935955b20f648a6ad6109a5be622f52a7bd41dd412c75ec1fe813a080f16fac0dad8c464bd5a6f05dd80d0e6fbbb3e58b7657340672f3bb4fa264"}, 0x102)

13:51:56 executing program 1:
signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0)
pselect6(0x40, &(0x7f0000000e40), 0x0, &(0x7f0000000ec0)={0x9}, 0x0, 0x0) (async)
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0)
signalfd4(r0, &(0x7f00000003c0), 0x8, 0x0) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

13:51:56 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000000f0000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:56 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x228)

13:51:56 executing program 4:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862945)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYRESHEX=r0], 0x8)
r1 = creat(&(0x7f0000000000)='./file0\x00', 0x184)
read$char_usb(r1, &(0x7f0000000100)=""/120, 0x78)

13:51:56 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB], 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xfe}, "3b96d7fe68e0c6e8265fc4f1040e87e5ffb053f8c4d2f3d6d334957a855d4b555de29df1afe8d8740f614d0b3fa96783cbc6b2d87414cec19a20177677716d9ed92408e8f8f84983f3eb79fbe42745b754a0b350d4ed6fab72af3c882402383943bbe272fe0a0ced6d179a7450bd2dadc36073937b57c7d6be51fddba3ca5137248eb13c8df861e95f0103af994cf0179bdbcea83eb5d16edfe153095ba505d68762efcac7865d9f21e33c330346d4aa6f67f9b589150f16a1c671622a62a1e08292caa935955b20f648a6ad6109a5be622f52a7bd41dd412c75ec1fe813a080f16fac0dad8c464bd5a6f05dd80d0e6fbbb3e58b7657340672f3bb4fa264"}, 0x102)

13:51:56 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000100000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:56 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x240)

13:51:56 executing program 4:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862945)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800) (async)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYRESHEX=r0], 0x8)
r1 = creat(&(0x7f0000000000)='./file0\x00', 0x184)
read$char_usb(r1, &(0x7f0000000100)=""/120, 0x78)

13:51:56 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_pkt_type_change={{0x1d, 0x5}, {0x7, 0x192, 0x3}}}, 0x8)

13:51:56 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000240000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:56 executing program 4:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862945)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800) (async)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYRESHEX=r0], 0x8) (async)
r1 = creat(&(0x7f0000000000)='./file0\x00', 0x184)
read$char_usb(r1, &(0x7f0000000100)=""/120, 0x78)

13:51:56 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x258)

13:51:57 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

13:51:57 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000260000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:57 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_pkt_type_change={{0x1d, 0x5}, {0x7, 0x192, 0x3}}}, 0x8)

13:51:57 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x270)

13:51:57 executing program 4:
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000000)={<r0=>0x0, 0x7ff, 0x0, 0x7, 0x9}, &(0x7f0000000040)=0x18)
r1 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r1, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010)
r2 = socket(0x10, 0x2, 0x0)
write(r2, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32)
recvmmsg(r2, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000000000e5bb08000500d1d847b8a75dfa4a72388854792fed917a0e1c510f39595ebca9972ddc8c3f38e1e8c5b98bd1d904a6542278186b6883a1f8e9116fcad6417963df23", @ANYRES32=r5, @ANYBLOB], 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(r2, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r1}, @GTPA_LINK={0x8, 0x1, r5}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000080)={<r6=>r0, 0x3b6}, &(0x7f00000000c0)=0x8)
setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r2, 0x84, 0x5, &(0x7f0000000180)={r6, @in6={{0xa, 0x4e23, 0x7e0e3277, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x800}}}, 0x84)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)

13:51:57 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

13:51:57 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000280000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:57 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x288)

13:51:57 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_pkt_type_change={{0x1d, 0x5}, {0x7, 0x192, 0x3}}}, 0x8)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_pkt_type_change={{0x1d, 0x5}, {0x7, 0x192, 0x3}}}, 0x8) (async)

13:51:57 executing program 4:
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000000)={<r0=>0x0, 0x7ff, 0x0, 0x7, 0x9}, &(0x7f0000000040)=0x18)
r1 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r1, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010)
r2 = socket(0x10, 0x2, 0x0)
write(r2, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32) (async)
recvmmsg(r2, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000000000e5bb08000500d1d847b8a75dfa4a72388854792fed917a0e1c510f39595ebca9972ddc8c3f38e1e8c5b98bd1d904a6542278186b6883a1f8e9116fcad6417963df23", @ANYRES32=r5, @ANYBLOB], 0x34}}, 0x0) (async, rerun: 32)
sendmsg$GTP_CMD_GETPDP(r2, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r1}, @GTPA_LINK={0x8, 0x1, r5}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10) (async, rerun: 32)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000080)={<r6=>r0, 0x3b6}, &(0x7f00000000c0)=0x8)
setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r2, 0x84, 0x5, &(0x7f0000000180)={r6, @in6={{0xa, 0x4e23, 0x7e0e3277, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x800}}}, 0x84) (async)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)

13:51:57 executing program 3:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES64=r0], 0xa)

13:51:57 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000600000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:57 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

13:51:57 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x2a0)

13:51:57 executing program 3:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES64=r0], 0xa)
syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01) (async)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800) (async)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES64=r0], 0xa) (async)

13:51:57 executing program 1:
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="02c8100a00060005001307020faf0000007e52b1977cfa85ce0c8569238316268761673389a8e5a2663075053999b84349117ab8569c5adac0e5e98b7bf681133a849919a0ff23242038f103030ea8c2ff0f000069063c3636b81ae117e3c4463f15ca0509cdd79f8d05d72e8fa9070046f0da3bb4e4fb6e78351726fc06fd6291feef3d3666b20fdf3ecf9b784cb66b1350004df02ae8fc481fe27a0fda51633eae414971a3901558751c96919082be8b2a2b04475590d7958ee6fdf47483d318cdccc7124bfd"], 0xf)

13:51:57 executing program 4:
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000000)={<r0=>0x0, 0x7ff, 0x0, 0x7, 0x9}, &(0x7f0000000040)=0x18)
r1 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r1, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010)
r2 = socket(0x10, 0x2, 0x0)
write(r2, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32)
recvmmsg(r2, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000000000e5bb08000500d1d847b8a75dfa4a72388854792fed917a0e1c510f39595ebca9972ddc8c3f38e1e8c5b98bd1d904a6542278186b6883a1f8e9116fcad6417963df23", @ANYRES32=r5, @ANYBLOB], 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(r2, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r1}, @GTPA_LINK={0x8, 0x1, r5}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000080)={<r6=>r0, 0x3b6}, &(0x7f00000000c0)=0x8)
setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r2, 0x84, 0x5, &(0x7f0000000180)={r6, @in6={{0xa, 0x4e23, 0x7e0e3277, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x800}}}, 0x84)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000000)={0x0, 0x7ff, 0x0, 0x7, 0x9}, &(0x7f0000000040)=0x18) (async)
syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200) (async)
sendmsg$nl_route(r1, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010) (async)
socket(0x10, 0x2, 0x0) (async)
write(r2, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32) (async)
recvmmsg(r2, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$packet(0x11, 0x3, 0x300) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) (async)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe80000000000000000000000000e5bb08000500d1d847b8a75dfa4a72388854792fed917a0e1c510f39595ebca9972ddc8c3f38e1e8c5b98bd1d904a6542278186b6883a1f8e9116fcad6417963df23", @ANYRES32=r5, @ANYBLOB], 0x34}}, 0x0) (async)
sendmsg$GTP_CMD_GETPDP(r2, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r1}, @GTPA_LINK={0x8, 0x1, r5}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10) (async)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000080)={r0, 0x3b6}, &(0x7f00000000c0)=0x8) (async)
setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r2, 0x84, 0x5, &(0x7f0000000180)={r6, @in6={{0xa, 0x4e23, 0x7e0e3277, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x800}}}, 0x84) (async)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (async)

13:51:57 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000870000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:57 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x2b8)

13:51:57 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x2d0)

13:51:57 executing program 1:
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="02c8100a00060005001307020faf0000007e52b1977cfa85ce0c8569238316268761673389a8e5a2663075053999b84349117ab8569c5adac0e5e98b7bf681133a849919a0ff23242038f103030ea8c2ff0f000069063c3636b81ae117e3c4463f15ca0509cdd79f8d05d72e8fa9070046f0da3bb4e4fb6e78351726fc06fd6291feef3d3666b20fdf3ecf9b784cb66b1350004df02ae8fc481fe27a0fda51633eae414971a3901558751c96919082be8b2a2b04475590d7958ee6fdf47483d318cdccc7124bfd"], 0xf)

13:51:57 executing program 3:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES64=r0], 0xa)
syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01) (async)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800) (async)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES64=r0], 0xa) (async)

13:51:57 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000bd0000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:57 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x2e8)

13:51:57 executing program 1:
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="02c8100a00060005001307020faf0000007e52b1977cfa85ce0c8569238316268761673389a8e5a2663075053999b84349117ab8569c5adac0e5e98b7bf681133a849919a0ff23242038f103030ea8c2ff0f000069063c3636b81ae117e3c4463f15ca0509cdd79f8d05d72e8fa9070046f0da3bb4e4fb6e78351726fc06fd6291feef3d3666b20fdf3ecf9b784cb66b1350004df02ae8fc481fe27a0fda51633eae414971a3901558751c96919082be8b2a2b04475590d7958ee6fdf47483d318cdccc7124bfd"], 0xf)

13:51:57 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xdf}, "d6e7fdc2f18b7c328139d14fe91d00afc6caa39000853faaa7b69695fe80ce6625842a2cdba9acf38f8f7aead5985445eee5f73b250d627b4868e07488a42125d774cfb956b3694ba459242b241db5a926f10ee10031e9fdb74641efbb8d243f34ce762e0ab08c8b2946f04b22fc9d29baa4e2c3cd8b850386e3c8dc405b21b3e4b0e203c3f5d1672b4fdf567ba47f927339fdc3f34f007ffeb88dfc720538712bb33123eb94510499ad36b5118310c7d421899a16b27c6eb14bb21ac4b461f235726dddc17db2f421e64068900955684e3059780ea0d4fb58aa6f0601e318"}, 0xe3)

13:51:57 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000cb0000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:57 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x1}}}, 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x3, 0x64}, @l2cap_cid_signaling={{0x60}, [@l2cap_create_chan_rsp={{0xd, 0xc2, 0x8}, {0x7, 0xbe0, 0xff, 0xfb30}}, @l2cap_disconn_req={{0x6, 0x8, 0x4}, {0x3ea9, 0x3ff}}, @l2cap_conf_rsp={{0x5, 0x3, 0x42}, {0x6, 0x0, 0x6, [@l2cap_conf_mtu={0x1, 0x2, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x4, 0x1, 0x26, 0x2, 0x8001, 0x9}}, @l2cap_conf_rfc={0x4, 0x9, {0x2, 0x8e, 0x40, 0x7, 0x0, 0x2}}, @l2cap_conf_flushto={0x2, 0x2, 0x1f}, @l2cap_conf_efs={0x6, 0x10, {0x1, 0x3, 0x5, 0x80000001, 0x6, 0x2}}, @l2cap_conf_flushto={0x2, 0x2, 0x3e17}, @l2cap_conf_ews={0x7, 0x2, 0x7d}, @l2cap_conf_mtu={0x1, 0x2, 0x8}]}}, @l2cap_info_req={{0xa, 0x20, 0x2}, {0x118}}]}}, 0x69)

13:51:57 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x300)

13:51:57 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xdf}, "d6e7fdc2f18b7c328139d14fe91d00afc6caa39000853faaa7b69695fe80ce6625842a2cdba9acf38f8f7aead5985445eee5f73b250d627b4868e07488a42125d774cfb956b3694ba459242b241db5a926f10ee10031e9fdb74641efbb8d243f34ce762e0ab08c8b2946f04b22fc9d29baa4e2c3cd8b850386e3c8dc405b21b3e4b0e203c3f5d1672b4fdf567ba47f927339fdc3f34f007ffeb88dfc720538712bb33123eb94510499ad36b5118310c7d421899a16b27c6eb14bb21ac4b461f235726dddc17db2f421e64068900955684e3059780ea0d4fb58aa6f0601e318"}, 0xe3)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xdf}, "d6e7fdc2f18b7c328139d14fe91d00afc6caa39000853faaa7b69695fe80ce6625842a2cdba9acf38f8f7aead5985445eee5f73b250d627b4868e07488a42125d774cfb956b3694ba459242b241db5a926f10ee10031e9fdb74641efbb8d243f34ce762e0ab08c8b2946f04b22fc9d29baa4e2c3cd8b850386e3c8dc405b21b3e4b0e203c3f5d1672b4fdf567ba47f927339fdc3f34f007ffeb88dfc720538712bb33123eb94510499ad36b5118310c7d421899a16b27c6eb14bb21ac4b461f235726dddc17db2f421e64068900955684e3059780ea0d4fb58aa6f0601e318"}, 0xe3) (async)

13:51:57 executing program 3:
r0 = socket$l2tp6(0xa, 0x2, 0x73)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r0, 0x84009422, &(0x7f0000000040)={0x0, 0x0, {0x0, @usage, <r1=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, <r2=>0x0}, {0x0, @struct, <r3=>0x0}})
ioctl$BTRFS_IOC_BALANCE_V2(r0, 0xc4009420, &(0x7f0000000440)={0x4, 0x3, {0x6, @usage=0x101, <r4=>r1, 0x10000, 0xfffffffeffffffff, 0xfffffffffffffffc, 0x80000001, 0x8, 0x15, @struct={0xffffffc1, 0x10001}, 0x9, 0x8, [0x1ff, 0x2, 0x7fffffffffffffff, 0xe505, 0x1ca, 0x2]}, {0x6a19, @struct={0x0, 0xfffffffa}, r2, 0xfffffffffffff7fd, 0x7, 0x4, 0x3, 0x6, 0x43, @struct={0x3, 0x800}, 0xfff, 0x1, [0x1, 0x8001, 0xffffffffffffffff, 0x1, 0x800, 0xfffffffffffffffb]}, {0x9, @struct={0x58e}, r1, 0xe91, 0x8, 0x1000, 0x401, 0x8000000000000000, 0x0, @usage=0xffffffffffffffff, 0x3, 0x8000, [0x8000, 0x8000000000000001, 0x6, 0x2, 0x0, 0xfffffffffffffff8]}, {0x1, 0xd8e}})
r5 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r5, &(0x7f0000000040)="e2", 0x1800)
ioctl$BTRFS_IOC_SCRUB(0xffffffffffffffff, 0xc400941b, &(0x7f0000000840)={<r6=>r4, 0x1, 0x4})
ioctl$BTRFS_IOC_SCRUB(r0, 0xc400941b, &(0x7f0000000c40)={<r7=>r4, 0x5, 0x1f, 0x1})
ioctl$BTRFS_IOC_DEV_INFO(r0, 0xd000941e, &(0x7f0000001040)={<r8=>r3, "345ad7aebf9ae0c39a996bf4b8cafd78"})
ioctl$BTRFS_IOC_BALANCE_V2(r5, 0xc4009420, &(0x7f0000002040)={0x9, 0x2, {0x6, @usage=0x8, r6, 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x2, 0x45, @struct={0x0, 0x1ff}, 0x7fff, 0x9, [0x9, 0x7d64e963, 0x74a8c7f, 0x9, 0x3f, 0x2]}, {0x82e075c, @usage=0x401, r7, 0x0, 0x100000000, 0x4f1f, 0xa623, 0x3, 0x40, @struct={0x800000, 0x100}, 0xffff, 0xcb, [0x6, 0x1f, 0xe7, 0x1ab5, 0x1, 0x80]}, {0x100000001, @struct={0xfff, 0x1}, r8, 0x1, 0x3ff, 0x4, 0x3, 0xfffffffffffffc01, 0x30, @usage=0xfffffffffffffff9, 0x4, 0x101, [0x7, 0x9, 0x9, 0x8000000000000001, 0x2, 0x1]}, {0x7, 0x0, 0x2d1befc3}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010)
r9 = socket(0x10, 0x2, 0x0)
write(r9, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r11, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r12=>0x0})
sendmsg$nl_route(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r12}]}, 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(r9, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8}, @GTPA_LINK={0x8, 0x1, r12}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000003700)={&(0x7f0000002440)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000036c0)={&(0x7f0000002480)={0x1234, 0x13, 0xe24, 0x594, 0x25dfdbff, {0x16}, [@nested={0x106, 0x2a, 0x0, 0x1, [@typed={0x8, 0x1d, 0x0, 0x0, @uid=0xffffffffffffffff}, @generic="da72ac2bf2171898e52c3ab10fdca7df2aa43e01076cca5d83ee920c9b43d6417f4cb96bd9244f23a474e991fdf4b96b44b3eb2799f6fd0c1d12abe64562a4dd854cbd340b680712cf391f27de520b1d8f5c0ef2b3c924360f8ef22902bb615fbe2add0abf67ab2ff0c1a72d532b19f66ee025d12a1772a7a7903cba6514f2200ff53e23c9c19a52df5c5a229b0a90c8aba175a53906f9b929409d5a3048729ff12384ed4f17c2448a322e22a9440b7ca3f9961b62c96a23e820788a921199712325306e6ea68816f0f434fab4981422fce4cfd7f8b3376702dea0b6d748e75b4732eea2891bc8750d9b23ea472f7fa87c199bfa9a136be370c6"]}, @generic="9a8f943a15e3be50cd211f635280b2096051ab278ba7c40f2d51ad95f7d62ed96310de8c", @typed={0x4, 0x36}, @nested={0x10ed, 0x4b, 0x0, 0x1, [@generic="f4c48c290c9e8b2bcde5482a80bca98c3bc3f853d05e314f46fd60a62b8b00b9b0e92409fbaeac298ed458a40da05b82e4e35d0218310de952d9b06c988347891754a1d5b0a1dd", @typed={0x14, 0x82, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @broadcast}}, @typed={0xc, 0x71, 0x0, 0x0, @u64=0x9}, @typed={0x4, 0x13}, @generic="66c1760abd6e55281056e5f3906578ff5c4111ce2e9e74add9852809f4070d57c37caf7b6f45d1df7a6c8681d920357723fccf0aac06ceab5cdfa59b1d7021d2d0520e41e10cdaabe17002cbc316e4a71d4040ac8586ce58a2f9f96aa9cf11bc0d8fc3ca629a851836aa0f6bff9506b1c317dcf066372c61b45cae92bc407cb1dcb567896ba2aefba6ad5e5ebb9ecaee0bf547bff42ff729e4c36a2f46e61da82fac52c18cd646f348369d6b00fb504868dee28de1dc9add619014c848fdb619f3ec5847371a3c9e582663a9bb830a3238767d245529803b42839955c0d73bd4f4cf66990aa441e0d7c920f4995e084b498deb81ba433a3409fb423382f2b4ad24beaa209690283da2733db367ce7c319195b237b1ebc1814107c4c618618f8f7204e8a10ae803889ff9951d4818d0cef2155c0cd691e1dc6f421728f77e593b70dc260fa70636161dfcd1c91f0abf389414dc416f04b51eb65d14fc62de79ad11402961250f19dff2131d1e9b183db8442480b8fe5d4f1d2c59a6f43ad68eb9e82a1abb901c0e75490fa4e1805ec9987951c303ac55e9de7a4e2a77fab639de5aef650e92d1f50ab8085ef9c481fb01667f7a74e0f029c6a65197ef162787f70c780b333a76d4700b3af424a7d49f85e6728da52838de3604593308bb89ecd5a4e879788030717400cfaca5f34c0308b93cfae656b4307da4cf1df153caae4e48a934170cbbfdeb1e2d053de12f1c43827d62b8c0f1120d21ff7555e475b7cf0b41024abaf874d9d5e3dd7568f65853d8f964a69e881bef2447d5bf1a2b5a4aea3ab17868b98fbf8f45b6182adc7ee0d702808d362a474a95a5869586eaf025fa0b1f9aafc52cc6749c51a461daded5ef230e580099bcf3651a1d1125a86f0135f49feffdd03cc98ab3da80156f4eb1b6b735c6c15fc76b55eeabc151a1309aea8893a4108600cb4e7d1aed8ede5d561e9b9beb95602a9804b17307c9d53d09902a4adc0e65085f71b6bd97851cd94a0fe968716b67d888ccbaccb06424867c3a4dfcf847d63384e462b8efa68578f8cbeba76da8785955386afff38b10f433b50cfd87bd9ca779b3423a1deda313172c2b3615f3a7985e7b32f64e3b9748102fdac49ad2fc906b3484a930d9efa8f045886557743b34b75c6f389e4da4cb4d233f936e4adf69f2b9453c6f1e2277a3d8d5bb6cbba2ee99bad179380bdf89a29e8222161d5f68e9bdd259ee63021b82bbac42d08571466ecd39636a05f16a50dad7c5194103225cedfa376629f676611791017680dfadab0ca1dcd2ff6eabbe8eddc7ddcdf876e56726b7cbcc11dac5afc7c902a9c5a5b72962797ccb078c6f9748fdc0faaf3f1cac21d00e1f078e822d10e2483a5d8335b818aaf76d13d6c17529a5f98e7adc2198719b4c0e2ebcffcdfd50a84e31b5add30edab2a6df63d3e731f9393f9d83125d9764c37587115bb32f80de77e6624ecb4b315145749b208f385f708cc817a4996f569e23da1d2e83bd7fecd2b13294c5688c65bac5c54cd8be01e687e5b0348609142bea50ac858a1e25e9237b5d0dc2d7368f3acc71c04d0cecc827b98d0cc6c00f5a6828220c1f013ae3082f6c8ae933283e631bd127c3bef7fdc9fa4a1c51aaaecc615e45424a3e7e63a25cf346a4c3ba52918341609bc809692f109e3cf1c3ba07ae7d4f83c10e6afe0714430b8beebb3db5bd37d4d0ce6278c8d58c19547a06db56aadd7b92a6a0fd5ab7a2a436c932f6b68e08c376cd00df1876270de99398c067bbc58c79abf0665856e631104332edee3fc8a78861a2602f4efc032bedfb68910336826e821c8f99693687c3d19e2d98b290a285fd0c8e438046d40488e2b66e1ebfaa09f8aacbd86550e45f6520bbc2a957577c7fb6c6c3053517f77d5833ea32bd9037802ca95fe13be99f85fda03cdf83629188a5e285cbf4114ffcf424324de49eeb8422e070c018093ebd0e4af2b03852e6e49c0cdf989aa10e9264012d0b0c17b029156b39feb1a78b8948fb702cac6981ddadc9430b4fad8ce032d874082719365734c50b1da9590e6afcc5e6381fee05e425875d70fe01dee4dc1f40d13ff381139fe7e90e435a53b7e40ccdc0fbb75357bfe1017c148f9f6e2f5cec2cef1f54774381bfc52234afc666972f137a536a4188bd5fcf3c4e58c70ffefec804786f51634b26d5062566a56ac76f1d73cdcb6b43173ed986e2a894dfbd342634beb3674546ecc6b6feecaf7f50ca44df34d3aef23945b486e856fbb22fe97fa92555cc2804f778b30925d12ffe134e05a4c131b96b47e2f39980034872274e3b369111661dc9e819bf5c814e3998cd6d74d64bf5aea88865b179955b31250fdfbb0f66d06ebd122c5f099bf71ec6f257e5d6b1109d51ea3337b1a0b5334b1cb23687a7c7d044a0191184c36f6ca5e6c8752523205c7e992a701a1dc564ed08443ff03fc72db6cafae73406223f3b11f803b1781169e2342b95040183456a130345f6d1ba623ef4c3b85259c0c1e02d8d8be85ee072915e0214f769cd15157e963c62d43f8fd1a2dac73c1405c4bc359dd546d1c92b21b2ef5a9f6d80c0714c9805736b699dcee07ebcacdb8a964c3deaab8bb3475ebc14d49f92846fe70c90d159e0c4154b8f2be6972c89e8a06eb2263186f82d5853f37cdef6203ac00249d17427ddc053d57e69b76a1e31e125b8f1c0349ea0aa9d0fbc1e473e38bc575777776c8016cd13f96dc51799501eda7c675b3bc52c9474f32924dd62cee25184838f65025b6f7f8cd3d2bdae40f213cf7f43bf2c8a4d9b39b2690e79e7a2ba8984b4f94704901d97a2682e2867b815265a2b238c4ca6c6516c087a9808504b4829a82dc7e34b6793dcb61f4dfcf472167c8523a39afe6e8da25098853235ca0747c4e21c23ec903bb7107ff42fb34d356d9c20875b9d00cfa3b8ab18334596fb281ee9e6b9b33a650c421283794e816c04eb5d334c6a1ae3701d2bdc3777c23b5d3f23ce340624df488366f81c9ffb87e33b9a6881751acb7a3e5f3b87e769732a9582ea44542d5a18e38460e8aade75179ce06bf4ff2c5b60124c49dc65075a77a42779e48c70530ea9cec78e0200378c4b255fb95c829ae2c3c0c9c9399d83a2bd2863ca240d27fc4ef50d60e231572944c11e6ea351732553d6052168404e06115525495336b5f90eea5cb27f6f28fd5b00eff6ad1883491bfe8a5a8dc7f4e26a91f4fb0ab9f3b175a471b7cf43a32dff5a3d6435359bcb8d56d4814810244d032ceb74de9e879f261307f2d71b927d6de70278a285baacd12d44581dbc92745edce7b51268fab7d8bfce586f578ffeda97fa4f9be865fa114396c9e36185b2fabd17958b5ede9bc277eb9d17a550c6459d0441c66427f340ed330e311d92c3460fdaf85317f593b6526400431c074871674c1665071cb5b850042159f6777a8a084909c3dfaa180dedd6df28a3f20502586ed8a1a145f3a02e3eaf9b93d2906c0f3baa498868310e4ca96a37ebc4b528b556bb1e188a06f36f2fce632b03cc512182724422bb2b8f7207e64620310f3aaff5cfe763f3d4414d23180ad7e79f6adc16bc0aa6854860b54ea835092e4f1d30be886ffde2178ed872540953c6329202b6ade4c2086e883c96c7951890680c2fb638101850f1ad9ffaa9ac61a04777b4eb92963a2823dafa95fc6d4317bd97ea288e7c64d4033170c71ea3b780382ca17b46b72fc41c195f408a3cfadd0ad59e57160318012e3448a921671fec14a961c1f0d2011c3772351ce75b668b2ee3ce6b78f822bbae3ece86aa963f45263257200050cb135ec83cca53a3c5fb62d7be55b323a650c843e9244da264003129d18c75fd80eac859994addaa22760e2bd491b0c51502a79149d490d4ab15593712f9aae878316d8a5357daacd842a0acbc16819ea083cd77d94f6deea098d636b49382403b719ca208dc2619426433c5c996733ea48848092a7e8746b9abeb7880fae29697fa310d9b385486607c0af4b1705aff57e75c448e5dff08e41ea1bd31790a6ec5115fdb09527a19d45ffb4766ab99aa19834421645522c46225814f8ce532476f154aa7a328966146e57f936906b07b52fa5173eee0889b6147e037c01236b48bb727413c3a813dfa9c59fcabda64768caeee65b78e39a4eedbe90acb837de0f3da936d0d27f601263e20bd2da7bbe8b6c625a25e06aeb42877f61fef53e0120242133f2f863cf2f32b45cf2d1253d924732bb58da77cfb3de5bc1e05cde4c8baa8b9faf54a18addbf387c184285fb1052de9be8f75b1d12353cda8f6c5d96149b890ba4db97810e0a69a2ea58d3523852e12cae0b877b9ecd2d0430074dffba7d69695b395b6730a6ed4a1ce3c19fa209deda13d6a9b808a2dce2c7623b57cba8277cf4c74a4203af35950b201616d629952adfe225d520173cad75e22b53f3061e4f96f0d8a2cf3b143b10d1554302987a4221af831ea287977814a16ea7284c1838e09b676a12bc95310eef9234e057c65c73ce6e7e3dd42130ee83e719e9fb088e8fbb3fc7dbbab73d4335900e2b4f60b03352bcaae815e6ac138735eebacd2df84e2e942a891334d94770657f81331765be951ee5bdf08d5a7901ee455f65ce660d27503e3866cc98a897dc5078368e787809fe157f30226dee184792bc563f52688e21877cc862b8bfeaae980b112fc79df9b5bdd1012cf6bbb1a8ab50d4e88ac15bd639930fafda5d4b139f5fd4e67e069436a618964a6e69b7824912c8e2841f9171674c32bd98a43f7c2550087f9511fb96245b8102a0ee434429cdffe3c5b89253b9fb63439946dd1615ac8786b0f78f75443d8df2ac3acefabec2b5b94405b6f7e9267336d28f2a415415ae00511eb09be5ac0cd86858af868e86065586f1ab7ffbb43d98979b981e98a21e3d1ed3d1e785ea23cfaffba66a06ff7fe9dae2ccc8d119300f1d4c7e8eeb1e5fe45ce656b85a3f0726a0ea7adbae3b03b72b3956b8ee9f838048082f4957103e4c29dee0b19f1be7076940e075db8e116d5f4ae77a0079613bf53859d6c2ff1ea06542c369741efc2a61bdfdebdebc3c4512c001b8e4e0956e1fc7e0ef4af293804165491b9a07eec180372b879f39db6485d2b81f1465510252a0ffb2929bf154cb8b7aae839c790d3d0501d590b0e9042470a97ca43eb523fcf9b1958c7caf2c81c1400de2771877839084dcc08305f0e1ea42e6b5eb2ac80f8ffc5eacc8919fcd1aaf6ef09bf3560e44ca721d0c4d1b051869029f84e191d3987eb66ca82b21257917709012f0db1e79c6fc119ec06dc41fbc84a6b10e6ee07150f96caf79c21b8a65db6b68b0a823bebb25b7272698c4f85dc0cb06d44835907cafcc0601503af997d4f6c2b0c47edbff39334218ccdbd51ea89d49d3245aaee0fe912afec1a0b207925216500d4f7c6e4881902d16fe93d6edf28753d571d2137d7d11c3a203b7def776d56defe711b6363ea0b1099d68b5875400c4877a28038c0fc5b853ec9fd0cd9e4487bee07af8826ee8db53bd59acf22b4c0f31cd17a399e0a1e0b0a22e36574db55bbbefaea26cf6516539ededa779a0e226f2c4cea4242ca57984077620e8ff4c358931c702457165ab25af5e8c16bb33498bfa3db0efd2158be22cf0be9d5e1097828026ec98746c8be0e9b7ccd16c03668a11fb8fdc98992571555394f0c234a3aa99bf7c0fbc2258bdd7c2725ef1de9f93374e001f3b553787a78584336cc7ef3c90d526fb35c26b8841d6799399245b48601", @generic="b517f3790adbc9482c119832ff108f7fe1114c9a46d7ae8bb82257d59ce0b4956e1748a0d554c212cf9be04bfecadc1b870c8fedb6a70cd86fa55b5f8166b0d467cecdad87e2a44a34b083dc86a9def1a113317aed409d136ff807ce74a41cb818d9930a680c32111177660efcb0372561cf70380b3d71b47e3137b73c09"]}]}, 0x1234}, 0x1, 0x0, 0x0, 0x40}, 0x40081)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi_and_pscan_mode={{0x22, 0x1f}, {0x2, [{@any, 0xe0, 0x8, 0x81, '\a19', 0x4, 0x7}, {@none, 0x8, 0x6, 0x80, '\x00', 0x4, 0x7}]}}}, 0x22)

13:51:57 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x318)

13:51:57 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000e50000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:57 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x1}}}, 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x3, 0x64}, @l2cap_cid_signaling={{0x60}, [@l2cap_create_chan_rsp={{0xd, 0xc2, 0x8}, {0x7, 0xbe0, 0xff, 0xfb30}}, @l2cap_disconn_req={{0x6, 0x8, 0x4}, {0x3ea9, 0x3ff}}, @l2cap_conf_rsp={{0x5, 0x3, 0x42}, {0x6, 0x0, 0x6, [@l2cap_conf_mtu={0x1, 0x2, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x4, 0x1, 0x26, 0x2, 0x8001, 0x9}}, @l2cap_conf_rfc={0x4, 0x9, {0x2, 0x8e, 0x40, 0x7, 0x0, 0x2}}, @l2cap_conf_flushto={0x2, 0x2, 0x1f}, @l2cap_conf_efs={0x6, 0x10, {0x1, 0x3, 0x5, 0x80000001, 0x6, 0x2}}, @l2cap_conf_flushto={0x2, 0x2, 0x3e17}, @l2cap_conf_ews={0x7, 0x2, 0x7d}, @l2cap_conf_mtu={0x1, 0x2, 0x8}]}}, @l2cap_info_req={{0xa, 0x20, 0x2}, {0x118}}]}}, 0x69)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x1}}}, 0xa) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x3, 0x64}, @l2cap_cid_signaling={{0x60}, [@l2cap_create_chan_rsp={{0xd, 0xc2, 0x8}, {0x7, 0xbe0, 0xff, 0xfb30}}, @l2cap_disconn_req={{0x6, 0x8, 0x4}, {0x3ea9, 0x3ff}}, @l2cap_conf_rsp={{0x5, 0x3, 0x42}, {0x6, 0x0, 0x6, [@l2cap_conf_mtu={0x1, 0x2, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x4, 0x1, 0x26, 0x2, 0x8001, 0x9}}, @l2cap_conf_rfc={0x4, 0x9, {0x2, 0x8e, 0x40, 0x7, 0x0, 0x2}}, @l2cap_conf_flushto={0x2, 0x2, 0x1f}, @l2cap_conf_efs={0x6, 0x10, {0x1, 0x3, 0x5, 0x80000001, 0x6, 0x2}}, @l2cap_conf_flushto={0x2, 0x2, 0x3e17}, @l2cap_conf_ews={0x7, 0x2, 0x7d}, @l2cap_conf_mtu={0x1, 0x2, 0x8}]}}, @l2cap_info_req={{0xa, 0x20, 0x2}, {0x118}}]}}, 0x69) (async)

13:51:57 executing program 3:
r0 = socket$l2tp6(0xa, 0x2, 0x73)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r0, 0x84009422, &(0x7f0000000040)={0x0, 0x0, {0x0, @usage, <r1=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, <r2=>0x0}, {0x0, @struct, <r3=>0x0}})
ioctl$BTRFS_IOC_BALANCE_V2(r0, 0xc4009420, &(0x7f0000000440)={0x4, 0x3, {0x6, @usage=0x101, <r4=>r1, 0x10000, 0xfffffffeffffffff, 0xfffffffffffffffc, 0x80000001, 0x8, 0x15, @struct={0xffffffc1, 0x10001}, 0x9, 0x8, [0x1ff, 0x2, 0x7fffffffffffffff, 0xe505, 0x1ca, 0x2]}, {0x6a19, @struct={0x0, 0xfffffffa}, r2, 0xfffffffffffff7fd, 0x7, 0x4, 0x3, 0x6, 0x43, @struct={0x3, 0x800}, 0xfff, 0x1, [0x1, 0x8001, 0xffffffffffffffff, 0x1, 0x800, 0xfffffffffffffffb]}, {0x9, @struct={0x58e}, r1, 0xe91, 0x8, 0x1000, 0x401, 0x8000000000000000, 0x0, @usage=0xffffffffffffffff, 0x3, 0x8000, [0x8000, 0x8000000000000001, 0x6, 0x2, 0x0, 0xfffffffffffffff8]}, {0x1, 0xd8e}}) (async)
r5 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r5, &(0x7f0000000040)="e2", 0x1800) (async)
ioctl$BTRFS_IOC_SCRUB(0xffffffffffffffff, 0xc400941b, &(0x7f0000000840)={<r6=>r4, 0x1, 0x4})
ioctl$BTRFS_IOC_SCRUB(r0, 0xc400941b, &(0x7f0000000c40)={<r7=>r4, 0x5, 0x1f, 0x1})
ioctl$BTRFS_IOC_DEV_INFO(r0, 0xd000941e, &(0x7f0000001040)={<r8=>r3, "345ad7aebf9ae0c39a996bf4b8cafd78"})
ioctl$BTRFS_IOC_BALANCE_V2(r5, 0xc4009420, &(0x7f0000002040)={0x9, 0x2, {0x6, @usage=0x8, r6, 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x2, 0x45, @struct={0x0, 0x1ff}, 0x7fff, 0x9, [0x9, 0x7d64e963, 0x74a8c7f, 0x9, 0x3f, 0x2]}, {0x82e075c, @usage=0x401, r7, 0x0, 0x100000000, 0x4f1f, 0xa623, 0x3, 0x40, @struct={0x800000, 0x100}, 0xffff, 0xcb, [0x6, 0x1f, 0xe7, 0x1ab5, 0x1, 0x80]}, {0x100000001, @struct={0xfff, 0x1}, r8, 0x1, 0x3ff, 0x4, 0x3, 0xfffffffffffffc01, 0x30, @usage=0xfffffffffffffff9, 0x4, 0x101, [0x7, 0x9, 0x9, 0x8000000000000001, 0x2, 0x1]}, {0x7, 0x0, 0x2d1befc3}}) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010)
r9 = socket(0x10, 0x2, 0x0)
write(r9, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32) (async)
r10 = socket$nl_route(0x10, 0x3, 0x0) (async)
r11 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r11, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r12=>0x0})
sendmsg$nl_route(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r12}]}, 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(r9, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8}, @GTPA_LINK={0x8, 0x1, r12}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10) (async)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000003700)={&(0x7f0000002440)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000036c0)={&(0x7f0000002480)={0x1234, 0x13, 0xe24, 0x594, 0x25dfdbff, {0x16}, [@nested={0x106, 0x2a, 0x0, 0x1, [@typed={0x8, 0x1d, 0x0, 0x0, @uid=0xffffffffffffffff}, @generic="da72ac2bf2171898e52c3ab10fdca7df2aa43e01076cca5d83ee920c9b43d6417f4cb96bd9244f23a474e991fdf4b96b44b3eb2799f6fd0c1d12abe64562a4dd854cbd340b680712cf391f27de520b1d8f5c0ef2b3c924360f8ef22902bb615fbe2add0abf67ab2ff0c1a72d532b19f66ee025d12a1772a7a7903cba6514f2200ff53e23c9c19a52df5c5a229b0a90c8aba175a53906f9b929409d5a3048729ff12384ed4f17c2448a322e22a9440b7ca3f9961b62c96a23e820788a921199712325306e6ea68816f0f434fab4981422fce4cfd7f8b3376702dea0b6d748e75b4732eea2891bc8750d9b23ea472f7fa87c199bfa9a136be370c6"]}, @generic="9a8f943a15e3be50cd211f635280b2096051ab278ba7c40f2d51ad95f7d62ed96310de8c", @typed={0x4, 0x36}, @nested={0x10ed, 0x4b, 0x0, 0x1, [@generic="f4c48c290c9e8b2bcde5482a80bca98c3bc3f853d05e314f46fd60a62b8b00b9b0e92409fbaeac298ed458a40da05b82e4e35d0218310de952d9b06c988347891754a1d5b0a1dd", @typed={0x14, 0x82, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @broadcast}}, @typed={0xc, 0x71, 0x0, 0x0, @u64=0x9}, @typed={0x4, 0x13}, @generic="66c1760abd6e55281056e5f3906578ff5c4111ce2e9e74add9852809f4070d57c37caf7b6f45d1df7a6c8681d920357723fccf0aac06ceab5cdfa59b1d7021d2d0520e41e10cdaabe17002cbc316e4a71d4040ac8586ce58a2f9f96aa9cf11bc0d8fc3ca629a851836aa0f6bff9506b1c317dcf066372c61b45cae92bc407cb1dcb567896ba2aefba6ad5e5ebb9ecaee0bf547bff42ff729e4c36a2f46e61da82fac52c18cd646f348369d6b00fb504868dee28de1dc9add619014c848fdb619f3ec5847371a3c9e582663a9bb830a3238767d245529803b42839955c0d73bd4f4cf66990aa441e0d7c920f4995e084b498deb81ba433a3409fb423382f2b4ad24beaa209690283da2733db367ce7c319195b237b1ebc1814107c4c618618f8f7204e8a10ae803889ff9951d4818d0cef2155c0cd691e1dc6f421728f77e593b70dc260fa70636161dfcd1c91f0abf389414dc416f04b51eb65d14fc62de79ad11402961250f19dff2131d1e9b183db8442480b8fe5d4f1d2c59a6f43ad68eb9e82a1abb901c0e75490fa4e1805ec9987951c303ac55e9de7a4e2a77fab639de5aef650e92d1f50ab8085ef9c481fb01667f7a74e0f029c6a65197ef162787f70c780b333a76d4700b3af424a7d49f85e6728da52838de3604593308bb89ecd5a4e879788030717400cfaca5f34c0308b93cfae656b4307da4cf1df153caae4e48a934170cbbfdeb1e2d053de12f1c43827d62b8c0f1120d21ff7555e475b7cf0b41024abaf874d9d5e3dd7568f65853d8f964a69e881bef2447d5bf1a2b5a4aea3ab17868b98fbf8f45b6182adc7ee0d702808d362a474a95a5869586eaf025fa0b1f9aafc52cc6749c51a461daded5ef230e580099bcf3651a1d1125a86f0135f49feffdd03cc98ab3da80156f4eb1b6b735c6c15fc76b55eeabc151a1309aea8893a4108600cb4e7d1aed8ede5d561e9b9beb95602a9804b17307c9d53d09902a4adc0e65085f71b6bd97851cd94a0fe968716b67d888ccbaccb06424867c3a4dfcf847d63384e462b8efa68578f8cbeba76da8785955386afff38b10f433b50cfd87bd9ca779b3423a1deda313172c2b3615f3a7985e7b32f64e3b9748102fdac49ad2fc906b3484a930d9efa8f045886557743b34b75c6f389e4da4cb4d233f936e4adf69f2b9453c6f1e2277a3d8d5bb6cbba2ee99bad179380bdf89a29e8222161d5f68e9bdd259ee63021b82bbac42d08571466ecd39636a05f16a50dad7c5194103225cedfa376629f676611791017680dfadab0ca1dcd2ff6eabbe8eddc7ddcdf876e56726b7cbcc11dac5afc7c902a9c5a5b72962797ccb078c6f9748fdc0faaf3f1cac21d00e1f078e822d10e2483a5d8335b818aaf76d13d6c17529a5f98e7adc2198719b4c0e2ebcffcdfd50a84e31b5add30edab2a6df63d3e731f9393f9d83125d9764c37587115bb32f80de77e6624ecb4b315145749b208f385f708cc817a4996f569e23da1d2e83bd7fecd2b13294c5688c65bac5c54cd8be01e687e5b0348609142bea50ac858a1e25e9237b5d0dc2d7368f3acc71c04d0cecc827b98d0cc6c00f5a6828220c1f013ae3082f6c8ae933283e631bd127c3bef7fdc9fa4a1c51aaaecc615e45424a3e7e63a25cf346a4c3ba52918341609bc809692f109e3cf1c3ba07ae7d4f83c10e6afe0714430b8beebb3db5bd37d4d0ce6278c8d58c19547a06db56aadd7b92a6a0fd5ab7a2a436c932f6b68e08c376cd00df1876270de99398c067bbc58c79abf0665856e631104332edee3fc8a78861a2602f4efc032bedfb68910336826e821c8f99693687c3d19e2d98b290a285fd0c8e438046d40488e2b66e1ebfaa09f8aacbd86550e45f6520bbc2a957577c7fb6c6c3053517f77d5833ea32bd9037802ca95fe13be99f85fda03cdf83629188a5e285cbf4114ffcf424324de49eeb8422e070c018093ebd0e4af2b03852e6e49c0cdf989aa10e9264012d0b0c17b029156b39feb1a78b8948fb702cac6981ddadc9430b4fad8ce032d874082719365734c50b1da9590e6afcc5e6381fee05e425875d70fe01dee4dc1f40d13ff381139fe7e90e435a53b7e40ccdc0fbb75357bfe1017c148f9f6e2f5cec2cef1f54774381bfc52234afc666972f137a536a4188bd5fcf3c4e58c70ffefec804786f51634b26d5062566a56ac76f1d73cdcb6b43173ed986e2a894dfbd342634beb3674546ecc6b6feecaf7f50ca44df34d3aef23945b486e856fbb22fe97fa92555cc2804f778b30925d12ffe134e05a4c131b96b47e2f39980034872274e3b369111661dc9e819bf5c814e3998cd6d74d64bf5aea88865b179955b31250fdfbb0f66d06ebd122c5f099bf71ec6f257e5d6b1109d51ea3337b1a0b5334b1cb23687a7c7d044a0191184c36f6ca5e6c8752523205c7e992a701a1dc564ed08443ff03fc72db6cafae73406223f3b11f803b1781169e2342b95040183456a130345f6d1ba623ef4c3b85259c0c1e02d8d8be85ee072915e0214f769cd15157e963c62d43f8fd1a2dac73c1405c4bc359dd546d1c92b21b2ef5a9f6d80c0714c9805736b699dcee07ebcacdb8a964c3deaab8bb3475ebc14d49f92846fe70c90d159e0c4154b8f2be6972c89e8a06eb2263186f82d5853f37cdef6203ac00249d17427ddc053d57e69b76a1e31e125b8f1c0349ea0aa9d0fbc1e473e38bc575777776c8016cd13f96dc51799501eda7c675b3bc52c9474f32924dd62cee25184838f65025b6f7f8cd3d2bdae40f213cf7f43bf2c8a4d9b39b2690e79e7a2ba8984b4f94704901d97a2682e2867b815265a2b238c4ca6c6516c087a9808504b4829a82dc7e34b6793dcb61f4dfcf472167c8523a39afe6e8da25098853235ca0747c4e21c23ec903bb7107ff42fb34d356d9c20875b9d00cfa3b8ab18334596fb281ee9e6b9b33a650c421283794e816c04eb5d334c6a1ae3701d2bdc3777c23b5d3f23ce340624df488366f81c9ffb87e33b9a6881751acb7a3e5f3b87e769732a9582ea44542d5a18e38460e8aade75179ce06bf4ff2c5b60124c49dc65075a77a42779e48c70530ea9cec78e0200378c4b255fb95c829ae2c3c0c9c9399d83a2bd2863ca240d27fc4ef50d60e231572944c11e6ea351732553d6052168404e06115525495336b5f90eea5cb27f6f28fd5b00eff6ad1883491bfe8a5a8dc7f4e26a91f4fb0ab9f3b175a471b7cf43a32dff5a3d6435359bcb8d56d4814810244d032ceb74de9e879f261307f2d71b927d6de70278a285baacd12d44581dbc92745edce7b51268fab7d8bfce586f578ffeda97fa4f9be865fa114396c9e36185b2fabd17958b5ede9bc277eb9d17a550c6459d0441c66427f340ed330e311d92c3460fdaf85317f593b6526400431c074871674c1665071cb5b850042159f6777a8a084909c3dfaa180dedd6df28a3f20502586ed8a1a145f3a02e3eaf9b93d2906c0f3baa498868310e4ca96a37ebc4b528b556bb1e188a06f36f2fce632b03cc512182724422bb2b8f7207e64620310f3aaff5cfe763f3d4414d23180ad7e79f6adc16bc0aa6854860b54ea835092e4f1d30be886ffde2178ed872540953c6329202b6ade4c2086e883c96c7951890680c2fb638101850f1ad9ffaa9ac61a04777b4eb92963a2823dafa95fc6d4317bd97ea288e7c64d4033170c71ea3b780382ca17b46b72fc41c195f408a3cfadd0ad59e57160318012e3448a921671fec14a961c1f0d2011c3772351ce75b668b2ee3ce6b78f822bbae3ece86aa963f45263257200050cb135ec83cca53a3c5fb62d7be55b323a650c843e9244da264003129d18c75fd80eac859994addaa22760e2bd491b0c51502a79149d490d4ab15593712f9aae878316d8a5357daacd842a0acbc16819ea083cd77d94f6deea098d636b49382403b719ca208dc2619426433c5c996733ea48848092a7e8746b9abeb7880fae29697fa310d9b385486607c0af4b1705aff57e75c448e5dff08e41ea1bd31790a6ec5115fdb09527a19d45ffb4766ab99aa19834421645522c46225814f8ce532476f154aa7a328966146e57f936906b07b52fa5173eee0889b6147e037c01236b48bb727413c3a813dfa9c59fcabda64768caeee65b78e39a4eedbe90acb837de0f3da936d0d27f601263e20bd2da7bbe8b6c625a25e06aeb42877f61fef53e0120242133f2f863cf2f32b45cf2d1253d924732bb58da77cfb3de5bc1e05cde4c8baa8b9faf54a18addbf387c184285fb1052de9be8f75b1d12353cda8f6c5d96149b890ba4db97810e0a69a2ea58d3523852e12cae0b877b9ecd2d0430074dffba7d69695b395b6730a6ed4a1ce3c19fa209deda13d6a9b808a2dce2c7623b57cba8277cf4c74a4203af35950b201616d629952adfe225d520173cad75e22b53f3061e4f96f0d8a2cf3b143b10d1554302987a4221af831ea287977814a16ea7284c1838e09b676a12bc95310eef9234e057c65c73ce6e7e3dd42130ee83e719e9fb088e8fbb3fc7dbbab73d4335900e2b4f60b03352bcaae815e6ac138735eebacd2df84e2e942a891334d94770657f81331765be951ee5bdf08d5a7901ee455f65ce660d27503e3866cc98a897dc5078368e787809fe157f30226dee184792bc563f52688e21877cc862b8bfeaae980b112fc79df9b5bdd1012cf6bbb1a8ab50d4e88ac15bd639930fafda5d4b139f5fd4e67e069436a618964a6e69b7824912c8e2841f9171674c32bd98a43f7c2550087f9511fb96245b8102a0ee434429cdffe3c5b89253b9fb63439946dd1615ac8786b0f78f75443d8df2ac3acefabec2b5b94405b6f7e9267336d28f2a415415ae00511eb09be5ac0cd86858af868e86065586f1ab7ffbb43d98979b981e98a21e3d1ed3d1e785ea23cfaffba66a06ff7fe9dae2ccc8d119300f1d4c7e8eeb1e5fe45ce656b85a3f0726a0ea7adbae3b03b72b3956b8ee9f838048082f4957103e4c29dee0b19f1be7076940e075db8e116d5f4ae77a0079613bf53859d6c2ff1ea06542c369741efc2a61bdfdebdebc3c4512c001b8e4e0956e1fc7e0ef4af293804165491b9a07eec180372b879f39db6485d2b81f1465510252a0ffb2929bf154cb8b7aae839c790d3d0501d590b0e9042470a97ca43eb523fcf9b1958c7caf2c81c1400de2771877839084dcc08305f0e1ea42e6b5eb2ac80f8ffc5eacc8919fcd1aaf6ef09bf3560e44ca721d0c4d1b051869029f84e191d3987eb66ca82b21257917709012f0db1e79c6fc119ec06dc41fbc84a6b10e6ee07150f96caf79c21b8a65db6b68b0a823bebb25b7272698c4f85dc0cb06d44835907cafcc0601503af997d4f6c2b0c47edbff39334218ccdbd51ea89d49d3245aaee0fe912afec1a0b207925216500d4f7c6e4881902d16fe93d6edf28753d571d2137d7d11c3a203b7def776d56defe711b6363ea0b1099d68b5875400c4877a28038c0fc5b853ec9fd0cd9e4487bee07af8826ee8db53bd59acf22b4c0f31cd17a399e0a1e0b0a22e36574db55bbbefaea26cf6516539ededa779a0e226f2c4cea4242ca57984077620e8ff4c358931c702457165ab25af5e8c16bb33498bfa3db0efd2158be22cf0be9d5e1097828026ec98746c8be0e9b7ccd16c03668a11fb8fdc98992571555394f0c234a3aa99bf7c0fbc2258bdd7c2725ef1de9f93374e001f3b553787a78584336cc7ef3c90d526fb35c26b8841d6799399245b48601", @generic="b517f3790adbc9482c119832ff108f7fe1114c9a46d7ae8bb82257d59ce0b4956e1748a0d554c212cf9be04bfecadc1b870c8fedb6a70cd86fa55b5f8166b0d467cecdad87e2a44a34b083dc86a9def1a113317aed409d136ff807ce74a41cb818d9930a680c32111177660efcb0372561cf70380b3d71b47e3137b73c09"]}]}, 0x1234}, 0x1, 0x0, 0x0, 0x40}, 0x40081) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi_and_pscan_mode={{0x22, 0x1f}, {0x2, [{@any, 0xe0, 0x8, 0x81, '\a19', 0x4, 0x7}, {@none, 0x8, 0x6, 0x80, '\x00', 0x4, 0x7}]}}}, 0x22)

13:51:57 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x330)

13:51:57 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xdf}, "d6e7fdc2f18b7c328139d14fe91d00afc6caa39000853faaa7b69695fe80ce6625842a2cdba9acf38f8f7aead5985445eee5f73b250d627b4868e07488a42125d774cfb956b3694ba459242b241db5a926f10ee10031e9fdb74641efbb8d243f34ce762e0ab08c8b2946f04b22fc9d29baa4e2c3cd8b850386e3c8dc405b21b3e4b0e203c3f5d1672b4fdf567ba47f927339fdc3f34f007ffeb88dfc720538712bb33123eb94510499ad36b5118310c7d421899a16b27c6eb14bb21ac4b461f235726dddc17db2f421e64068900955684e3059780ea0d4fb58aa6f0601e318"}, 0xe3)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xdf}, "d6e7fdc2f18b7c328139d14fe91d00afc6caa39000853faaa7b69695fe80ce6625842a2cdba9acf38f8f7aead5985445eee5f73b250d627b4868e07488a42125d774cfb956b3694ba459242b241db5a926f10ee10031e9fdb74641efbb8d243f34ce762e0ab08c8b2946f04b22fc9d29baa4e2c3cd8b850386e3c8dc405b21b3e4b0e203c3f5d1672b4fdf567ba47f927339fdc3f34f007ffeb88dfc720538712bb33123eb94510499ad36b5118310c7d421899a16b27c6eb14bb21ac4b461f235726dddc17db2f421e64068900955684e3059780ea0d4fb58aa6f0601e318"}, 0xe3) (async)

13:51:57 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x1}}}, 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x3, 0x64}, @l2cap_cid_signaling={{0x60}, [@l2cap_create_chan_rsp={{0xd, 0xc2, 0x8}, {0x7, 0xbe0, 0xff, 0xfb30}}, @l2cap_disconn_req={{0x6, 0x8, 0x4}, {0x3ea9, 0x3ff}}, @l2cap_conf_rsp={{0x5, 0x3, 0x42}, {0x6, 0x0, 0x6, [@l2cap_conf_mtu={0x1, 0x2, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x4, 0x1, 0x26, 0x2, 0x8001, 0x9}}, @l2cap_conf_rfc={0x4, 0x9, {0x2, 0x8e, 0x40, 0x7, 0x0, 0x2}}, @l2cap_conf_flushto={0x2, 0x2, 0x1f}, @l2cap_conf_efs={0x6, 0x10, {0x1, 0x3, 0x5, 0x80000001, 0x6, 0x2}}, @l2cap_conf_flushto={0x2, 0x2, 0x3e17}, @l2cap_conf_ews={0x7, 0x2, 0x7d}, @l2cap_conf_mtu={0x1, 0x2, 0x8}]}}, @l2cap_info_req={{0xa, 0x20, 0x2}, {0x118}}]}}, 0x69)

13:51:57 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000f00000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:57 executing program 3:
r0 = socket$l2tp6(0xa, 0x2, 0x73)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r0, 0x84009422, &(0x7f0000000040)={0x0, 0x0, {0x0, @usage, <r1=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, <r2=>0x0}, {0x0, @struct, <r3=>0x0}})
ioctl$BTRFS_IOC_BALANCE_V2(r0, 0xc4009420, &(0x7f0000000440)={0x4, 0x3, {0x6, @usage=0x101, <r4=>r1, 0x10000, 0xfffffffeffffffff, 0xfffffffffffffffc, 0x80000001, 0x8, 0x15, @struct={0xffffffc1, 0x10001}, 0x9, 0x8, [0x1ff, 0x2, 0x7fffffffffffffff, 0xe505, 0x1ca, 0x2]}, {0x6a19, @struct={0x0, 0xfffffffa}, r2, 0xfffffffffffff7fd, 0x7, 0x4, 0x3, 0x6, 0x43, @struct={0x3, 0x800}, 0xfff, 0x1, [0x1, 0x8001, 0xffffffffffffffff, 0x1, 0x800, 0xfffffffffffffffb]}, {0x9, @struct={0x58e}, r1, 0xe91, 0x8, 0x1000, 0x401, 0x8000000000000000, 0x0, @usage=0xffffffffffffffff, 0x3, 0x8000, [0x8000, 0x8000000000000001, 0x6, 0x2, 0x0, 0xfffffffffffffff8]}, {0x1, 0xd8e}})
r5 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r5, &(0x7f0000000040)="e2", 0x1800) (async)
ioctl$BTRFS_IOC_SCRUB(0xffffffffffffffff, 0xc400941b, &(0x7f0000000840)={<r6=>r4, 0x1, 0x4})
ioctl$BTRFS_IOC_SCRUB(r0, 0xc400941b, &(0x7f0000000c40)={<r7=>r4, 0x5, 0x1f, 0x1}) (async)
ioctl$BTRFS_IOC_DEV_INFO(r0, 0xd000941e, &(0x7f0000001040)={<r8=>r3, "345ad7aebf9ae0c39a996bf4b8cafd78"})
ioctl$BTRFS_IOC_BALANCE_V2(r5, 0xc4009420, &(0x7f0000002040)={0x9, 0x2, {0x6, @usage=0x8, r6, 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x2, 0x45, @struct={0x0, 0x1ff}, 0x7fff, 0x9, [0x9, 0x7d64e963, 0x74a8c7f, 0x9, 0x3f, 0x2]}, {0x82e075c, @usage=0x401, r7, 0x0, 0x100000000, 0x4f1f, 0xa623, 0x3, 0x40, @struct={0x800000, 0x100}, 0xffff, 0xcb, [0x6, 0x1f, 0xe7, 0x1ab5, 0x1, 0x80]}, {0x100000001, @struct={0xfff, 0x1}, r8, 0x1, 0x3ff, 0x4, 0x3, 0xfffffffffffffc01, 0x30, @usage=0xfffffffffffffff9, 0x4, 0x101, [0x7, 0x9, 0x9, 0x8000000000000001, 0x2, 0x1]}, {0x7, 0x0, 0x2d1befc3}}) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010) (async, rerun: 64)
r9 = socket(0x10, 0x2, 0x0) (rerun: 64)
write(r9, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32) (async)
r10 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 32)
r11 = socket$packet(0x11, 0x3, 0x300) (rerun: 32)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r11, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r12=>0x0})
sendmsg$nl_route(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r12}]}, 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(r9, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)={0x54, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8}, @GTPA_LINK={0x8, 0x1, r12}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10) (async)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000003700)={&(0x7f0000002440)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000036c0)={&(0x7f0000002480)={0x1234, 0x13, 0xe24, 0x594, 0x25dfdbff, {0x16}, [@nested={0x106, 0x2a, 0x0, 0x1, [@typed={0x8, 0x1d, 0x0, 0x0, @uid=0xffffffffffffffff}, @generic="da72ac2bf2171898e52c3ab10fdca7df2aa43e01076cca5d83ee920c9b43d6417f4cb96bd9244f23a474e991fdf4b96b44b3eb2799f6fd0c1d12abe64562a4dd854cbd340b680712cf391f27de520b1d8f5c0ef2b3c924360f8ef22902bb615fbe2add0abf67ab2ff0c1a72d532b19f66ee025d12a1772a7a7903cba6514f2200ff53e23c9c19a52df5c5a229b0a90c8aba175a53906f9b929409d5a3048729ff12384ed4f17c2448a322e22a9440b7ca3f9961b62c96a23e820788a921199712325306e6ea68816f0f434fab4981422fce4cfd7f8b3376702dea0b6d748e75b4732eea2891bc8750d9b23ea472f7fa87c199bfa9a136be370c6"]}, @generic="9a8f943a15e3be50cd211f635280b2096051ab278ba7c40f2d51ad95f7d62ed96310de8c", @typed={0x4, 0x36}, @nested={0x10ed, 0x4b, 0x0, 0x1, [@generic="f4c48c290c9e8b2bcde5482a80bca98c3bc3f853d05e314f46fd60a62b8b00b9b0e92409fbaeac298ed458a40da05b82e4e35d0218310de952d9b06c988347891754a1d5b0a1dd", @typed={0x14, 0x82, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @broadcast}}, @typed={0xc, 0x71, 0x0, 0x0, @u64=0x9}, @typed={0x4, 0x13}, @generic="66c1760abd6e55281056e5f3906578ff5c4111ce2e9e74add9852809f4070d57c37caf7b6f45d1df7a6c8681d920357723fccf0aac06ceab5cdfa59b1d7021d2d0520e41e10cdaabe17002cbc316e4a71d4040ac8586ce58a2f9f96aa9cf11bc0d8fc3ca629a851836aa0f6bff9506b1c317dcf066372c61b45cae92bc407cb1dcb567896ba2aefba6ad5e5ebb9ecaee0bf547bff42ff729e4c36a2f46e61da82fac52c18cd646f348369d6b00fb504868dee28de1dc9add619014c848fdb619f3ec5847371a3c9e582663a9bb830a3238767d245529803b42839955c0d73bd4f4cf66990aa441e0d7c920f4995e084b498deb81ba433a3409fb423382f2b4ad24beaa209690283da2733db367ce7c319195b237b1ebc1814107c4c618618f8f7204e8a10ae803889ff9951d4818d0cef2155c0cd691e1dc6f421728f77e593b70dc260fa70636161dfcd1c91f0abf389414dc416f04b51eb65d14fc62de79ad11402961250f19dff2131d1e9b183db8442480b8fe5d4f1d2c59a6f43ad68eb9e82a1abb901c0e75490fa4e1805ec9987951c303ac55e9de7a4e2a77fab639de5aef650e92d1f50ab8085ef9c481fb01667f7a74e0f029c6a65197ef162787f70c780b333a76d4700b3af424a7d49f85e6728da52838de3604593308bb89ecd5a4e879788030717400cfaca5f34c0308b93cfae656b4307da4cf1df153caae4e48a934170cbbfdeb1e2d053de12f1c43827d62b8c0f1120d21ff7555e475b7cf0b41024abaf874d9d5e3dd7568f65853d8f964a69e881bef2447d5bf1a2b5a4aea3ab17868b98fbf8f45b6182adc7ee0d702808d362a474a95a5869586eaf025fa0b1f9aafc52cc6749c51a461daded5ef230e580099bcf3651a1d1125a86f0135f49feffdd03cc98ab3da80156f4eb1b6b735c6c15fc76b55eeabc151a1309aea8893a4108600cb4e7d1aed8ede5d561e9b9beb95602a9804b17307c9d53d09902a4adc0e65085f71b6bd97851cd94a0fe968716b67d888ccbaccb06424867c3a4dfcf847d63384e462b8efa68578f8cbeba76da8785955386afff38b10f433b50cfd87bd9ca779b3423a1deda313172c2b3615f3a7985e7b32f64e3b9748102fdac49ad2fc906b3484a930d9efa8f045886557743b34b75c6f389e4da4cb4d233f936e4adf69f2b9453c6f1e2277a3d8d5bb6cbba2ee99bad179380bdf89a29e8222161d5f68e9bdd259ee63021b82bbac42d08571466ecd39636a05f16a50dad7c5194103225cedfa376629f676611791017680dfadab0ca1dcd2ff6eabbe8eddc7ddcdf876e56726b7cbcc11dac5afc7c902a9c5a5b72962797ccb078c6f9748fdc0faaf3f1cac21d00e1f078e822d10e2483a5d8335b818aaf76d13d6c17529a5f98e7adc2198719b4c0e2ebcffcdfd50a84e31b5add30edab2a6df63d3e731f9393f9d83125d9764c37587115bb32f80de77e6624ecb4b315145749b208f385f708cc817a4996f569e23da1d2e83bd7fecd2b13294c5688c65bac5c54cd8be01e687e5b0348609142bea50ac858a1e25e9237b5d0dc2d7368f3acc71c04d0cecc827b98d0cc6c00f5a6828220c1f013ae3082f6c8ae933283e631bd127c3bef7fdc9fa4a1c51aaaecc615e45424a3e7e63a25cf346a4c3ba52918341609bc809692f109e3cf1c3ba07ae7d4f83c10e6afe0714430b8beebb3db5bd37d4d0ce6278c8d58c19547a06db56aadd7b92a6a0fd5ab7a2a436c932f6b68e08c376cd00df1876270de99398c067bbc58c79abf0665856e631104332edee3fc8a78861a2602f4efc032bedfb68910336826e821c8f99693687c3d19e2d98b290a285fd0c8e438046d40488e2b66e1ebfaa09f8aacbd86550e45f6520bbc2a957577c7fb6c6c3053517f77d5833ea32bd9037802ca95fe13be99f85fda03cdf83629188a5e285cbf4114ffcf424324de49eeb8422e070c018093ebd0e4af2b03852e6e49c0cdf989aa10e9264012d0b0c17b029156b39feb1a78b8948fb702cac6981ddadc9430b4fad8ce032d874082719365734c50b1da9590e6afcc5e6381fee05e425875d70fe01dee4dc1f40d13ff381139fe7e90e435a53b7e40ccdc0fbb75357bfe1017c148f9f6e2f5cec2cef1f54774381bfc52234afc666972f137a536a4188bd5fcf3c4e58c70ffefec804786f51634b26d5062566a56ac76f1d73cdcb6b43173ed986e2a894dfbd342634beb3674546ecc6b6feecaf7f50ca44df34d3aef23945b486e856fbb22fe97fa92555cc2804f778b30925d12ffe134e05a4c131b96b47e2f39980034872274e3b369111661dc9e819bf5c814e3998cd6d74d64bf5aea88865b179955b31250fdfbb0f66d06ebd122c5f099bf71ec6f257e5d6b1109d51ea3337b1a0b5334b1cb23687a7c7d044a0191184c36f6ca5e6c8752523205c7e992a701a1dc564ed08443ff03fc72db6cafae73406223f3b11f803b1781169e2342b95040183456a130345f6d1ba623ef4c3b85259c0c1e02d8d8be85ee072915e0214f769cd15157e963c62d43f8fd1a2dac73c1405c4bc359dd546d1c92b21b2ef5a9f6d80c0714c9805736b699dcee07ebcacdb8a964c3deaab8bb3475ebc14d49f92846fe70c90d159e0c4154b8f2be6972c89e8a06eb2263186f82d5853f37cdef6203ac00249d17427ddc053d57e69b76a1e31e125b8f1c0349ea0aa9d0fbc1e473e38bc575777776c8016cd13f96dc51799501eda7c675b3bc52c9474f32924dd62cee25184838f65025b6f7f8cd3d2bdae40f213cf7f43bf2c8a4d9b39b2690e79e7a2ba8984b4f94704901d97a2682e2867b815265a2b238c4ca6c6516c087a9808504b4829a82dc7e34b6793dcb61f4dfcf472167c8523a39afe6e8da25098853235ca0747c4e21c23ec903bb7107ff42fb34d356d9c20875b9d00cfa3b8ab18334596fb281ee9e6b9b33a650c421283794e816c04eb5d334c6a1ae3701d2bdc3777c23b5d3f23ce340624df488366f81c9ffb87e33b9a6881751acb7a3e5f3b87e769732a9582ea44542d5a18e38460e8aade75179ce06bf4ff2c5b60124c49dc65075a77a42779e48c70530ea9cec78e0200378c4b255fb95c829ae2c3c0c9c9399d83a2bd2863ca240d27fc4ef50d60e231572944c11e6ea351732553d6052168404e06115525495336b5f90eea5cb27f6f28fd5b00eff6ad1883491bfe8a5a8dc7f4e26a91f4fb0ab9f3b175a471b7cf43a32dff5a3d6435359bcb8d56d4814810244d032ceb74de9e879f261307f2d71b927d6de70278a285baacd12d44581dbc92745edce7b51268fab7d8bfce586f578ffeda97fa4f9be865fa114396c9e36185b2fabd17958b5ede9bc277eb9d17a550c6459d0441c66427f340ed330e311d92c3460fdaf85317f593b6526400431c074871674c1665071cb5b850042159f6777a8a084909c3dfaa180dedd6df28a3f20502586ed8a1a145f3a02e3eaf9b93d2906c0f3baa498868310e4ca96a37ebc4b528b556bb1e188a06f36f2fce632b03cc512182724422bb2b8f7207e64620310f3aaff5cfe763f3d4414d23180ad7e79f6adc16bc0aa6854860b54ea835092e4f1d30be886ffde2178ed872540953c6329202b6ade4c2086e883c96c7951890680c2fb638101850f1ad9ffaa9ac61a04777b4eb92963a2823dafa95fc6d4317bd97ea288e7c64d4033170c71ea3b780382ca17b46b72fc41c195f408a3cfadd0ad59e57160318012e3448a921671fec14a961c1f0d2011c3772351ce75b668b2ee3ce6b78f822bbae3ece86aa963f45263257200050cb135ec83cca53a3c5fb62d7be55b323a650c843e9244da264003129d18c75fd80eac859994addaa22760e2bd491b0c51502a79149d490d4ab15593712f9aae878316d8a5357daacd842a0acbc16819ea083cd77d94f6deea098d636b49382403b719ca208dc2619426433c5c996733ea48848092a7e8746b9abeb7880fae29697fa310d9b385486607c0af4b1705aff57e75c448e5dff08e41ea1bd31790a6ec5115fdb09527a19d45ffb4766ab99aa19834421645522c46225814f8ce532476f154aa7a328966146e57f936906b07b52fa5173eee0889b6147e037c01236b48bb727413c3a813dfa9c59fcabda64768caeee65b78e39a4eedbe90acb837de0f3da936d0d27f601263e20bd2da7bbe8b6c625a25e06aeb42877f61fef53e0120242133f2f863cf2f32b45cf2d1253d924732bb58da77cfb3de5bc1e05cde4c8baa8b9faf54a18addbf387c184285fb1052de9be8f75b1d12353cda8f6c5d96149b890ba4db97810e0a69a2ea58d3523852e12cae0b877b9ecd2d0430074dffba7d69695b395b6730a6ed4a1ce3c19fa209deda13d6a9b808a2dce2c7623b57cba8277cf4c74a4203af35950b201616d629952adfe225d520173cad75e22b53f3061e4f96f0d8a2cf3b143b10d1554302987a4221af831ea287977814a16ea7284c1838e09b676a12bc95310eef9234e057c65c73ce6e7e3dd42130ee83e719e9fb088e8fbb3fc7dbbab73d4335900e2b4f60b03352bcaae815e6ac138735eebacd2df84e2e942a891334d94770657f81331765be951ee5bdf08d5a7901ee455f65ce660d27503e3866cc98a897dc5078368e787809fe157f30226dee184792bc563f52688e21877cc862b8bfeaae980b112fc79df9b5bdd1012cf6bbb1a8ab50d4e88ac15bd639930fafda5d4b139f5fd4e67e069436a618964a6e69b7824912c8e2841f9171674c32bd98a43f7c2550087f9511fb96245b8102a0ee434429cdffe3c5b89253b9fb63439946dd1615ac8786b0f78f75443d8df2ac3acefabec2b5b94405b6f7e9267336d28f2a415415ae00511eb09be5ac0cd86858af868e86065586f1ab7ffbb43d98979b981e98a21e3d1ed3d1e785ea23cfaffba66a06ff7fe9dae2ccc8d119300f1d4c7e8eeb1e5fe45ce656b85a3f0726a0ea7adbae3b03b72b3956b8ee9f838048082f4957103e4c29dee0b19f1be7076940e075db8e116d5f4ae77a0079613bf53859d6c2ff1ea06542c369741efc2a61bdfdebdebc3c4512c001b8e4e0956e1fc7e0ef4af293804165491b9a07eec180372b879f39db6485d2b81f1465510252a0ffb2929bf154cb8b7aae839c790d3d0501d590b0e9042470a97ca43eb523fcf9b1958c7caf2c81c1400de2771877839084dcc08305f0e1ea42e6b5eb2ac80f8ffc5eacc8919fcd1aaf6ef09bf3560e44ca721d0c4d1b051869029f84e191d3987eb66ca82b21257917709012f0db1e79c6fc119ec06dc41fbc84a6b10e6ee07150f96caf79c21b8a65db6b68b0a823bebb25b7272698c4f85dc0cb06d44835907cafcc0601503af997d4f6c2b0c47edbff39334218ccdbd51ea89d49d3245aaee0fe912afec1a0b207925216500d4f7c6e4881902d16fe93d6edf28753d571d2137d7d11c3a203b7def776d56defe711b6363ea0b1099d68b5875400c4877a28038c0fc5b853ec9fd0cd9e4487bee07af8826ee8db53bd59acf22b4c0f31cd17a399e0a1e0b0a22e36574db55bbbefaea26cf6516539ededa779a0e226f2c4cea4242ca57984077620e8ff4c358931c702457165ab25af5e8c16bb33498bfa3db0efd2158be22cf0be9d5e1097828026ec98746c8be0e9b7ccd16c03668a11fb8fdc98992571555394f0c234a3aa99bf7c0fbc2258bdd7c2725ef1de9f93374e001f3b553787a78584336cc7ef3c90d526fb35c26b8841d6799399245b48601", @generic="b517f3790adbc9482c119832ff108f7fe1114c9a46d7ae8bb82257d59ce0b4956e1748a0d554c212cf9be04bfecadc1b870c8fedb6a70cd86fa55b5f8166b0d467cecdad87e2a44a34b083dc86a9def1a113317aed409d136ff807ce74a41cb818d9930a680c32111177660efcb0372561cf70380b3d71b47e3137b73c09"]}]}, 0x1234}, 0x1, 0x0, 0x0, 0x40}, 0x40081)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi_and_pscan_mode={{0x22, 0x1f}, {0x2, [{@any, 0xe0, 0x8, 0x81, '\a19', 0x4, 0x7}, {@none, 0x8, 0x6, 0x80, '\x00', 0x4, 0x7}]}}}, 0x22)

13:51:57 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)

13:51:57 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="0481"], 0x8)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x1, 0x16}, @l2cap_cid_le_signaling={{0x12}, @l2cap_ecred_conn_rsp={{0x18, 0x3f, 0xe}, {0x3f, 0x44, 0x7fff, 0xb42, [0x1000, 0x3, 0x7]}}}}, 0x1b)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)

13:51:57 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x348)

13:51:57 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000fc0000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:58 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x360)

13:51:58 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000400100bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:58 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="0481"], 0x8) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x1, 0x16}, @l2cap_cid_le_signaling={{0x12}, @l2cap_ecred_conn_rsp={{0x18, 0x3f, 0xe}, {0x3f, 0x44, 0x7fff, 0xb42, [0x1000, 0x3, 0x7]}}}}, 0x1b) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)

13:51:58 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)

13:51:58 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x378)

13:51:58 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000c60100bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:58 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)

13:51:58 executing program 3:
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x1, 0x91}, @l2cap_cid_signaling={{0x8d}, [@l2cap_disconn_req={{0x6, 0x7f, 0x4}, {0xf653, 0x3}}, @l2cap_conn_rsp={{0x3, 0xd, 0x8}, {0x4, 0x6, 0x3f, 0x3}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x5, 0x2}, {0x3ff}}, @l2cap_conf_req={{0x4, 0x7, 0x30}, {0xff, 0x8, [@l2cap_conf_efs={0x6, 0x10, {0xc6, 0x3, 0x6, 0x3, 0x1, 0x10000}}, @l2cap_conf_efs={0x6, 0x10, {0x7f, 0x2, 0x8, 0x0, 0x4, 0x100}}, @l2cap_conf_flushto={0x2, 0x2, 0x1}, @l2cap_conf_flushto={0x2, 0x2, 0x3}]}}, @l2cap_disconn_req={{0x6, 0x9, 0x4}, {0x97a2, 0xd35}}, @l2cap_conf_req={{0x4, 0x0, 0x18}, {0x5, 0x100, [@l2cap_conf_mtu={0x1, 0x2, 0x200}, @l2cap_conf_flushto={0x2, 0x2, 0x30}, @l2cap_conf_flushto={0x2, 0x2}, @l2cap_conf_ews={0x7, 0x2, 0x4}, @l2cap_conf_flushto={0x2, 0x2, 0x5}]}}, @l2cap_create_chan_rsp={{0xd, 0x3, 0x8}, {0x7ff, 0x0, 0x4, 0x91a}}, @l2cap_move_chan_req={{0xe, 0x1, 0x3}, {0x100, 0xd}}, @l2cap_conn_req={{0x2, 0x1, 0x4}, {0x5, 0x6}}]}}, 0x96)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x7, 0x0, 0x200d}}}, 0x7)

13:51:58 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x390)

13:51:58 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="0481"], 0x8)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x1, 0x16}, @l2cap_cid_le_signaling={{0x12}, @l2cap_ecred_conn_rsp={{0x18, 0x3f, 0xe}, {0x3f, 0x44, 0x7fff, 0xb42, [0x1000, 0x3, 0x7]}}}}, 0x1b)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="0481"], 0x8) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x1, 0x16}, @l2cap_cid_le_signaling={{0x12}, @l2cap_ecred_conn_rsp={{0x18, 0x3f, 0xe}, {0x3f, 0x44, 0x7fff, 0xb42, [0x1000, 0x3, 0x7]}}}}, 0x1b) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2) (async)

13:51:58 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000af0200bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:58 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x3a8)

13:51:58 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

13:51:58 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x6, 0xa}, {0x3, 0x4, 0x0, 0x0, 0x4}}}}, 0x17)
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="02c8e01e001a000500170516008000f8ff010009000600ed0e01000300040008000200", @ANYRESOCT=0x0, @ANYRESHEX, @ANYBLOB="fb82f04e81c97e6149024599d1abf34e4db4ea403379907ec21bd907210c40cee58f75e1c8883f0c97abf17de88091a997963ddb7742b8670f0a0fd44ec2888cfe2805403fde1c392d74d04469acd7663718453dd5dcf5", @ANYRES8, @ANYRESHEX], 0x23)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c810f5bb70ecdaa154f80fe45100f9dbaeedc3abc8201f2e3245a9d719a4f99710000c0001010305be30cb404caf2ce818b00800050000020383fc6dc73523cdff9b6bbe3b362b001209"], 0x15)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x1d}, @hci_evt_le_cis_established={{}, {0x0, 0xc8, "5cd56e", "c13aa4", "2dacc3", "0aa0bd", 0x3, 0x6, 0x0, 0xff, 0x9, 0x40, 0x0, 0x400, 0x401, 0x7}}}}, 0x20)

13:51:58 executing program 3:
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x1, 0x91}, @l2cap_cid_signaling={{0x8d}, [@l2cap_disconn_req={{0x6, 0x7f, 0x4}, {0xf653, 0x3}}, @l2cap_conn_rsp={{0x3, 0xd, 0x8}, {0x4, 0x6, 0x3f, 0x3}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x5, 0x2}, {0x3ff}}, @l2cap_conf_req={{0x4, 0x7, 0x30}, {0xff, 0x8, [@l2cap_conf_efs={0x6, 0x10, {0xc6, 0x3, 0x6, 0x3, 0x1, 0x10000}}, @l2cap_conf_efs={0x6, 0x10, {0x7f, 0x2, 0x8, 0x0, 0x4, 0x100}}, @l2cap_conf_flushto={0x2, 0x2, 0x1}, @l2cap_conf_flushto={0x2, 0x2, 0x3}]}}, @l2cap_disconn_req={{0x6, 0x9, 0x4}, {0x97a2, 0xd35}}, @l2cap_conf_req={{0x4, 0x0, 0x18}, {0x5, 0x100, [@l2cap_conf_mtu={0x1, 0x2, 0x200}, @l2cap_conf_flushto={0x2, 0x2, 0x30}, @l2cap_conf_flushto={0x2, 0x2}, @l2cap_conf_ews={0x7, 0x2, 0x4}, @l2cap_conf_flushto={0x2, 0x2, 0x5}]}}, @l2cap_create_chan_rsp={{0xd, 0x3, 0x8}, {0x7ff, 0x0, 0x4, 0x91a}}, @l2cap_move_chan_req={{0xe, 0x1, 0x3}, {0x100, 0xd}}, @l2cap_conn_req={{0x2, 0x1, 0x4}, {0x5, 0x6}}]}}, 0x96)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x7, 0x0, 0x200d}}}, 0x7)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x1, 0x91}, @l2cap_cid_signaling={{0x8d}, [@l2cap_disconn_req={{0x6, 0x7f, 0x4}, {0xf653, 0x3}}, @l2cap_conn_rsp={{0x3, 0xd, 0x8}, {0x4, 0x6, 0x3f, 0x3}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x5, 0x2}, {0x3ff}}, @l2cap_conf_req={{0x4, 0x7, 0x30}, {0xff, 0x8, [@l2cap_conf_efs={0x6, 0x10, {0xc6, 0x3, 0x6, 0x3, 0x1, 0x10000}}, @l2cap_conf_efs={0x6, 0x10, {0x7f, 0x2, 0x8, 0x0, 0x4, 0x100}}, @l2cap_conf_flushto={0x2, 0x2, 0x1}, @l2cap_conf_flushto={0x2, 0x2, 0x3}]}}, @l2cap_disconn_req={{0x6, 0x9, 0x4}, {0x97a2, 0xd35}}, @l2cap_conf_req={{0x4, 0x0, 0x18}, {0x5, 0x100, [@l2cap_conf_mtu={0x1, 0x2, 0x200}, @l2cap_conf_flushto={0x2, 0x2, 0x30}, @l2cap_conf_flushto={0x2, 0x2}, @l2cap_conf_ews={0x7, 0x2, 0x4}, @l2cap_conf_flushto={0x2, 0x2, 0x5}]}}, @l2cap_create_chan_rsp={{0xd, 0x3, 0x8}, {0x7ff, 0x0, 0x4, 0x91a}}, @l2cap_move_chan_req={{0xe, 0x1, 0x3}, {0x100, 0xd}}, @l2cap_conn_req={{0x2, 0x1, 0x4}, {0x5, 0x6}}]}}, 0x96) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x7, 0x0, 0x200d}}}, 0x7) (async)

13:51:58 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000000300bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:58 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x3c0)

13:51:58 executing program 3:
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x1, 0x91}, @l2cap_cid_signaling={{0x8d}, [@l2cap_disconn_req={{0x6, 0x7f, 0x4}, {0xf653, 0x3}}, @l2cap_conn_rsp={{0x3, 0xd, 0x8}, {0x4, 0x6, 0x3f, 0x3}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x5, 0x2}, {0x3ff}}, @l2cap_conf_req={{0x4, 0x7, 0x30}, {0xff, 0x8, [@l2cap_conf_efs={0x6, 0x10, {0xc6, 0x3, 0x6, 0x3, 0x1, 0x10000}}, @l2cap_conf_efs={0x6, 0x10, {0x7f, 0x2, 0x8, 0x0, 0x4, 0x100}}, @l2cap_conf_flushto={0x2, 0x2, 0x1}, @l2cap_conf_flushto={0x2, 0x2, 0x3}]}}, @l2cap_disconn_req={{0x6, 0x9, 0x4}, {0x97a2, 0xd35}}, @l2cap_conf_req={{0x4, 0x0, 0x18}, {0x5, 0x100, [@l2cap_conf_mtu={0x1, 0x2, 0x200}, @l2cap_conf_flushto={0x2, 0x2, 0x30}, @l2cap_conf_flushto={0x2, 0x2}, @l2cap_conf_ews={0x7, 0x2, 0x4}, @l2cap_conf_flushto={0x2, 0x2, 0x5}]}}, @l2cap_create_chan_rsp={{0xd, 0x3, 0x8}, {0x7ff, 0x0, 0x4, 0x91a}}, @l2cap_move_chan_req={{0xe, 0x1, 0x3}, {0x100, 0xd}}, @l2cap_conn_req={{0x2, 0x1, 0x4}, {0x5, 0x6}}]}}, 0x96) (async, rerun: 64)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x7, 0x0, 0x200d}}}, 0x7) (rerun: 64)

13:51:58 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)

[ 2350.102226][T17952] Bluetooth: Unexpected continuation frame (len 16)
[ 2350.110127][T17952] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci8/hci8:200'
[ 2350.120570][T17952] CPU: 1 PID: 17952 Comm: kworker/u5:1 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2350.130913][T17952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2350.141030][T17952] Workqueue: hci8 hci_rx_work
[ 2350.145840][T17952] Call Trace:
[ 2350.149126][T17952]  <TASK>
[ 2350.152071][T17952]  dump_stack_lvl+0xcd/0x134
[ 2350.156698][T17952]  sysfs_warn_dup.cold+0x1c/0x29
[ 2350.161678][T17952]  sysfs_create_dir_ns+0x233/0x290
[ 2350.166806][T17952]  ? sysfs_create_mount_point+0xb0/0xb0
[ 2350.172455][T17952]  ? rwlock_bug.part.0+0x90/0x90
[ 2350.177417][T17952]  ? do_raw_spin_unlock+0x171/0x230
[ 2350.182663][T17952]  kobject_add_internal+0x2c9/0x8f0
[ 2350.187999][T17952]  ? kasan_quarantine_put+0x81/0x210
[ 2350.193338][T17952]  kobject_add+0x150/0x1c0
[ 2350.197772][T17952]  ? kset_create_and_add+0x1a0/0x1a0
[ 2350.203091][T17952]  ? kfree_const+0x51/0x60
[ 2350.207577][T17952]  ? kfree+0xe2/0x580
[ 2350.211576][T17952]  ? rcu_read_lock_sched_held+0x3a/0x70
[ 2350.217150][T17952]  device_add+0x368/0x1e90
[ 2350.221664][T17952]  ? dev_set_name+0xbb/0xf0
[ 2350.226188][T17952]  ? device_initialize+0x540/0x540
[ 2350.231315][T17952]  ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0
[ 2350.237588][T17952]  ? hci_le_cis_estabilished_evt+0x1ee/0xae0
[ 2350.243644][T17952]  ? lock_downgrade+0x6e0/0x6e0
[ 2350.248508][T17952]  ? hci_event_packet+0x425/0xfd0
[ 2350.253558][T17952]  hci_conn_add_sysfs+0x9b/0x1b0
[ 2350.258564][T17952]  hci_le_cis_estabilished_evt+0x57c/0xae0
[ 2350.264396][T17952]  ? hci_cc_le_set_random_addr+0x290/0x290
[ 2350.270315][T17952]  ? wait_for_completion_io_timeout+0x20/0x20
[ 2350.276508][T17952]  hci_le_meta_evt+0x2b8/0x510
[ 2350.281312][T17952]  ? hci_cc_le_set_random_addr+0x290/0x290
[ 2350.287151][T17952]  hci_event_packet+0x63d/0xfd0
[ 2350.292149][T17952]  ? hci_conn_drop+0x2f0/0x2f0
[ 2350.296977][T17952]  ? hci_cs_create_conn+0x3a0/0x3a0
[ 2350.302307][T17952]  ? kcov_remote_start+0x156/0x7a0
[ 2350.307484][T17952]  hci_rx_work+0xae7/0x1230
[ 2350.312034][T17952]  process_one_work+0x991/0x1610
[ 2350.317035][T17952]  ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 2350.322443][T17952]  ? rwlock_bug.part.0+0x90/0x90
[ 2350.327575][T17952]  ? _raw_spin_lock_irq+0x41/0x50
[ 2350.332768][T17952]  worker_thread+0x665/0x1080
[ 2350.337508][T17952]  ? __kthread_parkme+0x15f/0x220
[ 2350.342568][T17952]  ? process_one_work+0x1610/0x1610
[ 2350.347900][T17952]  kthread+0x2e4/0x3a0
13:51:58 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000000500bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2350.352351][T17952]  ? kthread_complete_and_exit+0x40/0x40
[ 2350.358278][T17952]  ret_from_fork+0x1f/0x30
[ 2350.362830][T17952]  </TASK>
[ 2350.367572][T17952] kobject_add_internal failed for hci8:200 with -EEXIST, don't try to register things with the same name in the same directory.
[ 2350.381285][T17952] Bluetooth: hci8: failed to register connection device
13:51:58 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (async)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x6, 0xa}, {0x3, 0x4, 0x0, 0x0, 0x4}}}}, 0x17) (async)
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="02c8e01e001a000500170516008000f8ff010009000600ed0e01000300040008000200", @ANYRESOCT=0x0, @ANYRESHEX, @ANYBLOB="fb82f04e81c97e6149024599d1abf34e4db4ea403379907ec21bd907210c40cee58f75e1c8883f0c97abf17de88091a997963ddb7742b8670f0a0fd44ec2888cfe2805403fde1c392d74d04469acd7663718453dd5dcf5", @ANYRES8, @ANYRESHEX], 0x23) (async)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2) (async)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c810f5bb70ecdaa154f80fe45100f9dbaeedc3abc8201f2e3245a9d719a4f99710000c0001010305be30cb404caf2ce818b00800050000020383fc6dc73523cdff9b6bbe3b362b001209"], 0x15)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x1d}, @hci_evt_le_cis_established={{}, {0x0, 0xc8, "5cd56e", "c13aa4", "2dacc3", "0aa0bd", 0x3, 0x6, 0x0, 0xff, 0x9, 0x40, 0x0, 0x400, 0x401, 0x7}}}}, 0x20)

13:51:58 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

13:51:58 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x3d8)

13:51:58 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x1}, "ee"}, 0x5)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x98}, "f53e59147402ed28751349f21ee2d04569df49ed9a4d02891ed10ae9baf6679acd4e0b4f0f15d289a652c2d2248466bbb10f8374d498aeb6bfd29a961984a93ef986d1c96774c3e0adaa908b4230a42e68944ee356626fd7d08937f3d3fd21345c8a1b6ec00fa84fc7fb5a475ae2b9342e4c12bfe5cac10fcbdf4ab35064526a1300f22290d1fd8894112c1df79d5a9a06003c1cd0248fa2"}, 0x9c)

13:51:58 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0x0, 0x1000}, "c24c3c02a893a76985280b076e1fb6f487cc00838162ad97d672694d5de564ecdc9a78d08bb2f95495a6254639d4bd5e8d560da7d7a90afa449e3e2a728f88ccce8e2328db6a492e01369f9998c3e1a674f7d251ccde8ad578929ddf4faf1620cd0bac2d93d91fdda262386f2beca09a8119979fc94d0b47954f331c22828f3115d0c1c7cf0a79639fe2954ada06e1d6b0a395e27a7931df6300de57824e1b4629dc9fd8a8e1c3e565d987df28321a6c1c4c16da8879a98928c629d956f8cb6ec025c5c6876fc55ff8c8ee1f3de9d0a10c23b421a228e70715a0a531d60acdda784ba1fd954c37bda65e41e99b25ea69ec674cfca190d86a79ddef6ea5e05d87ef8f85a73de8057132e087018cd66d96c1ab7c3d910da8aabd59421ca49f9b9f974b9c4a1ccae2e369901238c3968c4ae0ec56838b6266bb8b69e4c420317507485feba2e9d8e9eb12009c484628d5dd8795b21db5a4f176abf80ccd4c883c05e43f8a2e19faeaf735f718e3b736b38109f58f5de0f6948a4e059f9eb45462d0b250e540a28324ed9b8aef2825c021e31c56faea2d0c000bb8d56a7fd9f1c8c5218c733c7b190c4fa11d48517801630b103f8db4b1476e7c49506fe5f5357cea07b4180154d11fba86dd369c894a3f00b73b3e642c9a0d5a0318baf7b7f5b6f927144dca14d34a9d74c992def4a71613e8c070c43550850dfd2ff69b6e785c398b526cf28d5decd7800737ce378eacd3f6f8c636915a8cbeb08a06650a1639ddf6abe3e7cc262e70ba236797aca06e3376394e231208c4119534d08012bf3856b3eb239aefae6ca324a8e08894702e50eaea75c949a5927e6884975b374c69972ac4975bb15c0e769eb6ff7aec027dc4d2e4c20b91c792c06a9e4475c91c23901b82c61b0fda4a2931744cd97271b2ef27c0f7bdeaac7d688bdab461b8ad8cef723f7ed554773b0242576e0342ba973cbdf3dd401a05ee84e23ffd98008e213016bc6c208ed12511de81bf9ad196cffe049f53e14f6018b50abaf9591f197b55d179020d6fa5fdad3d996294fd99cc679dbdf7c84446b3ad9d5221142c0fed40f0889819a5f836eae7840f1fce89e57885a22df56b37e7149ea9e18ec703fc6cf8bcbf4ea657b984869ea9444fdab74601abcd860fb32d44115f553ea1797be67e1736e46f4ac66b6fd71d6ba6fd2925bdffe7c42ac818e68114178568f1f81edf6f91b2b14f17c45fef852432a4e22b43a60228685906cbd0e0d3a31a88a2150f6e2fdfd574aafb517cd6080b5566047c7206527d7695d69315396c0ae879fa4e1262e195d39790692823fb8a8d8b1385245d337945ede6fa4e24bb8c7fbf7c7b4722f73b05fd237cfa22b5ceb4102b26a61a4c17225b74167e1f73ee3366824feadff664734eb33ff9e31f1941fd98abcb632f1a70b0b682a8183b85c65eedf311f972e1509654cbe6a39a158f1afe7f7d3c4a6014757f3b566a05544b74ec2d9ea481c68af16ef2d4466ad80604b4a73720ebe9b4b2bd9d4095613906d3df5b4e76e2595951a10da33e49e5b88d64a7efdb6c35f557c39b66738ce30236b4772af1752217a099edb8e34f1415c5ef17a6a6230d3d0dc74e6555903a6b82d9d7268dce4f97cac1ef38777f4488bb184e5d9141e79a85403021fde9c744ac19efa00cf600ea19b97f739dcddd383863e5c3dcab862751ff1401845a48f424b6d81d7f0e9087bc8b9df9c811bd094391613e53b3bfcdc667c2c070ecd1f1442cadecc12a26624c8de8625792e5a1228e4247a7caa2e2dcda8ef45b9bcca6316fd729a0b8a65572f20df1ab5bf61d021be0d1511478d0d57893c97ea32837c031bbec9eca1b86255301faf13b9b2349788c817ff3e2df3ffc28eb2e6684545bd52eaa449091e661f057ffd493fa056d719c5217ba290d07eff32fb76a58d3f97dec400880646bdf3f48aa854115c97bbc56a4205cac0a2c3e42ce46aa531181beabd6f54c7bc7c29365f8a9a46af2b28385a5ac9d827cdbdb21457619f9bf6e3a308542018cae05f5184e8ca3e7f0696918d76537be19d09ace97f906bfd55618d377768dfa9decb1ef9a25b6fe2b1f675cda46e86797538d6b709de299601f5300901d282869c917e399c97c4138f5c19eb33e3ea0bc39dfa221cf617a5e9b71a1a4283d9d3a724602b1efe52858b9b694345d1afe943c6d4132ac37dbb59a7e6302c88c1975f45173b67e4d583962e6d7d539b6ec77fa3cd2216de06f02a598636b77e36630937ef50b0a47a881ec06a192d95e00429de3986f3b5a5959f2608296c4f90bbf61d2d697c9cdfa73d278fb288a6995d9ea1b96b2afd98c89b5a95afb26e7e69e781e1389391eb157c628f5ccc2de002e8560d4fa59e2aa3ed20dd2fb8806f6d41ee97e5f8e5cd1862316290bf177f6e472a05c8bda70a61da5e1940a4c874e5fb2be53b1e60d1b84c46dbe799b84cb08643a16442a60228004f78eeaa9957f325842c5e3f0e16b55786db192d205c3aeaaf939e08390c1ed52e561aaa93f29b975b85240efac9ab3c181357d50ae65ef3a8747870b38d94d0f92d41442eda1bb1fd967094469411e47fbbdb6b6875adfdcb612e4a24f3e9c650fd398ff60183804e29f2ab353819290e7df0b361ac5430a217250a6d7edd9f1c330414a80b47335abd544cb31785c75d331d3ab3dc9e037f49c543bf104baa58d659af2a6efba2dec1588ee4afdd602412bdaee09c6269aa10a41f0bd720c2df4d2395c54c5621edc5fa98e54e817af6f60e9b6b113fec3121836cae730ca030f56328c55e2d623ba4be1ccef3922dafc86b466f8927a9df58c995c3a1f9d426f44b4c6174b8e9cc933c0e89552d4048a9c3b872c125a0d7a873cfde9a0da90a9f3f3935eb3c8a3c248c5846a812a576abcc7e16859f95444504b47ae82f1cb94f9ab0b4b4b51a029226c3d0a63f9b56b6c1afcaa85f5488b4a04ecdec96071488cdbdfdef123f7c050db60e487345e03c312d79f1c5217a7046e8c2eb11d04328c0848d35438890dd36235cf30a79085f78d5c4915f0e076dd817ba6e712dbd8d5fa60c4b2bd32abaa1aa1932b67a17c639e50df1eeaf6000d83685e4ca26e65ada3bd553959a48fad1589983e5f13ce86ac985d966246b74b9a04e7addb78320525e2c17175d19aa9e103c45a0243ff37e19c222fcdf1ba6dfabb5879efcb35f7ac9c4d970a99b07ec6b80d91e5c5373b0792c745d0ee70c48ca393d324e2d68525417e0031438bd91698ce6fc4f0bab5e46a89422669004d22362b88270bec75084f30c70bb8a7f536596333465f8a0e952fd753af8cb76d4dcc608a68f0435615af7bdcde370e6f3be5583342ce22da5ee0a28c9c1d30a1d36c21d1da19c0ad6d520059920b6ae8f41b27e2739f39b0ddb6aec38fbfd094de9a0f1c3f3a64993a7bfe0534ca478022ebbdc42e0e988f8c82baa48e74448f4d69e0309077741562fe691822cd952ac1d6eaf0dd8a4e70e3bd8398447b17e054ed77712f224310d12d4cd0cb0d1bfb17cb7c4422aeaa06b062aca2a9696deee4d3087f0090a9992a878cdc5cb906425b45b82e7b31f60fe5b5627331aca3f16f832b1abfd99871985b572964ac4e1952e18baa839342bf3bd6557dc4435cc1a4fdc99973d446ec423a4d6066e0b5e11a12704d632391a1db01e1aa650045415170780076b5a43fd5ac7b66ef79bf7856e21f358ff28d7fde42c2d5e958bf4a6c248632c4ecc1166ebd946b305f65f6253eee4c2944d5878fd6abfaaed65bb630a39d18ad0898e5bb28010064b8e23dd2e9fe08d1aba67e95e400f34dbf144c6d00b51d36779a736e6b74de9c4ec520f031f1148e943a86ec021abb30cad104b7ef8707f40f1756b9b712bb21514e7a16231e1f01b51ad16c1b423cb042eb9c77bdb28e1ffb84a466751469d45414879078fe6f207cf347e90aa576d35cc789aab9925b9de1df99cd3aefbc18c159b97a07c28a2d8d60450af5f1ba6f1bf8e91e3a8e6623b59967a2fd48ca4e5eed3dc56858cbdd730b2889646a1b51204eaf9d738b5f18981a3e3d2899ec44157f0bf95e025dc6aef1abd19cf24b54603d4c1be9b644176577b2c05c42f3197532d5e23a944b227ea1a680f7ffbad530ad882d50c6155816baded6bf9eb6b255cb921093d6e47838172d14937bb18d1c262f0a337466f81502bc2e10c1de2a5c2e4f32c534f8ec5951f95410f810fccdef988c1103cb2e4e41a8d8ed5cacc69ab2c620ded1fba72ec0f40d687ba17bf2e62d1525405e59654e554c6a207706f8c20e883482e19db88a1027201aa2de19e361f171a88fe7959256465222c8436987885f94aa6fe5ec52c35750d334382fa1ada6f278f2ad719d327356c5bdc88a160fb59a7eb114cdbb4ac94e9ff134bb4dd211cee8585c860c36af1540c6d45762aaf555a207910fa800f4a09bca98e807ee8f2479c2375f1f890629c657f8a37a902da7943ad85925b38816da06377537d6d3abd4081f696be3e1ce58659b8a12c79a9d9d2938eab795e0b76a03b7f8971d0389944c991c77ecda8ff96b2b4c947c112a6803588594e0fef1e6aa37e9a69a74b8f7f8e4ad6fc0b6e87c287062c315d67a5e2d1004d5d17f84e70a832151e269bef77f033f137b1c0f68df5a5d30b917132e1209ffe4e4394d5d6e361b442f0e3d52b858382cf87c9cffb7f1a439d393e3863723211c7f58600e5293156e3e78e79c9f7ffd430b7b690cf58687aab8d0c4117aa8c743094db59376ffb3278dcc67299eac997222c0ddb874454943de4b103e08d54fcdf640558c13239ce10c6487b040e970a9753be45db38bf1a182f652aea74f98a4297ff7e43572f08c98cbbc0db7ef71c1c7b0d0e1286524b3fd3f2b77b17b2b92f4474be9a986e93aaf3a26fdb6c25328f5be79a3ae183703907c06e65bfa8bc74989ccdb4ecb6999b066c86e7f68d037553d40e4ff2069bf88d509041a768553f0b8b6a251591deaf1669d90b643cbe2ac901d3a9a604eb4617640a26fb81a6d270f98c0f5fb808d3bec8b7a26280cbc13f4fb2b88ca656b77f543353e12aa31800974adfb84e13cc5e596afb48665caf46cb40dd4ed45db8e1d4ae343cd3ff15074f60b88e86cb4bfdd11236adff61c8f746e2c9a6ec2c1afc24f49c65637a99a43da80978d28ab344ff39f259d68a51449621ecf7dab2441a10ef6962c3b3400c50e1895e32d9e48746e445b19edca178044b5acc0890041324a6d2284abbc8a1550c215e4b2f7c4cb2784d3378861410a8812be01e8932f05dc2d8ec66a531d9559443b96202693b4f5c81eba1a15cd734f23d3f145f9c757fa0246d98e84c06c17471b75573f9234aa112384e26935be101c3edc6ce4848e04c6c8a1fa60c363fa20f292f76cb7ea0b8d3c8b300748b70803eb4290fd9e65548ed2acbcecba04dba662727000df30ed3c19ec816be768869d1d5d48f6134043c3c0b95c36497854be91f63e28454d14c9e683e0bb0e5fdcd566e51826ccd30c232c6ac4db56dcd1dd63b6b3f1d0ed1407a2fe832f25364291723bc6fc3e18d62bc247b9e7fe7457b5b1e4ebe99c293eae76937047af6ad2039e1c8de66f0d85e8ed235cf718cd14bbb45fe817cca95be81abbf7ce7c68cdc4075f279042d40a305a23057ea297969c355ae3f5f8b7b61c16ff6fdf8f01f30dcf2c37a21ce5639c17b75e4494c5578596c37eddc48465b1f2b89a5535914d40ad4028557fbeac5b8d4e16d6b080a8b9a227161c1faa8bbb881cc9f0"}, 0x1004)
syz_emit_vhci(&(0x7f0000001080)=@HCI_EVENT_PKT={0x4, @hci_ev_logical_link_complete={{0x45, 0x5}, {0x23, 0xc8, 0xc9, 0x50}}}, 0x8)

[ 2350.514978][T17952] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci8/hci8:200'
[ 2350.524940][T17952] CPU: 1 PID: 17952 Comm: kworker/u5:1 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2350.535307][T17952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2350.545399][T17952] Workqueue: hci8 hci_rx_work
[ 2350.550132][T17952] Call Trace:
[ 2350.553448][T17952]  <TASK>
[ 2350.556415][T17952]  dump_stack_lvl+0xcd/0x134
13:51:58 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x1}, "ee"}, 0x5)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x98}, "f53e59147402ed28751349f21ee2d04569df49ed9a4d02891ed10ae9baf6679acd4e0b4f0f15d289a652c2d2248466bbb10f8374d498aeb6bfd29a961984a93ef986d1c96774c3e0adaa908b4230a42e68944ee356626fd7d08937f3d3fd21345c8a1b6ec00fa84fc7fb5a475ae2b9342e4c12bfe5cac10fcbdf4ab35064526a1300f22290d1fd8894112c1df79d5a9a06003c1cd0248fa2"}, 0x9c)

13:51:58 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000000600bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2350.561160][T17952]  sysfs_warn_dup.cold+0x1c/0x29
[ 2350.566164][T17952]  sysfs_create_dir_ns+0x233/0x290
[ 2350.571590][T17952]  ? sysfs_create_mount_point+0xb0/0xb0
[ 2350.577204][T17952]  ? rwlock_bug.part.0+0x90/0x90
[ 2350.582348][T17952]  ? do_raw_spin_unlock+0x171/0x230
[ 2350.587601][T17952]  kobject_add_internal+0x2c9/0x8f0
[ 2350.592879][T17952]  kobject_add+0x150/0x1c0
[ 2350.597326][T17952]  ? kset_create_and_add+0x1a0/0x1a0
[ 2350.602637][T17952]  ? lockdep_init_map_type+0x21a/0x7f0
[ 2350.608254][T17952]  ? __raw_spin_lock_init+0x36/0x110
[ 2350.613678][T17952]  device_add+0x368/0x1e90
[ 2350.618209][T17952]  ? dev_set_name+0xbb/0xf0
[ 2350.622820][T17952]  ? device_initialize+0x540/0x540
[ 2350.627947][T17952]  ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0
[ 2350.634208][T17952]  ? hci_le_cis_estabilished_evt+0x1ee/0xae0
[ 2350.640300][T17952]  ? lock_downgrade+0x6e0/0x6e0
[ 2350.645166][T17952]  ? hci_event_packet+0x425/0xfd0
[ 2350.650222][T17952]  hci_conn_add_sysfs+0x9b/0x1b0
[ 2350.655177][T17952]  hci_le_cis_estabilished_evt+0x57c/0xae0
[ 2350.661007][T17952]  ? hci_cc_le_set_random_addr+0x290/0x290
[ 2350.666833][T17952]  ? wait_for_completion_io_timeout+0x20/0x20
[ 2350.672936][T17952]  hci_le_meta_evt+0x2b8/0x510
[ 2350.677719][T17952]  ? hci_cc_le_set_random_addr+0x290/0x290
[ 2350.683560][T17952]  hci_event_packet+0x63d/0xfd0
[ 2350.688447][T17952]  ? hci_conn_drop+0x2f0/0x2f0
[ 2350.693243][T17952]  ? hci_cs_create_conn+0x3a0/0x3a0
[ 2350.698457][T17952]  ? kcov_remote_start+0x156/0x7a0
[ 2350.703610][T17952]  hci_rx_work+0xae7/0x1230
[ 2350.708220][T17952]  process_one_work+0x991/0x1610
[ 2350.713212][T17952]  ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 2350.718642][T17952]  ? rwlock_bug.part.0+0x90/0x90
[ 2350.723596][T17952]  ? _raw_spin_lock_irq+0x41/0x50
[ 2350.728717][T17952]  worker_thread+0x665/0x1080
[ 2350.733537][T17952]  ? __kthread_parkme+0x15f/0x220
[ 2350.738606][T17952]  ? process_one_work+0x1610/0x1610
[ 2350.743866][T17952]  kthread+0x2e4/0x3a0
[ 2350.747972][T17952]  ? kthread_complete_and_exit+0x40/0x40
[ 2350.753661][T17952]  ret_from_fork+0x1f/0x30
[ 2350.758134][T17952]  </TASK>
13:51:59 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (async)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x6, 0xa}, {0x3, 0x4, 0x0, 0x0, 0x4}}}}, 0x17) (async)
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="02c8e01e001a000500170516008000f8ff010009000600ed0e01000300040008000200", @ANYRESOCT=0x0, @ANYRESHEX, @ANYBLOB="fb82f04e81c97e6149024599d1abf34e4db4ea403379907ec21bd907210c40cee58f75e1c8883f0c97abf17de88091a997963ddb7742b8670f0a0fd44ec2888cfe2805403fde1c392d74d04469acd7663718453dd5dcf5", @ANYRES8, @ANYRESHEX], 0x23)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2) (async)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c810f5bb70ecdaa154f80fe45100f9dbaeedc3abc8201f2e3245a9d719a4f99710000c0001010305be30cb404caf2ce818b00800050000020383fc6dc73523cdff9b6bbe3b362b001209"], 0x15) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x1d}, @hci_evt_le_cis_established={{}, {0x0, 0xc8, "5cd56e", "c13aa4", "2dacc3", "0aa0bd", 0x3, 0x6, 0x0, 0xff, 0x9, 0x40, 0x0, 0x400, 0x401, 0x7}}}}, 0x20)

13:51:59 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x3f0)

[ 2350.765786][T17952] kobject_add_internal failed for hci8:200 with -EEXIST, don't try to register things with the same name in the same directory.
[ 2350.786443][T17952] Bluetooth: hci8: failed to register connection device
13:51:59 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0x0, 0x1000}, "c24c3c02a893a76985280b076e1fb6f487cc00838162ad97d672694d5de564ecdc9a78d08bb2f95495a6254639d4bd5e8d560da7d7a90afa449e3e2a728f88ccce8e2328db6a492e01369f9998c3e1a674f7d251ccde8ad578929ddf4faf1620cd0bac2d93d91fdda262386f2beca09a8119979fc94d0b47954f331c22828f3115d0c1c7cf0a79639fe2954ada06e1d6b0a395e27a7931df6300de57824e1b4629dc9fd8a8e1c3e565d987df28321a6c1c4c16da8879a98928c629d956f8cb6ec025c5c6876fc55ff8c8ee1f3de9d0a10c23b421a228e70715a0a531d60acdda784ba1fd954c37bda65e41e99b25ea69ec674cfca190d86a79ddef6ea5e05d87ef8f85a73de8057132e087018cd66d96c1ab7c3d910da8aabd59421ca49f9b9f974b9c4a1ccae2e369901238c3968c4ae0ec56838b6266bb8b69e4c420317507485feba2e9d8e9eb12009c484628d5dd8795b21db5a4f176abf80ccd4c883c05e43f8a2e19faeaf735f718e3b736b38109f58f5de0f6948a4e059f9eb45462d0b250e540a28324ed9b8aef2825c021e31c56faea2d0c000bb8d56a7fd9f1c8c5218c733c7b190c4fa11d48517801630b103f8db4b1476e7c49506fe5f5357cea07b4180154d11fba86dd369c894a3f00b73b3e642c9a0d5a0318baf7b7f5b6f927144dca14d34a9d74c992def4a71613e8c070c43550850dfd2ff69b6e785c398b526cf28d5decd7800737ce378eacd3f6f8c636915a8cbeb08a06650a1639ddf6abe3e7cc262e70ba236797aca06e3376394e231208c4119534d08012bf3856b3eb239aefae6ca324a8e08894702e50eaea75c949a5927e6884975b374c69972ac4975bb15c0e769eb6ff7aec027dc4d2e4c20b91c792c06a9e4475c91c23901b82c61b0fda4a2931744cd97271b2ef27c0f7bdeaac7d688bdab461b8ad8cef723f7ed554773b0242576e0342ba973cbdf3dd401a05ee84e23ffd98008e213016bc6c208ed12511de81bf9ad196cffe049f53e14f6018b50abaf9591f197b55d179020d6fa5fdad3d996294fd99cc679dbdf7c84446b3ad9d5221142c0fed40f0889819a5f836eae7840f1fce89e57885a22df56b37e7149ea9e18ec703fc6cf8bcbf4ea657b984869ea9444fdab74601abcd860fb32d44115f553ea1797be67e1736e46f4ac66b6fd71d6ba6fd2925bdffe7c42ac818e68114178568f1f81edf6f91b2b14f17c45fef852432a4e22b43a60228685906cbd0e0d3a31a88a2150f6e2fdfd574aafb517cd6080b5566047c7206527d7695d69315396c0ae879fa4e1262e195d39790692823fb8a8d8b1385245d337945ede6fa4e24bb8c7fbf7c7b4722f73b05fd237cfa22b5ceb4102b26a61a4c17225b74167e1f73ee3366824feadff664734eb33ff9e31f1941fd98abcb632f1a70b0b682a8183b85c65eedf311f972e1509654cbe6a39a158f1afe7f7d3c4a6014757f3b566a05544b74ec2d9ea481c68af16ef2d4466ad80604b4a73720ebe9b4b2bd9d4095613906d3df5b4e76e2595951a10da33e49e5b88d64a7efdb6c35f557c39b66738ce30236b4772af1752217a099edb8e34f1415c5ef17a6a6230d3d0dc74e6555903a6b82d9d7268dce4f97cac1ef38777f4488bb184e5d9141e79a85403021fde9c744ac19efa00cf600ea19b97f739dcddd383863e5c3dcab862751ff1401845a48f424b6d81d7f0e9087bc8b9df9c811bd094391613e53b3bfcdc667c2c070ecd1f1442cadecc12a26624c8de8625792e5a1228e4247a7caa2e2dcda8ef45b9bcca6316fd729a0b8a65572f20df1ab5bf61d021be0d1511478d0d57893c97ea32837c031bbec9eca1b86255301faf13b9b2349788c817ff3e2df3ffc28eb2e6684545bd52eaa449091e661f057ffd493fa056d719c5217ba290d07eff32fb76a58d3f97dec400880646bdf3f48aa854115c97bbc56a4205cac0a2c3e42ce46aa531181beabd6f54c7bc7c29365f8a9a46af2b28385a5ac9d827cdbdb21457619f9bf6e3a308542018cae05f5184e8ca3e7f0696918d76537be19d09ace97f906bfd55618d377768dfa9decb1ef9a25b6fe2b1f675cda46e86797538d6b709de299601f5300901d282869c917e399c97c4138f5c19eb33e3ea0bc39dfa221cf617a5e9b71a1a4283d9d3a724602b1efe52858b9b694345d1afe943c6d4132ac37dbb59a7e6302c88c1975f45173b67e4d583962e6d7d539b6ec77fa3cd2216de06f02a598636b77e36630937ef50b0a47a881ec06a192d95e00429de3986f3b5a5959f2608296c4f90bbf61d2d697c9cdfa73d278fb288a6995d9ea1b96b2afd98c89b5a95afb26e7e69e781e1389391eb157c628f5ccc2de002e8560d4fa59e2aa3ed20dd2fb8806f6d41ee97e5f8e5cd1862316290bf177f6e472a05c8bda70a61da5e1940a4c874e5fb2be53b1e60d1b84c46dbe799b84cb08643a16442a60228004f78eeaa9957f325842c5e3f0e16b55786db192d205c3aeaaf939e08390c1ed52e561aaa93f29b975b85240efac9ab3c181357d50ae65ef3a8747870b38d94d0f92d41442eda1bb1fd967094469411e47fbbdb6b6875adfdcb612e4a24f3e9c650fd398ff60183804e29f2ab353819290e7df0b361ac5430a217250a6d7edd9f1c330414a80b47335abd544cb31785c75d331d3ab3dc9e037f49c543bf104baa58d659af2a6efba2dec1588ee4afdd602412bdaee09c6269aa10a41f0bd720c2df4d2395c54c5621edc5fa98e54e817af6f60e9b6b113fec3121836cae730ca030f56328c55e2d623ba4be1ccef3922dafc86b466f8927a9df58c995c3a1f9d426f44b4c6174b8e9cc933c0e89552d4048a9c3b872c125a0d7a873cfde9a0da90a9f3f3935eb3c8a3c248c5846a812a576abcc7e16859f95444504b47ae82f1cb94f9ab0b4b4b51a029226c3d0a63f9b56b6c1afcaa85f5488b4a04ecdec96071488cdbdfdef123f7c050db60e487345e03c312d79f1c5217a7046e8c2eb11d04328c0848d35438890dd36235cf30a79085f78d5c4915f0e076dd817ba6e712dbd8d5fa60c4b2bd32abaa1aa1932b67a17c639e50df1eeaf6000d83685e4ca26e65ada3bd553959a48fad1589983e5f13ce86ac985d966246b74b9a04e7addb78320525e2c17175d19aa9e103c45a0243ff37e19c222fcdf1ba6dfabb5879efcb35f7ac9c4d970a99b07ec6b80d91e5c5373b0792c745d0ee70c48ca393d324e2d68525417e0031438bd91698ce6fc4f0bab5e46a89422669004d22362b88270bec75084f30c70bb8a7f536596333465f8a0e952fd753af8cb76d4dcc608a68f0435615af7bdcde370e6f3be5583342ce22da5ee0a28c9c1d30a1d36c21d1da19c0ad6d520059920b6ae8f41b27e2739f39b0ddb6aec38fbfd094de9a0f1c3f3a64993a7bfe0534ca478022ebbdc42e0e988f8c82baa48e74448f4d69e0309077741562fe691822cd952ac1d6eaf0dd8a4e70e3bd8398447b17e054ed77712f224310d12d4cd0cb0d1bfb17cb7c4422aeaa06b062aca2a9696deee4d3087f0090a9992a878cdc5cb906425b45b82e7b31f60fe5b5627331aca3f16f832b1abfd99871985b572964ac4e1952e18baa839342bf3bd6557dc4435cc1a4fdc99973d446ec423a4d6066e0b5e11a12704d632391a1db01e1aa650045415170780076b5a43fd5ac7b66ef79bf7856e21f358ff28d7fde42c2d5e958bf4a6c248632c4ecc1166ebd946b305f65f6253eee4c2944d5878fd6abfaaed65bb630a39d18ad0898e5bb28010064b8e23dd2e9fe08d1aba67e95e400f34dbf144c6d00b51d36779a736e6b74de9c4ec520f031f1148e943a86ec021abb30cad104b7ef8707f40f1756b9b712bb21514e7a16231e1f01b51ad16c1b423cb042eb9c77bdb28e1ffb84a466751469d45414879078fe6f207cf347e90aa576d35cc789aab9925b9de1df99cd3aefbc18c159b97a07c28a2d8d60450af5f1ba6f1bf8e91e3a8e6623b59967a2fd48ca4e5eed3dc56858cbdd730b2889646a1b51204eaf9d738b5f18981a3e3d2899ec44157f0bf95e025dc6aef1abd19cf24b54603d4c1be9b644176577b2c05c42f3197532d5e23a944b227ea1a680f7ffbad530ad882d50c6155816baded6bf9eb6b255cb921093d6e47838172d14937bb18d1c262f0a337466f81502bc2e10c1de2a5c2e4f32c534f8ec5951f95410f810fccdef988c1103cb2e4e41a8d8ed5cacc69ab2c620ded1fba72ec0f40d687ba17bf2e62d1525405e59654e554c6a207706f8c20e883482e19db88a1027201aa2de19e361f171a88fe7959256465222c8436987885f94aa6fe5ec52c35750d334382fa1ada6f278f2ad719d327356c5bdc88a160fb59a7eb114cdbb4ac94e9ff134bb4dd211cee8585c860c36af1540c6d45762aaf555a207910fa800f4a09bca98e807ee8f2479c2375f1f890629c657f8a37a902da7943ad85925b38816da06377537d6d3abd4081f696be3e1ce58659b8a12c79a9d9d2938eab795e0b76a03b7f8971d0389944c991c77ecda8ff96b2b4c947c112a6803588594e0fef1e6aa37e9a69a74b8f7f8e4ad6fc0b6e87c287062c315d67a5e2d1004d5d17f84e70a832151e269bef77f033f137b1c0f68df5a5d30b917132e1209ffe4e4394d5d6e361b442f0e3d52b858382cf87c9cffb7f1a439d393e3863723211c7f58600e5293156e3e78e79c9f7ffd430b7b690cf58687aab8d0c4117aa8c743094db59376ffb3278dcc67299eac997222c0ddb874454943de4b103e08d54fcdf640558c13239ce10c6487b040e970a9753be45db38bf1a182f652aea74f98a4297ff7e43572f08c98cbbc0db7ef71c1c7b0d0e1286524b3fd3f2b77b17b2b92f4474be9a986e93aaf3a26fdb6c25328f5be79a3ae183703907c06e65bfa8bc74989ccdb4ecb6999b066c86e7f68d037553d40e4ff2069bf88d509041a768553f0b8b6a251591deaf1669d90b643cbe2ac901d3a9a604eb4617640a26fb81a6d270f98c0f5fb808d3bec8b7a26280cbc13f4fb2b88ca656b77f543353e12aa31800974adfb84e13cc5e596afb48665caf46cb40dd4ed45db8e1d4ae343cd3ff15074f60b88e86cb4bfdd11236adff61c8f746e2c9a6ec2c1afc24f49c65637a99a43da80978d28ab344ff39f259d68a51449621ecf7dab2441a10ef6962c3b3400c50e1895e32d9e48746e445b19edca178044b5acc0890041324a6d2284abbc8a1550c215e4b2f7c4cb2784d3378861410a8812be01e8932f05dc2d8ec66a531d9559443b96202693b4f5c81eba1a15cd734f23d3f145f9c757fa0246d98e84c06c17471b75573f9234aa112384e26935be101c3edc6ce4848e04c6c8a1fa60c363fa20f292f76cb7ea0b8d3c8b300748b70803eb4290fd9e65548ed2acbcecba04dba662727000df30ed3c19ec816be768869d1d5d48f6134043c3c0b95c36497854be91f63e28454d14c9e683e0bb0e5fdcd566e51826ccd30c232c6ac4db56dcd1dd63b6b3f1d0ed1407a2fe832f25364291723bc6fc3e18d62bc247b9e7fe7457b5b1e4ebe99c293eae76937047af6ad2039e1c8de66f0d85e8ed235cf718cd14bbb45fe817cca95be81abbf7ce7c68cdc4075f279042d40a305a23057ea297969c355ae3f5f8b7b61c16ff6fdf8f01f30dcf2c37a21ce5639c17b75e4494c5578596c37eddc48465b1f2b89a5535914d40ad4028557fbeac5b8d4e16d6b080a8b9a227161c1faa8bbb881cc9f0"}, 0x1004) (async)
syz_emit_vhci(&(0x7f0000001080)=@HCI_EVENT_PKT={0x4, @hci_ev_logical_link_complete={{0x45, 0x5}, {0x23, 0xc8, 0xc9, 0x50}}}, 0x8)

13:51:59 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000000700bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:59 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x1}, "ee"}, 0x5) (async)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x98}, "f53e59147402ed28751349f21ee2d04569df49ed9a4d02891ed10ae9baf6679acd4e0b4f0f15d289a652c2d2248466bbb10f8374d498aeb6bfd29a961984a93ef986d1c96774c3e0adaa908b4230a42e68944ee356626fd7d08937f3d3fd21345c8a1b6ec00fa84fc7fb5a475ae2b9342e4c12bfe5cac10fcbdf4ab35064526a1300f22290d1fd8894112c1df79d5a9a06003c1cd0248fa2"}, 0x9c)

13:51:59 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x408)

13:51:59 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0x0, 0x1000}, "c24c3c02a893a76985280b076e1fb6f487cc00838162ad97d672694d5de564ecdc9a78d08bb2f95495a6254639d4bd5e8d560da7d7a90afa449e3e2a728f88ccce8e2328db6a492e01369f9998c3e1a674f7d251ccde8ad578929ddf4faf1620cd0bac2d93d91fdda262386f2beca09a8119979fc94d0b47954f331c22828f3115d0c1c7cf0a79639fe2954ada06e1d6b0a395e27a7931df6300de57824e1b4629dc9fd8a8e1c3e565d987df28321a6c1c4c16da8879a98928c629d956f8cb6ec025c5c6876fc55ff8c8ee1f3de9d0a10c23b421a228e70715a0a531d60acdda784ba1fd954c37bda65e41e99b25ea69ec674cfca190d86a79ddef6ea5e05d87ef8f85a73de8057132e087018cd66d96c1ab7c3d910da8aabd59421ca49f9b9f974b9c4a1ccae2e369901238c3968c4ae0ec56838b6266bb8b69e4c420317507485feba2e9d8e9eb12009c484628d5dd8795b21db5a4f176abf80ccd4c883c05e43f8a2e19faeaf735f718e3b736b38109f58f5de0f6948a4e059f9eb45462d0b250e540a28324ed9b8aef2825c021e31c56faea2d0c000bb8d56a7fd9f1c8c5218c733c7b190c4fa11d48517801630b103f8db4b1476e7c49506fe5f5357cea07b4180154d11fba86dd369c894a3f00b73b3e642c9a0d5a0318baf7b7f5b6f927144dca14d34a9d74c992def4a71613e8c070c43550850dfd2ff69b6e785c398b526cf28d5decd7800737ce378eacd3f6f8c636915a8cbeb08a06650a1639ddf6abe3e7cc262e70ba236797aca06e3376394e231208c4119534d08012bf3856b3eb239aefae6ca324a8e08894702e50eaea75c949a5927e6884975b374c69972ac4975bb15c0e769eb6ff7aec027dc4d2e4c20b91c792c06a9e4475c91c23901b82c61b0fda4a2931744cd97271b2ef27c0f7bdeaac7d688bdab461b8ad8cef723f7ed554773b0242576e0342ba973cbdf3dd401a05ee84e23ffd98008e213016bc6c208ed12511de81bf9ad196cffe049f53e14f6018b50abaf9591f197b55d179020d6fa5fdad3d996294fd99cc679dbdf7c84446b3ad9d5221142c0fed40f0889819a5f836eae7840f1fce89e57885a22df56b37e7149ea9e18ec703fc6cf8bcbf4ea657b984869ea9444fdab74601abcd860fb32d44115f553ea1797be67e1736e46f4ac66b6fd71d6ba6fd2925bdffe7c42ac818e68114178568f1f81edf6f91b2b14f17c45fef852432a4e22b43a60228685906cbd0e0d3a31a88a2150f6e2fdfd574aafb517cd6080b5566047c7206527d7695d69315396c0ae879fa4e1262e195d39790692823fb8a8d8b1385245d337945ede6fa4e24bb8c7fbf7c7b4722f73b05fd237cfa22b5ceb4102b26a61a4c17225b74167e1f73ee3366824feadff664734eb33ff9e31f1941fd98abcb632f1a70b0b682a8183b85c65eedf311f972e1509654cbe6a39a158f1afe7f7d3c4a6014757f3b566a05544b74ec2d9ea481c68af16ef2d4466ad80604b4a73720ebe9b4b2bd9d4095613906d3df5b4e76e2595951a10da33e49e5b88d64a7efdb6c35f557c39b66738ce30236b4772af1752217a099edb8e34f1415c5ef17a6a6230d3d0dc74e6555903a6b82d9d7268dce4f97cac1ef38777f4488bb184e5d9141e79a85403021fde9c744ac19efa00cf600ea19b97f739dcddd383863e5c3dcab862751ff1401845a48f424b6d81d7f0e9087bc8b9df9c811bd094391613e53b3bfcdc667c2c070ecd1f1442cadecc12a26624c8de8625792e5a1228e4247a7caa2e2dcda8ef45b9bcca6316fd729a0b8a65572f20df1ab5bf61d021be0d1511478d0d57893c97ea32837c031bbec9eca1b86255301faf13b9b2349788c817ff3e2df3ffc28eb2e6684545bd52eaa449091e661f057ffd493fa056d719c5217ba290d07eff32fb76a58d3f97dec400880646bdf3f48aa854115c97bbc56a4205cac0a2c3e42ce46aa531181beabd6f54c7bc7c29365f8a9a46af2b28385a5ac9d827cdbdb21457619f9bf6e3a308542018cae05f5184e8ca3e7f0696918d76537be19d09ace97f906bfd55618d377768dfa9decb1ef9a25b6fe2b1f675cda46e86797538d6b709de299601f5300901d282869c917e399c97c4138f5c19eb33e3ea0bc39dfa221cf617a5e9b71a1a4283d9d3a724602b1efe52858b9b694345d1afe943c6d4132ac37dbb59a7e6302c88c1975f45173b67e4d583962e6d7d539b6ec77fa3cd2216de06f02a598636b77e36630937ef50b0a47a881ec06a192d95e00429de3986f3b5a5959f2608296c4f90bbf61d2d697c9cdfa73d278fb288a6995d9ea1b96b2afd98c89b5a95afb26e7e69e781e1389391eb157c628f5ccc2de002e8560d4fa59e2aa3ed20dd2fb8806f6d41ee97e5f8e5cd1862316290bf177f6e472a05c8bda70a61da5e1940a4c874e5fb2be53b1e60d1b84c46dbe799b84cb08643a16442a60228004f78eeaa9957f325842c5e3f0e16b55786db192d205c3aeaaf939e08390c1ed52e561aaa93f29b975b85240efac9ab3c181357d50ae65ef3a8747870b38d94d0f92d41442eda1bb1fd967094469411e47fbbdb6b6875adfdcb612e4a24f3e9c650fd398ff60183804e29f2ab353819290e7df0b361ac5430a217250a6d7edd9f1c330414a80b47335abd544cb31785c75d331d3ab3dc9e037f49c543bf104baa58d659af2a6efba2dec1588ee4afdd602412bdaee09c6269aa10a41f0bd720c2df4d2395c54c5621edc5fa98e54e817af6f60e9b6b113fec3121836cae730ca030f56328c55e2d623ba4be1ccef3922dafc86b466f8927a9df58c995c3a1f9d426f44b4c6174b8e9cc933c0e89552d4048a9c3b872c125a0d7a873cfde9a0da90a9f3f3935eb3c8a3c248c5846a812a576abcc7e16859f95444504b47ae82f1cb94f9ab0b4b4b51a029226c3d0a63f9b56b6c1afcaa85f5488b4a04ecdec96071488cdbdfdef123f7c050db60e487345e03c312d79f1c5217a7046e8c2eb11d04328c0848d35438890dd36235cf30a79085f78d5c4915f0e076dd817ba6e712dbd8d5fa60c4b2bd32abaa1aa1932b67a17c639e50df1eeaf6000d83685e4ca26e65ada3bd553959a48fad1589983e5f13ce86ac985d966246b74b9a04e7addb78320525e2c17175d19aa9e103c45a0243ff37e19c222fcdf1ba6dfabb5879efcb35f7ac9c4d970a99b07ec6b80d91e5c5373b0792c745d0ee70c48ca393d324e2d68525417e0031438bd91698ce6fc4f0bab5e46a89422669004d22362b88270bec75084f30c70bb8a7f536596333465f8a0e952fd753af8cb76d4dcc608a68f0435615af7bdcde370e6f3be5583342ce22da5ee0a28c9c1d30a1d36c21d1da19c0ad6d520059920b6ae8f41b27e2739f39b0ddb6aec38fbfd094de9a0f1c3f3a64993a7bfe0534ca478022ebbdc42e0e988f8c82baa48e74448f4d69e0309077741562fe691822cd952ac1d6eaf0dd8a4e70e3bd8398447b17e054ed77712f224310d12d4cd0cb0d1bfb17cb7c4422aeaa06b062aca2a9696deee4d3087f0090a9992a878cdc5cb906425b45b82e7b31f60fe5b5627331aca3f16f832b1abfd99871985b572964ac4e1952e18baa839342bf3bd6557dc4435cc1a4fdc99973d446ec423a4d6066e0b5e11a12704d632391a1db01e1aa650045415170780076b5a43fd5ac7b66ef79bf7856e21f358ff28d7fde42c2d5e958bf4a6c248632c4ecc1166ebd946b305f65f6253eee4c2944d5878fd6abfaaed65bb630a39d18ad0898e5bb28010064b8e23dd2e9fe08d1aba67e95e400f34dbf144c6d00b51d36779a736e6b74de9c4ec520f031f1148e943a86ec021abb30cad104b7ef8707f40f1756b9b712bb21514e7a16231e1f01b51ad16c1b423cb042eb9c77bdb28e1ffb84a466751469d45414879078fe6f207cf347e90aa576d35cc789aab9925b9de1df99cd3aefbc18c159b97a07c28a2d8d60450af5f1ba6f1bf8e91e3a8e6623b59967a2fd48ca4e5eed3dc56858cbdd730b2889646a1b51204eaf9d738b5f18981a3e3d2899ec44157f0bf95e025dc6aef1abd19cf24b54603d4c1be9b644176577b2c05c42f3197532d5e23a944b227ea1a680f7ffbad530ad882d50c6155816baded6bf9eb6b255cb921093d6e47838172d14937bb18d1c262f0a337466f81502bc2e10c1de2a5c2e4f32c534f8ec5951f95410f810fccdef988c1103cb2e4e41a8d8ed5cacc69ab2c620ded1fba72ec0f40d687ba17bf2e62d1525405e59654e554c6a207706f8c20e883482e19db88a1027201aa2de19e361f171a88fe7959256465222c8436987885f94aa6fe5ec52c35750d334382fa1ada6f278f2ad719d327356c5bdc88a160fb59a7eb114cdbb4ac94e9ff134bb4dd211cee8585c860c36af1540c6d45762aaf555a207910fa800f4a09bca98e807ee8f2479c2375f1f890629c657f8a37a902da7943ad85925b38816da06377537d6d3abd4081f696be3e1ce58659b8a12c79a9d9d2938eab795e0b76a03b7f8971d0389944c991c77ecda8ff96b2b4c947c112a6803588594e0fef1e6aa37e9a69a74b8f7f8e4ad6fc0b6e87c287062c315d67a5e2d1004d5d17f84e70a832151e269bef77f033f137b1c0f68df5a5d30b917132e1209ffe4e4394d5d6e361b442f0e3d52b858382cf87c9cffb7f1a439d393e3863723211c7f58600e5293156e3e78e79c9f7ffd430b7b690cf58687aab8d0c4117aa8c743094db59376ffb3278dcc67299eac997222c0ddb874454943de4b103e08d54fcdf640558c13239ce10c6487b040e970a9753be45db38bf1a182f652aea74f98a4297ff7e43572f08c98cbbc0db7ef71c1c7b0d0e1286524b3fd3f2b77b17b2b92f4474be9a986e93aaf3a26fdb6c25328f5be79a3ae183703907c06e65bfa8bc74989ccdb4ecb6999b066c86e7f68d037553d40e4ff2069bf88d509041a768553f0b8b6a251591deaf1669d90b643cbe2ac901d3a9a604eb4617640a26fb81a6d270f98c0f5fb808d3bec8b7a26280cbc13f4fb2b88ca656b77f543353e12aa31800974adfb84e13cc5e596afb48665caf46cb40dd4ed45db8e1d4ae343cd3ff15074f60b88e86cb4bfdd11236adff61c8f746e2c9a6ec2c1afc24f49c65637a99a43da80978d28ab344ff39f259d68a51449621ecf7dab2441a10ef6962c3b3400c50e1895e32d9e48746e445b19edca178044b5acc0890041324a6d2284abbc8a1550c215e4b2f7c4cb2784d3378861410a8812be01e8932f05dc2d8ec66a531d9559443b96202693b4f5c81eba1a15cd734f23d3f145f9c757fa0246d98e84c06c17471b75573f9234aa112384e26935be101c3edc6ce4848e04c6c8a1fa60c363fa20f292f76cb7ea0b8d3c8b300748b70803eb4290fd9e65548ed2acbcecba04dba662727000df30ed3c19ec816be768869d1d5d48f6134043c3c0b95c36497854be91f63e28454d14c9e683e0bb0e5fdcd566e51826ccd30c232c6ac4db56dcd1dd63b6b3f1d0ed1407a2fe832f25364291723bc6fc3e18d62bc247b9e7fe7457b5b1e4ebe99c293eae76937047af6ad2039e1c8de66f0d85e8ed235cf718cd14bbb45fe817cca95be81abbf7ce7c68cdc4075f279042d40a305a23057ea297969c355ae3f5f8b7b61c16ff6fdf8f01f30dcf2c37a21ce5639c17b75e4494c5578596c37eddc48465b1f2b89a5535914d40ad4028557fbeac5b8d4e16d6b080a8b9a227161c1faa8bbb881cc9f0"}, 0x1004)
syz_emit_vhci(&(0x7f0000001080)=@HCI_EVENT_PKT={0x4, @hci_ev_logical_link_complete={{0x45, 0x5}, {0x23, 0xc8, 0xc9, 0x50}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0x0, 0x1000}, "c24c3c02a893a76985280b076e1fb6f487cc00838162ad97d672694d5de564ecdc9a78d08bb2f95495a6254639d4bd5e8d560da7d7a90afa449e3e2a728f88ccce8e2328db6a492e01369f9998c3e1a674f7d251ccde8ad578929ddf4faf1620cd0bac2d93d91fdda262386f2beca09a8119979fc94d0b47954f331c22828f3115d0c1c7cf0a79639fe2954ada06e1d6b0a395e27a7931df6300de57824e1b4629dc9fd8a8e1c3e565d987df28321a6c1c4c16da8879a98928c629d956f8cb6ec025c5c6876fc55ff8c8ee1f3de9d0a10c23b421a228e70715a0a531d60acdda784ba1fd954c37bda65e41e99b25ea69ec674cfca190d86a79ddef6ea5e05d87ef8f85a73de8057132e087018cd66d96c1ab7c3d910da8aabd59421ca49f9b9f974b9c4a1ccae2e369901238c3968c4ae0ec56838b6266bb8b69e4c420317507485feba2e9d8e9eb12009c484628d5dd8795b21db5a4f176abf80ccd4c883c05e43f8a2e19faeaf735f718e3b736b38109f58f5de0f6948a4e059f9eb45462d0b250e540a28324ed9b8aef2825c021e31c56faea2d0c000bb8d56a7fd9f1c8c5218c733c7b190c4fa11d48517801630b103f8db4b1476e7c49506fe5f5357cea07b4180154d11fba86dd369c894a3f00b73b3e642c9a0d5a0318baf7b7f5b6f927144dca14d34a9d74c992def4a71613e8c070c43550850dfd2ff69b6e785c398b526cf28d5decd7800737ce378eacd3f6f8c636915a8cbeb08a06650a1639ddf6abe3e7cc262e70ba236797aca06e3376394e231208c4119534d08012bf3856b3eb239aefae6ca324a8e08894702e50eaea75c949a5927e6884975b374c69972ac4975bb15c0e769eb6ff7aec027dc4d2e4c20b91c792c06a9e4475c91c23901b82c61b0fda4a2931744cd97271b2ef27c0f7bdeaac7d688bdab461b8ad8cef723f7ed554773b0242576e0342ba973cbdf3dd401a05ee84e23ffd98008e213016bc6c208ed12511de81bf9ad196cffe049f53e14f6018b50abaf9591f197b55d179020d6fa5fdad3d996294fd99cc679dbdf7c84446b3ad9d5221142c0fed40f0889819a5f836eae7840f1fce89e57885a22df56b37e7149ea9e18ec703fc6cf8bcbf4ea657b984869ea9444fdab74601abcd860fb32d44115f553ea1797be67e1736e46f4ac66b6fd71d6ba6fd2925bdffe7c42ac818e68114178568f1f81edf6f91b2b14f17c45fef852432a4e22b43a60228685906cbd0e0d3a31a88a2150f6e2fdfd574aafb517cd6080b5566047c7206527d7695d69315396c0ae879fa4e1262e195d39790692823fb8a8d8b1385245d337945ede6fa4e24bb8c7fbf7c7b4722f73b05fd237cfa22b5ceb4102b26a61a4c17225b74167e1f73ee3366824feadff664734eb33ff9e31f1941fd98abcb632f1a70b0b682a8183b85c65eedf311f972e1509654cbe6a39a158f1afe7f7d3c4a6014757f3b566a05544b74ec2d9ea481c68af16ef2d4466ad80604b4a73720ebe9b4b2bd9d4095613906d3df5b4e76e2595951a10da33e49e5b88d64a7efdb6c35f557c39b66738ce30236b4772af1752217a099edb8e34f1415c5ef17a6a6230d3d0dc74e6555903a6b82d9d7268dce4f97cac1ef38777f4488bb184e5d9141e79a85403021fde9c744ac19efa00cf600ea19b97f739dcddd383863e5c3dcab862751ff1401845a48f424b6d81d7f0e9087bc8b9df9c811bd094391613e53b3bfcdc667c2c070ecd1f1442cadecc12a26624c8de8625792e5a1228e4247a7caa2e2dcda8ef45b9bcca6316fd729a0b8a65572f20df1ab5bf61d021be0d1511478d0d57893c97ea32837c031bbec9eca1b86255301faf13b9b2349788c817ff3e2df3ffc28eb2e6684545bd52eaa449091e661f057ffd493fa056d719c5217ba290d07eff32fb76a58d3f97dec400880646bdf3f48aa854115c97bbc56a4205cac0a2c3e42ce46aa531181beabd6f54c7bc7c29365f8a9a46af2b28385a5ac9d827cdbdb21457619f9bf6e3a308542018cae05f5184e8ca3e7f0696918d76537be19d09ace97f906bfd55618d377768dfa9decb1ef9a25b6fe2b1f675cda46e86797538d6b709de299601f5300901d282869c917e399c97c4138f5c19eb33e3ea0bc39dfa221cf617a5e9b71a1a4283d9d3a724602b1efe52858b9b694345d1afe943c6d4132ac37dbb59a7e6302c88c1975f45173b67e4d583962e6d7d539b6ec77fa3cd2216de06f02a598636b77e36630937ef50b0a47a881ec06a192d95e00429de3986f3b5a5959f2608296c4f90bbf61d2d697c9cdfa73d278fb288a6995d9ea1b96b2afd98c89b5a95afb26e7e69e781e1389391eb157c628f5ccc2de002e8560d4fa59e2aa3ed20dd2fb8806f6d41ee97e5f8e5cd1862316290bf177f6e472a05c8bda70a61da5e1940a4c874e5fb2be53b1e60d1b84c46dbe799b84cb08643a16442a60228004f78eeaa9957f325842c5e3f0e16b55786db192d205c3aeaaf939e08390c1ed52e561aaa93f29b975b85240efac9ab3c181357d50ae65ef3a8747870b38d94d0f92d41442eda1bb1fd967094469411e47fbbdb6b6875adfdcb612e4a24f3e9c650fd398ff60183804e29f2ab353819290e7df0b361ac5430a217250a6d7edd9f1c330414a80b47335abd544cb31785c75d331d3ab3dc9e037f49c543bf104baa58d659af2a6efba2dec1588ee4afdd602412bdaee09c6269aa10a41f0bd720c2df4d2395c54c5621edc5fa98e54e817af6f60e9b6b113fec3121836cae730ca030f56328c55e2d623ba4be1ccef3922dafc86b466f8927a9df58c995c3a1f9d426f44b4c6174b8e9cc933c0e89552d4048a9c3b872c125a0d7a873cfde9a0da90a9f3f3935eb3c8a3c248c5846a812a576abcc7e16859f95444504b47ae82f1cb94f9ab0b4b4b51a029226c3d0a63f9b56b6c1afcaa85f5488b4a04ecdec96071488cdbdfdef123f7c050db60e487345e03c312d79f1c5217a7046e8c2eb11d04328c0848d35438890dd36235cf30a79085f78d5c4915f0e076dd817ba6e712dbd8d5fa60c4b2bd32abaa1aa1932b67a17c639e50df1eeaf6000d83685e4ca26e65ada3bd553959a48fad1589983e5f13ce86ac985d966246b74b9a04e7addb78320525e2c17175d19aa9e103c45a0243ff37e19c222fcdf1ba6dfabb5879efcb35f7ac9c4d970a99b07ec6b80d91e5c5373b0792c745d0ee70c48ca393d324e2d68525417e0031438bd91698ce6fc4f0bab5e46a89422669004d22362b88270bec75084f30c70bb8a7f536596333465f8a0e952fd753af8cb76d4dcc608a68f0435615af7bdcde370e6f3be5583342ce22da5ee0a28c9c1d30a1d36c21d1da19c0ad6d520059920b6ae8f41b27e2739f39b0ddb6aec38fbfd094de9a0f1c3f3a64993a7bfe0534ca478022ebbdc42e0e988f8c82baa48e74448f4d69e0309077741562fe691822cd952ac1d6eaf0dd8a4e70e3bd8398447b17e054ed77712f224310d12d4cd0cb0d1bfb17cb7c4422aeaa06b062aca2a9696deee4d3087f0090a9992a878cdc5cb906425b45b82e7b31f60fe5b5627331aca3f16f832b1abfd99871985b572964ac4e1952e18baa839342bf3bd6557dc4435cc1a4fdc99973d446ec423a4d6066e0b5e11a12704d632391a1db01e1aa650045415170780076b5a43fd5ac7b66ef79bf7856e21f358ff28d7fde42c2d5e958bf4a6c248632c4ecc1166ebd946b305f65f6253eee4c2944d5878fd6abfaaed65bb630a39d18ad0898e5bb28010064b8e23dd2e9fe08d1aba67e95e400f34dbf144c6d00b51d36779a736e6b74de9c4ec520f031f1148e943a86ec021abb30cad104b7ef8707f40f1756b9b712bb21514e7a16231e1f01b51ad16c1b423cb042eb9c77bdb28e1ffb84a466751469d45414879078fe6f207cf347e90aa576d35cc789aab9925b9de1df99cd3aefbc18c159b97a07c28a2d8d60450af5f1ba6f1bf8e91e3a8e6623b59967a2fd48ca4e5eed3dc56858cbdd730b2889646a1b51204eaf9d738b5f18981a3e3d2899ec44157f0bf95e025dc6aef1abd19cf24b54603d4c1be9b644176577b2c05c42f3197532d5e23a944b227ea1a680f7ffbad530ad882d50c6155816baded6bf9eb6b255cb921093d6e47838172d14937bb18d1c262f0a337466f81502bc2e10c1de2a5c2e4f32c534f8ec5951f95410f810fccdef988c1103cb2e4e41a8d8ed5cacc69ab2c620ded1fba72ec0f40d687ba17bf2e62d1525405e59654e554c6a207706f8c20e883482e19db88a1027201aa2de19e361f171a88fe7959256465222c8436987885f94aa6fe5ec52c35750d334382fa1ada6f278f2ad719d327356c5bdc88a160fb59a7eb114cdbb4ac94e9ff134bb4dd211cee8585c860c36af1540c6d45762aaf555a207910fa800f4a09bca98e807ee8f2479c2375f1f890629c657f8a37a902da7943ad85925b38816da06377537d6d3abd4081f696be3e1ce58659b8a12c79a9d9d2938eab795e0b76a03b7f8971d0389944c991c77ecda8ff96b2b4c947c112a6803588594e0fef1e6aa37e9a69a74b8f7f8e4ad6fc0b6e87c287062c315d67a5e2d1004d5d17f84e70a832151e269bef77f033f137b1c0f68df5a5d30b917132e1209ffe4e4394d5d6e361b442f0e3d52b858382cf87c9cffb7f1a439d393e3863723211c7f58600e5293156e3e78e79c9f7ffd430b7b690cf58687aab8d0c4117aa8c743094db59376ffb3278dcc67299eac997222c0ddb874454943de4b103e08d54fcdf640558c13239ce10c6487b040e970a9753be45db38bf1a182f652aea74f98a4297ff7e43572f08c98cbbc0db7ef71c1c7b0d0e1286524b3fd3f2b77b17b2b92f4474be9a986e93aaf3a26fdb6c25328f5be79a3ae183703907c06e65bfa8bc74989ccdb4ecb6999b066c86e7f68d037553d40e4ff2069bf88d509041a768553f0b8b6a251591deaf1669d90b643cbe2ac901d3a9a604eb4617640a26fb81a6d270f98c0f5fb808d3bec8b7a26280cbc13f4fb2b88ca656b77f543353e12aa31800974adfb84e13cc5e596afb48665caf46cb40dd4ed45db8e1d4ae343cd3ff15074f60b88e86cb4bfdd11236adff61c8f746e2c9a6ec2c1afc24f49c65637a99a43da80978d28ab344ff39f259d68a51449621ecf7dab2441a10ef6962c3b3400c50e1895e32d9e48746e445b19edca178044b5acc0890041324a6d2284abbc8a1550c215e4b2f7c4cb2784d3378861410a8812be01e8932f05dc2d8ec66a531d9559443b96202693b4f5c81eba1a15cd734f23d3f145f9c757fa0246d98e84c06c17471b75573f9234aa112384e26935be101c3edc6ce4848e04c6c8a1fa60c363fa20f292f76cb7ea0b8d3c8b300748b70803eb4290fd9e65548ed2acbcecba04dba662727000df30ed3c19ec816be768869d1d5d48f6134043c3c0b95c36497854be91f63e28454d14c9e683e0bb0e5fdcd566e51826ccd30c232c6ac4db56dcd1dd63b6b3f1d0ed1407a2fe832f25364291723bc6fc3e18d62bc247b9e7fe7457b5b1e4ebe99c293eae76937047af6ad2039e1c8de66f0d85e8ed235cf718cd14bbb45fe817cca95be81abbf7ce7c68cdc4075f279042d40a305a23057ea297969c355ae3f5f8b7b61c16ff6fdf8f01f30dcf2c37a21ce5639c17b75e4494c5578596c37eddc48465b1f2b89a5535914d40ad4028557fbeac5b8d4e16d6b080a8b9a227161c1faa8bbb881cc9f0"}, 0x1004) (async)
syz_emit_vhci(&(0x7f0000001080)=@HCI_EVENT_PKT={0x4, @hci_ev_logical_link_complete={{0x45, 0x5}, {0x23, 0xc8, 0xc9, 0x50}}}, 0x8) (async)

13:51:59 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000000900bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:59 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_si_security={{0x2, 0x7}, {0x40, 0x9, 0x9, 0x20}}}, 0xa)

13:51:59 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x420)

13:51:59 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000100)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x44}, "a8deb4375a061c3d7ea31e18b6cda8f2dce2cb88af232e82d7d83e8eba99b08318212e27d6be3f38c0d308bf550f4f0915187f3826e5c307ddbabd55c257191744c3fd50"}, 0x48)

13:51:59 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_si_security={{0x2, 0x7}, {0x40, 0x9, 0x9, 0x20}}}, 0xa)

13:51:59 executing program 4:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.empty_time\x00', 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="040d", @ANYRES16=0x0, @ANYBLOB="08db1870db7c37f199e33c44f01cfc6a899efdfc41f6ce06473b9a2bf5885925cfd0e9505b062b0ae86078d01616199d9457df17c17836edfe474d580dc48e64eeeb82b975e3201b000ad630fe45aaa110472244749b41e4e6dc46ee83eb1019bced36c9d55548fb2d70ca92e665fb9270131a5a6befca09ee331302286efa423ff226", @ANYRES32=0x0, @ANYRESOCT=r0], 0x8)
r2 = openat2(r1, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)={0x200000, 0x8, 0x9}, 0x18)
io_uring_enter(r2, 0x17ab, 0x6981, 0x2, &(0x7f0000000140)={[0x8]}, 0x8)

13:51:59 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000000a00bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:59 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x438)

13:51:59 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000100)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x44}, "a8deb4375a061c3d7ea31e18b6cda8f2dce2cb88af232e82d7d83e8eba99b08318212e27d6be3f38c0d308bf550f4f0915187f3826e5c307ddbabd55c257191744c3fd50"}, 0x48)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2) (async)
syz_emit_vhci(&(0x7f0000000100)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x44}, "a8deb4375a061c3d7ea31e18b6cda8f2dce2cb88af232e82d7d83e8eba99b08318212e27d6be3f38c0d308bf550f4f0915187f3826e5c307ddbabd55c257191744c3fd50"}, 0x48) (async)

13:51:59 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_si_security={{0x2, 0x7}, {0x40, 0x9, 0x9, 0x20}}}, 0xa)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_si_security={{0x2, 0x7}, {0x40, 0x9, 0x9, 0x20}}}, 0xa) (async)

13:51:59 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000000c00bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:59 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x450)

13:51:59 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000100)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x44}, "a8deb4375a061c3d7ea31e18b6cda8f2dce2cb88af232e82d7d83e8eba99b08318212e27d6be3f38c0d308bf550f4f0915187f3826e5c307ddbabd55c257191744c3fd50"}, 0x48)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2) (async)
syz_emit_vhci(&(0x7f0000000100)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x44}, "a8deb4375a061c3d7ea31e18b6cda8f2dce2cb88af232e82d7d83e8eba99b08318212e27d6be3f38c0d308bf550f4f0915187f3826e5c307ddbabd55c257191744c3fd50"}, 0x48) (async)

13:51:59 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}}}, 0xa)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)

13:51:59 executing program 4:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.empty_time\x00', 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="040d", @ANYRES16=0x0, @ANYBLOB="08db1870db7c37f199e33c44f01cfc6a899efdfc41f6ce06473b9a2bf5885925cfd0e9505b062b0ae86078d01616199d9457df17c17836edfe474d580dc48e64eeeb82b975e3201b000ad630fe45aaa110472244749b41e4e6dc46ee83eb1019bced36c9d55548fb2d70ca92e665fb9270131a5a6befca09ee331302286efa423ff226", @ANYRES32=0x0, @ANYRESOCT=r0], 0x8) (async)
r2 = openat2(r1, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)={0x200000, 0x8, 0x9}, 0x18)
io_uring_enter(r2, 0x17ab, 0x6981, 0x2, &(0x7f0000000140)={[0x8]}, 0x8)

13:51:59 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x468)

13:51:59 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x34}, "d09101cd22c9daa85747291377206b17f8587dc80218943ce8702df3c4b0cf5309c508af63a8339fe63a4affacaebc3da19e5f19"}, 0x38)

13:51:59 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000000e00bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:59 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}}}, 0xa)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}}}, 0xa) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2) (async)

13:51:59 executing program 4:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.empty_time\x00', 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="040d", @ANYRES16=0x0, @ANYBLOB="08db1870db7c37f199e33c44f01cfc6a899efdfc41f6ce06473b9a2bf5885925cfd0e9505b062b0ae86078d01616199d9457df17c17836edfe474d580dc48e64eeeb82b975e3201b000ad630fe45aaa110472244749b41e4e6dc46ee83eb1019bced36c9d55548fb2d70ca92e665fb9270131a5a6befca09ee331302286efa423ff226", @ANYRES32=0x0, @ANYRESOCT=r0], 0x8) (async)
r2 = openat2(r1, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)={0x200000, 0x8, 0x9}, 0x18)
io_uring_enter(r2, 0x17ab, 0x6981, 0x2, &(0x7f0000000140)={[0x8]}, 0x8)

13:51:59 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x480)

13:51:59 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x34}, "d09101cd22c9daa85747291377206b17f8587dc80218943ce8702df3c4b0cf5309c508af63a8339fe63a4affacaebc3da19e5f19"}, 0x38)

13:51:59 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}}}, 0xa)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}}}, 0xa) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2) (async)

13:51:59 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000000f00bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:59 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xa3}, "1a11ba11e911ab8249668d544848e58c0287e1db4d22a229ba231eb7097657244e91f332281fadb099f99ac0baf24fbfcb36335c5cf4a7f8060fc85d4528637b5e029407a9407423b3dee8428f69b537411200de8ada159ea856ca0c20e2db4134b709c9a19327dd5b040a428ec06590349bd40d8ea1b3af83faced15971acaf55cac3aabc67e48827e95104bbd1ac183f485a9b30e5c295ed7182ad67042ae2ec2b93"}, 0xa7)

13:51:59 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x498)

13:51:59 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async, rerun: 64)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x34}, "d09101cd22c9daa85747291377206b17f8587dc80218943ce8702df3c4b0cf5309c508af63a8339fe63a4affacaebc3da19e5f19"}, 0x38) (rerun: 64)

13:51:59 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000380)=0x80000008)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000140))
r2 = syz_open_pts(r0, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000040)={0x9, 0x7, 0x8, 0x5, 0xa, "8af334f26919a1ae08e2876305b81a70f572f1"})
ioctl$TCXONC(r0, 0x540a, 0x2)
ioctl$TCSETS2(r2, 0x402c542b, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "0a5e5cc8db03b2d24424ef78586c130e16b71c"})
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)

13:51:59 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xa3}, "1a11ba11e911ab8249668d544848e58c0287e1db4d22a229ba231eb7097657244e91f332281fadb099f99ac0baf24fbfcb36335c5cf4a7f8060fc85d4528637b5e029407a9407423b3dee8428f69b537411200de8ada159ea856ca0c20e2db4134b709c9a19327dd5b040a428ec06590349bd40d8ea1b3af83faced15971acaf55cac3aabc67e48827e95104bbd1ac183f485a9b30e5c295ed7182ad67042ae2ec2b93"}, 0xa7)

13:51:59 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000fd1f00bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:59 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xa3}, "1a11ba11e911ab8249668d544848e58c0287e1db4d22a229ba231eb7097657244e91f332281fadb099f99ac0baf24fbfcb36335c5cf4a7f8060fc85d4528637b5e029407a9407423b3dee8428f69b537411200de8ada159ea856ca0c20e2db4134b709c9a19327dd5b040a428ec06590349bd40d8ea1b3af83faced15971acaf55cac3aabc67e48827e95104bbd1ac183f485a9b30e5c295ed7182ad67042ae2ec2b93"}, 0xa7)

13:51:59 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x4b0)

13:51:59 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) (async)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000380)=0x80000008) (async)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000140))
r2 = syz_open_pts(r0, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000040)={0x9, 0x7, 0x8, 0x5, 0xa, "8af334f26919a1ae08e2876305b81a70f572f1"}) (async)
ioctl$TCXONC(r0, 0x540a, 0x2) (async)
ioctl$TCSETS2(r2, 0x402c542b, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "0a5e5cc8db03b2d24424ef78586c130e16b71c"}) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)

13:51:59 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000002400bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:51:59 executing program 1:
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="02c890740070000100070604000300030011070200030010ff020700fb08000005000000fdffffff04090000074a00010002000409004e07ff0163000600040902010309000200004006102000030039a800000200000004000000040900091f0800000001000702030001020300"], 0x79)

13:51:59 executing program 4:
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0xfffffffffffffe4b)
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0x8)

13:51:59 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x4c8)

13:51:59 executing program 4:
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0xfffffffffffffe4b) (async)
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0x8)

13:51:59 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000380)=0x80000008)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000140))
r2 = syz_open_pts(r0, 0x0) (async)
ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000040)={0x9, 0x7, 0x8, 0x5, 0xa, "8af334f26919a1ae08e2876305b81a70f572f1"}) (async)
ioctl$TCXONC(r0, 0x540a, 0x2)
ioctl$TCSETS2(r2, 0x402c542b, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "0a5e5cc8db03b2d24424ef78586c130e16b71c"}) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)

13:51:59 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000002600bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:52:00 executing program 1:
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="02c890740070000100070604000300030011070200030010ff020700fb08000005000000fdffffff04090000074a00010002000409004e07ff0163000600040902010309000200004006102000030039a800000200000004000000040900091f0800000001000702030001020300"], 0x79)

[ 2351.667792][T17952] Bluetooth: hci8: ACL packet for unknown connection handle 3584
13:52:00 executing program 4:
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0xfffffffffffffe4b) (async)
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0x8)

13:52:00 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x4e0)

[ 2351.724282][T17952] Bluetooth: hci8: ACL packet for unknown connection handle 3584
13:52:00 executing program 1:
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="02c890740070000100070604000300030011070200030010ff020700fb08000005000000fdffffff04090000074a00010002000409004e07ff0163000600040902010309000200004006102000030039a800000200000004000000040900091f0800000001000702030001020300"], 0x79)

13:52:00 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000002800bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:52:00 executing program 3:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x408)

[ 2351.790000][T17952] Bluetooth: hci8: ACL packet for unknown connection handle 3584
13:52:00 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000014000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:52:00 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

13:52:00 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x4f8)

13:52:00 executing program 1:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000001080), 0x101000, 0x0)
setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f00000010c0)=@gcm_128={{0x304}, "1936d47c5f884ef5", "6222c04acab217fad41eeaca0ad976b1", "74a48e8d", "254fbfb744c197b2"}, 0x28)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="03010000c64af9d778d4868d35f78bdd06eed93784889107ff4a17c1764b630714189ea61be35f67ce933f410042237d7c585fbd7ab1d02b77e19d5fe6edf7b3b725f151eb3c56640653717a0767e214c10b48bc4790d7114d51c8f6024559f2e5583d267c92f2c1de9d9cda79cc5b2bc1de50d0ac832bdf74b1bffead8b6b283a1dc4d00e9992a6f6cf6d0feebecb2b2e2561d8641a5e8792292594a447db8aa05b0dd7c2b649c159618ee6bbdc07e51e5ec335bb9c81e4eff03847c52ad2a7d1532b8a103a5cf82a203d239c9f24382ac4371fc7c3e6b5e57522fbc6b5262bed26bdf4118e17e70fb3f59640c9551d37a31286462221588383d3b2573dbeecc4f9516ee1c0aeeb63b56f2ec90709a00ed3961317eeaec3572cf7418bb57ee05c58c7141e6151968399989ad23922550accbab37bbd9efba95b4cf920bfe8dee6021024e37663727771b37d2d2ab1cdf00568c94f2e62ea3f7e10a329c35544942b9df1e98e6aeda9176a8844a39fefe5b5983dd7c012863cb1fa43c7efc5639d20cc7862b6cf9bd5412ba47160e1217c63e3728961659f1ccfc924d88b5c6e0c544707c60219eba20dce83db5cea62ad418cd771fb46a2b4552524e8e082a7b74aec2eaacd6841c70ad23b03ca366d95ca2336621d80a84e18e0d318098d12d92e2091283f0506c5619a31b06a927a5b092b1e7c7bce613132718184f76c3f794939f0f4e1fcb0c3ebe4136dca3e811781e7c3ef319387ff73daede7ea38745a6698416690ebb3b95f2efc986499df95a106adf8668bcb421a2eb333b2d027087709e4c802e898f6ff649deaf2f73695e1611ac9a12d72a96f1c634455413d81d30d2e134806dabfc60b459ab5a15c326e6222797a966a38c1d9e1d3a8aab307835bb3203628e11a7cf2fb86ea6c42bcfcdd472a33e2477c73a01191691498476eb4cfaee0c56cf28d49d08cbaa01d7a55118e989e13673d6b04d1c8344ecfbbea68086963bd244050309ff1440b4486081b99b2d5acdcf286087fc66ff2708b599a31d0f4c47778bb28cf92e435bb383b0785ab86c6972feaf63e788cf432d669e1edd4c63c28c2bf182c5e8cdd8a9e3c7ff48c76c6eba1fc32a93e3f7210d4420cf7fd4b29bea83c96768c0c22623991865f044d45d029db5bf4b1be8f86065396183b0f4d9b7e37b06e7c89cf07cb1afd5007ea5a6c1bc9b2bbdba9dfbb30e74f43db788c9027199ee66b4ef5501017e7241dc10c5d07b60796fb1995fdb5fa828083cb111903d05cab1bf6fdb580c237d771be31d13c667512ba6ec95345cd20c0bd8da55ab92ff1ce3b4336049eaf3704fd11ca04ea03317394e2fe34481846fa1c028cbd7fa8f449746724348453283fc97ceafad53b93f78fb7a7a96452817d4f8270821d1e2b7ae0a7906fd36fcc24923694e04641e0005aee5242107f42ce87c57269a5fe6dd19b63eea274624052e81a69f17ee8e3000de13495d58a6b29c2f4b78df57337367374ac07dbf7796e147ef477d7890faf801a1efc915923af9e09530a32c30d0b5e4339eb90317113930a707fcdf0b93566e9c94851040bf231039b1d5700dd1f861a2af63c17aa3f746f008b04020786d0a4c250b7a8584eb40875c5bd35b3a0fb94f82b9fbba77be70f96533431848f5deb1e052c8aa7ffd9595628d1a1045f05b1a55f34a7e8ea61eb004fcad69336237d80b7d7abdd4a4d03eb8acbf549cc28363e31a3ab3ac074b26cc47e5889c8f21f1b2cb8e0074976f15d0576c83619e2fcf964a54299abb132c9edf6be2fbde3f440d7de883e7b0558a2876e8f116dbbfb0ccd97210dda6c9b2cb0d5aacf3506e932aa8cdc6baab5a63ea941ae87d5441825ba9df1241dff6ed0aa14fef3fda566e5386175294a63d9f56c33ff58a293b5d6573799dfcf3665a183f42801869853750f54711e46d9cf33333ee61c18c144746785d0f99768f7ee3c198aaa1c5ef92afe39490ea88b9d2da8c79b789392f307fbe23d085d9bfad89ea1182a645e8a1aff7f35d4e38a35aa158be4a000192df3e9202adaaeea34c572f1835ddf08e56cd54684eac362ee7b286868bcff8419cd90cfbfd0fa0c5961f240d28c44e5bd34f32c262cbe8c85cc7095da03a5beefd49befefb87808a7c39a6becdbf088ac4f3f31c5025739578c821de78c6a0019f8df86158c3c8cd05d8d8a9f02a64fba3054e5de1c2addf858ac58c9f4449d2b1eb7fdb41c3526a0a014e4d5a6178cecc18a0c1e6f739f70f1eec84078d3a535d6b9a72d9abb80f8b93bad14ffb390e5f7e6d67a676795a8cf478162fa9de987f5ea7294c3076042c0b21b22e72af9f5d949f2f0fabb8c2085e4b051c01e910b0105f6b3b823267f150532d74af8aeb1ef995506eda767ef040b61ae2489a89776aa31f14867eefbb47705451907e9e27644ed2b1c0bb185521d73cfa2e3fa33dca9ecf1c35f326379802a6fee8ca447698539280d8503811e1e28f37287d8dee9d3afd3a113cd22d900a2196a6190dcf5012596ef92d15fcf943b704ce0a12d0b84e719af644239a65658b11dafe780d1d08a6460da40785a2882d36b2adc8eecd300209f90dd4abcd704e291e663b957d69704fe932784a516dc1aef8913865067cca6ca20a6695ee7acf7fd5bc7e60cb441e6a89f13227f28cbbf81bbae9cb38f08e455d302c259a4f1509801861c3182c7de3f79ad9fec0260a3f72c431faf773b160ef9295dca99e2a34f65847643627b1ffd1bfc1bec48048a79ddad8408273234d5230c0873f9336335bcdc1ea7ca1c4f372237222ef25e225dda4b5d49fb15e7c385029fc16ba71eec00dd243115f2fa994efc600b411ba203817fab424cc24285a97fdb1fbf365258d112f2dd680983b72c48773864e54319848e84c6162b0044d9c696d1c117985055c60d025209d1dd1253be620fbe14b1a2c9b511a1905a5f6d33a16b9afa0f1751e8108218f92cde2b16aaba52b2088750d6375446c5507c063aea1e1103b70b773563c5822ccffe047732eb7bcf3862fd75c0c593cace22356f70af09c7cd66d075def1996d240e32cc5b6eb16ee594362ca5d32f37e31365194eb3d1d807ba841805aabc95aa8aae691b4b93da5b76f59b5b2feb9015db7d14b5579a5c043d0ac3a56bdea2999c6bccdb4ff45c2e001e43d2081a5fdf579865f8d44a15454c57d025a73cec0fa24fa5878372bd673c7d0cde2a28c8aa1dbfce11653e18659bb2326f449852b0e9ec9984e6816e5adb0069889d0e5a52eba628fcef3daafe4b036604c9b442470bf55f18b34591ba7c4a88a2b7ef44cc300f75cc3e8c7fada155e9323a4bc99edf62ef52c0938e6d96ef2fd2e431ec9b40ac4eefab5d6b1d69182dcc387adcb4e24e650a7f5a814f98aca540e7ac9cdc34403e1d88442dede8497e469150f72aa863adc99932dd33f8435f61b1f2b90db5ec7d8932729300ccf8ef837b6b3335773ae9be658fecc890cd0a696c776360ca3017c703f78bd7b73edca70f71d238b5efa093de2259ddbfeca7763474c2f76d9e2d25804145f42f873a7554cff89e58053752fb35ed0d718f777f9ce252fa08ccad702166150ccdc1f44f41a647c5c619dbba5a6ac8924349363a9776cd28d3f6f50c7d1ae4a317b81f1053b95e917423c857ef4d6007d99761b0ffde9b05cd0e9521845b637dbb5a6fb9b7aaeadd1a2d70810e5a2f822e21002c7efd8d4f475f3e0e12f6e6e73ea9e20d3bedb5a3c78923865490a185a1f79cf3e2647b218ea8e537cc97f3d1a45ebaa893f07e79ef87ffa02d4758de8fb1fe8fe821ab5697dc0418649341f584e153e17aab1e9838cb9638dbe57a1b50a23044ca40bbb03bb22508cf6847f740c530cfeb9946616441620343d230edd52cffa23bd93ff56e2460509da5efc0ae35ca990fa298d12a39f99bd6ee26da2a5c2c0ea48cb30c047253eb23d43ca7918a94213c328cdca872e7f804fcc18b01681c233bd1bc2343dacf3254b66e069d06efa219391069939fd24501da49e5c25a8a272bb399b62ad91c9ca10592ac5fa9bc08ececed3d557296189341c3a0fbc7389ae28055079de83fd5bf27c0ca34609145c4d1ad763be1e324908151c2e8a732801c953fa149ef8513c4fe8eec8807fc65a824ac8616edc0997c5e51701c2c007297d7bdaf8964533e2cacf5fa3379e439dab1bf8ab9862fc4acf301d8e5b3b4381366475f4486bb42954602e4337e6e68bea7f59dffa0bca46250b7dfa4e506187c87757aa2a35feb4770c01837537390f23204e8581beef9827ad9e8030d967c8bc9af4ebea7c22c0e6aeff2d21ae0a879d8c12a46ee30b97b109ccd759bf301989f93570cc03aeaef8fd378cadd102c950e0a7112e36ead54ae942ef2447c2316dc307d07c0c4528647ce796cfdd0dff62352f2bb622b17d28e12043cd62958eb3ee6f50902e3b87fa84e9061ef1679402a461c2178a3994088b903146b9b28bc91f9806c31ee613f7524687a07b8853a7a27b4c51246756024066883eab8fc44432a7995ac0e45f4e0dc0cca8be6b81c81b5d8dcf9e662985b2f241b34a56336680007eaf79541bb92da3f82c7c0ef25c9090ee8680d10d236cca3dcd07250cd39c88445e4d7893b56225c3d5e8d9909fb016401a1438d339f4f50ca36e35bb29d899cc55d34528cc4705dca56ef1128aa61e81a55df9e1188854095025eaae93489fddc6bf6ff22c208dc92a56bdf9adf01f8996fc37ebd207da8a5c97f4b06d503789672330b53446e4263bdde8cc6aeae5bb7015c9b41ad21f9d5990b746baa2f56640f4d4feb0e36a38ed1f7658b781b8f68f1fbe7b4403450f97e13524bfd4d8af7f1abf74fae8e5709030db461ccfa8c203f76ef3b885ae7c3042fe339d330528de1afe87af3d165113ff3a5e8318080ec2cc5a186b880d7d30325c878dba81c87194c9a75574239718952c11ccfa58958266485ac7a6934e4df3ce8cd1c26c20c54c2e7b448dc85656a53fe6e7bd20f612254abd8361a7579c0df71067d54e78dc63e883ed12571c6aa8ac955e07039299a83c9ae6fbe0d71284223f422e0458e9d55107e8f02776f09a56fd59775e5136db9be036b1d52ded1889e99105950d9a2acc199bee7670f59a39bf85b0aef7e39b5fc185a727e0abd5b93846bb6862c2c7150fa39695576fd6c02792e6a0530a0f414b541844c2cd4764594c8c95f88dcab3f82d290051ecf274fa2dceb7788b9fe2d0aaaa860556f606d659f00a6e3dc819c86272390914a024de591fc360a02c7e493e425078bc6ecb4b9f981768df70e3b3a98dee4ce268a82cfe4444ad548e2c6ea7d66f27f8eabcb64b50f2d435c3acf20d536fa2e654b6ed62e5b9be774cfcaa0398257ad192f6545e3dbf615c9a63f63d47a5da0f2568b804b7235c39a90ca6ef6eda6269e8784afb878cc684db6b86e11a6260e781239b936dd731fce1f1dd16eb4cb817df10d7ce66aacb1b7498a305439571a63176c76224cb07335e00b4f32c7e268745b45de868eaa3ece03ebdf740c1008a783b9c7d6f87bf78af7c83f0b6113b65e17c1e2183ff38b7135f772602ab8d52ab0e23b94ea8b68646e51aa616c6f0616689713209a0bf4305ec8ad56b07d63cd05d2a171f3441426403e7a12edd23eed0103a980d3aa5804d760ef074fcf37e22afb0208e590ad3085df339f2356ff5e8f7b7eb699857e254260d93dc8633f0a859d775c05bebc9a653eddd53603f5bb858be4c66ae4f6ce37d3f983725688ffa611142d5ecec87b"], 0x1004)

13:52:00 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000655800bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:52:00 executing program 3:
io_uring_register$IORING_REGISTER_PROBE(0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x0, 0x0, 0x0, '\x00', [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}]}, 0x22)
syz_emit_vhci(&(0x7f0000000140)=ANY=[], 0x8)
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0x38)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xba}, "08907218aca25d6932a231d58cdf470084cc7908d0cdd78021ea66811ae5594bff3388f432597d7b6a1917f8f08cd4de3367c230b529f096e7fc3e3471471e69910cf48a6261725a017f1b3ed01e77ba52f3126f1327b3ff690756566488c1497afeeb459a6d1ec896d57d9d0b49a6f6f30d0d927c501b7aa2a7b93950fece4f47c008422de845b6a79592b921904ce3c038bbbe8cdec3c18014d39f41d2ace95d56a9eaff613014ff9ad193f7dbc2899770316e57aee7fc88b0"}, 0xbe)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_host_features={{0x3d, 0xe}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, "44d296b510340b7d"}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x3, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_req={{0x14, 0x0, 0xa}, {0x6, 0x1f, 0x8000, 0x4, 0x3f}}}}, 0x17)
syz_emit_vhci(&(0x7f00000002c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x0, 0xa}, {0x0, 0x7f, 0x3ff, 0xe5, 0x8}}}}, 0x17)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_move_chan_cfm={{0x10, 0x7, 0x4}, {0xfc01, 0x1}}]}}, 0x11)

13:52:00 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2) (async)

13:52:00 executing program 1:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000001080), 0x101000, 0x0)
setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f00000010c0)=@gcm_128={{0x304}, "1936d47c5f884ef5", "6222c04acab217fad41eeaca0ad976b1", "74a48e8d", "254fbfb744c197b2"}, 0x28)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="03010000c64af9d778d4868d35f78bdd06eed93784889107ff4a17c1764b630714189ea61be35f67ce933f410042237d7c585fbd7ab1d02b77e19d5fe6edf7b3b725f151eb3c56640653717a0767e214c10b48bc4790d7114d51c8f6024559f2e5583d267c92f2c1de9d9cda79cc5b2bc1de50d0ac832bdf74b1bffead8b6b283a1dc4d00e9992a6f6cf6d0feebecb2b2e2561d8641a5e8792292594a447db8aa05b0dd7c2b649c159618ee6bbdc07e51e5ec335bb9c81e4eff03847c52ad2a7d1532b8a103a5cf82a203d239c9f24382ac4371fc7c3e6b5e57522fbc6b5262bed26bdf4118e17e70fb3f59640c9551d37a31286462221588383d3b2573dbeecc4f9516ee1c0aeeb63b56f2ec90709a00ed3961317eeaec3572cf7418bb57ee05c58c7141e6151968399989ad23922550accbab37bbd9efba95b4cf920bfe8dee6021024e37663727771b37d2d2ab1cdf00568c94f2e62ea3f7e10a329c35544942b9df1e98e6aeda9176a8844a39fefe5b5983dd7c012863cb1fa43c7efc5639d20cc7862b6cf9bd5412ba47160e1217c63e3728961659f1ccfc924d88b5c6e0c544707c60219eba20dce83db5cea62ad418cd771fb46a2b4552524e8e082a7b74aec2eaacd6841c70ad23b03ca366d95ca2336621d80a84e18e0d318098d12d92e2091283f0506c5619a31b06a927a5b092b1e7c7bce613132718184f76c3f794939f0f4e1fcb0c3ebe4136dca3e811781e7c3ef319387ff73daede7ea38745a6698416690ebb3b95f2efc986499df95a106adf8668bcb421a2eb333b2d027087709e4c802e898f6ff649deaf2f73695e1611ac9a12d72a96f1c634455413d81d30d2e134806dabfc60b459ab5a15c326e6222797a966a38c1d9e1d3a8aab307835bb3203628e11a7cf2fb86ea6c42bcfcdd472a33e2477c73a01191691498476eb4cfaee0c56cf28d49d08cbaa01d7a55118e989e13673d6b04d1c8344ecfbbea68086963bd244050309ff1440b4486081b99b2d5acdcf286087fc66ff2708b599a31d0f4c47778bb28cf92e435bb383b0785ab86c6972feaf63e788cf432d669e1edd4c63c28c2bf182c5e8cdd8a9e3c7ff48c76c6eba1fc32a93e3f7210d4420cf7fd4b29bea83c96768c0c22623991865f044d45d029db5bf4b1be8f86065396183b0f4d9b7e37b06e7c89cf07cb1afd5007ea5a6c1bc9b2bbdba9dfbb30e74f43db788c9027199ee66b4ef5501017e7241dc10c5d07b60796fb1995fdb5fa828083cb111903d05cab1bf6fdb580c237d771be31d13c667512ba6ec95345cd20c0bd8da55ab92ff1ce3b4336049eaf3704fd11ca04ea03317394e2fe34481846fa1c028cbd7fa8f449746724348453283fc97ceafad53b93f78fb7a7a96452817d4f8270821d1e2b7ae0a7906fd36fcc24923694e04641e0005aee5242107f42ce87c57269a5fe6dd19b63eea274624052e81a69f17ee8e3000de13495d58a6b29c2f4b78df57337367374ac07dbf7796e147ef477d7890faf801a1efc915923af9e09530a32c30d0b5e4339eb90317113930a707fcdf0b93566e9c94851040bf231039b1d5700dd1f861a2af63c17aa3f746f008b04020786d0a4c250b7a8584eb40875c5bd35b3a0fb94f82b9fbba77be70f96533431848f5deb1e052c8aa7ffd9595628d1a1045f05b1a55f34a7e8ea61eb004fcad69336237d80b7d7abdd4a4d03eb8acbf549cc28363e31a3ab3ac074b26cc47e5889c8f21f1b2cb8e0074976f15d0576c83619e2fcf964a54299abb132c9edf6be2fbde3f440d7de883e7b0558a2876e8f116dbbfb0ccd97210dda6c9b2cb0d5aacf3506e932aa8cdc6baab5a63ea941ae87d5441825ba9df1241dff6ed0aa14fef3fda566e5386175294a63d9f56c33ff58a293b5d6573799dfcf3665a183f42801869853750f54711e46d9cf33333ee61c18c144746785d0f99768f7ee3c198aaa1c5ef92afe39490ea88b9d2da8c79b789392f307fbe23d085d9bfad89ea1182a645e8a1aff7f35d4e38a35aa158be4a000192df3e9202adaaeea34c572f1835ddf08e56cd54684eac362ee7b286868bcff8419cd90cfbfd0fa0c5961f240d28c44e5bd34f32c262cbe8c85cc7095da03a5beefd49befefb87808a7c39a6becdbf088ac4f3f31c5025739578c821de78c6a0019f8df86158c3c8cd05d8d8a9f02a64fba3054e5de1c2addf858ac58c9f4449d2b1eb7fdb41c3526a0a014e4d5a6178cecc18a0c1e6f739f70f1eec84078d3a535d6b9a72d9abb80f8b93bad14ffb390e5f7e6d67a676795a8cf478162fa9de987f5ea7294c3076042c0b21b22e72af9f5d949f2f0fabb8c2085e4b051c01e910b0105f6b3b823267f150532d74af8aeb1ef995506eda767ef040b61ae2489a89776aa31f14867eefbb47705451907e9e27644ed2b1c0bb185521d73cfa2e3fa33dca9ecf1c35f326379802a6fee8ca447698539280d8503811e1e28f37287d8dee9d3afd3a113cd22d900a2196a6190dcf5012596ef92d15fcf943b704ce0a12d0b84e719af644239a65658b11dafe780d1d08a6460da40785a2882d36b2adc8eecd300209f90dd4abcd704e291e663b957d69704fe932784a516dc1aef8913865067cca6ca20a6695ee7acf7fd5bc7e60cb441e6a89f13227f28cbbf81bbae9cb38f08e455d302c259a4f1509801861c3182c7de3f79ad9fec0260a3f72c431faf773b160ef9295dca99e2a34f65847643627b1ffd1bfc1bec48048a79ddad8408273234d5230c0873f9336335bcdc1ea7ca1c4f372237222ef25e225dda4b5d49fb15e7c385029fc16ba71eec00dd243115f2fa994efc600b411ba203817fab424cc24285a97fdb1fbf365258d112f2dd680983b72c48773864e54319848e84c6162b0044d9c696d1c117985055c60d025209d1dd1253be620fbe14b1a2c9b511a1905a5f6d33a16b9afa0f1751e8108218f92cde2b16aaba52b2088750d6375446c5507c063aea1e1103b70b773563c5822ccffe047732eb7bcf3862fd75c0c593cace22356f70af09c7cd66d075def1996d240e32cc5b6eb16ee594362ca5d32f37e31365194eb3d1d807ba841805aabc95aa8aae691b4b93da5b76f59b5b2feb9015db7d14b5579a5c043d0ac3a56bdea2999c6bccdb4ff45c2e001e43d2081a5fdf579865f8d44a15454c57d025a73cec0fa24fa5878372bd673c7d0cde2a28c8aa1dbfce11653e18659bb2326f449852b0e9ec9984e6816e5adb0069889d0e5a52eba628fcef3daafe4b036604c9b442470bf55f18b34591ba7c4a88a2b7ef44cc300f75cc3e8c7fada155e9323a4bc99edf62ef52c0938e6d96ef2fd2e431ec9b40ac4eefab5d6b1d69182dcc387adcb4e24e650a7f5a814f98aca540e7ac9cdc34403e1d88442dede8497e469150f72aa863adc99932dd33f8435f61b1f2b90db5ec7d8932729300ccf8ef837b6b3335773ae9be658fecc890cd0a696c776360ca3017c703f78bd7b73edca70f71d238b5efa093de2259ddbfeca7763474c2f76d9e2d25804145f42f873a7554cff89e58053752fb35ed0d718f777f9ce252fa08ccad702166150ccdc1f44f41a647c5c619dbba5a6ac8924349363a9776cd28d3f6f50c7d1ae4a317b81f1053b95e917423c857ef4d6007d99761b0ffde9b05cd0e9521845b637dbb5a6fb9b7aaeadd1a2d70810e5a2f822e21002c7efd8d4f475f3e0e12f6e6e73ea9e20d3bedb5a3c78923865490a185a1f79cf3e2647b218ea8e537cc97f3d1a45ebaa893f07e79ef87ffa02d4758de8fb1fe8fe821ab5697dc0418649341f584e153e17aab1e9838cb9638dbe57a1b50a23044ca40bbb03bb22508cf6847f740c530cfeb9946616441620343d230edd52cffa23bd93ff56e2460509da5efc0ae35ca990fa298d12a39f99bd6ee26da2a5c2c0ea48cb30c047253eb23d43ca7918a94213c328cdca872e7f804fcc18b01681c233bd1bc2343dacf3254b66e069d06efa219391069939fd24501da49e5c25a8a272bb399b62ad91c9ca10592ac5fa9bc08ececed3d557296189341c3a0fbc7389ae28055079de83fd5bf27c0ca34609145c4d1ad763be1e324908151c2e8a732801c953fa149ef8513c4fe8eec8807fc65a824ac8616edc0997c5e51701c2c007297d7bdaf8964533e2cacf5fa3379e439dab1bf8ab9862fc4acf301d8e5b3b4381366475f4486bb42954602e4337e6e68bea7f59dffa0bca46250b7dfa4e506187c87757aa2a35feb4770c01837537390f23204e8581beef9827ad9e8030d967c8bc9af4ebea7c22c0e6aeff2d21ae0a879d8c12a46ee30b97b109ccd759bf301989f93570cc03aeaef8fd378cadd102c950e0a7112e36ead54ae942ef2447c2316dc307d07c0c4528647ce796cfdd0dff62352f2bb622b17d28e12043cd62958eb3ee6f50902e3b87fa84e9061ef1679402a461c2178a3994088b903146b9b28bc91f9806c31ee613f7524687a07b8853a7a27b4c51246756024066883eab8fc44432a7995ac0e45f4e0dc0cca8be6b81c81b5d8dcf9e662985b2f241b34a56336680007eaf79541bb92da3f82c7c0ef25c9090ee8680d10d236cca3dcd07250cd39c88445e4d7893b56225c3d5e8d9909fb016401a1438d339f4f50ca36e35bb29d899cc55d34528cc4705dca56ef1128aa61e81a55df9e1188854095025eaae93489fddc6bf6ff22c208dc92a56bdf9adf01f8996fc37ebd207da8a5c97f4b06d503789672330b53446e4263bdde8cc6aeae5bb7015c9b41ad21f9d5990b746baa2f56640f4d4feb0e36a38ed1f7658b781b8f68f1fbe7b4403450f97e13524bfd4d8af7f1abf74fae8e5709030db461ccfa8c203f76ef3b885ae7c3042fe339d330528de1afe87af3d165113ff3a5e8318080ec2cc5a186b880d7d30325c878dba81c87194c9a75574239718952c11ccfa58958266485ac7a6934e4df3ce8cd1c26c20c54c2e7b448dc85656a53fe6e7bd20f612254abd8361a7579c0df71067d54e78dc63e883ed12571c6aa8ac955e07039299a83c9ae6fbe0d71284223f422e0458e9d55107e8f02776f09a56fd59775e5136db9be036b1d52ded1889e99105950d9a2acc199bee7670f59a39bf85b0aef7e39b5fc185a727e0abd5b93846bb6862c2c7150fa39695576fd6c02792e6a0530a0f414b541844c2cd4764594c8c95f88dcab3f82d290051ecf274fa2dceb7788b9fe2d0aaaa860556f606d659f00a6e3dc819c86272390914a024de591fc360a02c7e493e425078bc6ecb4b9f981768df70e3b3a98dee4ce268a82cfe4444ad548e2c6ea7d66f27f8eabcb64b50f2d435c3acf20d536fa2e654b6ed62e5b9be774cfcaa0398257ad192f6545e3dbf615c9a63f63d47a5da0f2568b804b7235c39a90ca6ef6eda6269e8784afb878cc684db6b86e11a6260e781239b936dd731fce1f1dd16eb4cb817df10d7ce66aacb1b7498a305439571a63176c76224cb07335e00b4f32c7e268745b45de868eaa3ece03ebdf740c1008a783b9c7d6f87bf78af7c83f0b6113b65e17c1e2183ff38b7135f772602ab8d52ab0e23b94ea8b68646e51aa616c6f0616689713209a0bf4305ec8ad56b07d63cd05d2a171f3441426403e7a12edd23eed0103a980d3aa5804d760ef074fcf37e22afb0208e590ad3085df339f2356ff5e8f7b7eb699857e254260d93dc8633f0a859d775c05bebc9a653eddd53603f5bb858be4c66ae4f6ce37d3f983725688ffa611142d5ecec87b"], 0x1004)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000001080), 0x101000, 0x0) (async)
setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f00000010c0)=@gcm_128={{0x304}, "1936d47c5f884ef5", "6222c04acab217fad41eeaca0ad976b1", "74a48e8d", "254fbfb744c197b2"}, 0x28) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="03010000c64af9d778d4868d35f78bdd06eed93784889107ff4a17c1764b630714189ea61be35f67ce933f410042237d7c585fbd7ab1d02b77e19d5fe6edf7b3b725f151eb3c56640653717a0767e214c10b48bc4790d7114d51c8f6024559f2e5583d267c92f2c1de9d9cda79cc5b2bc1de50d0ac832bdf74b1bffead8b6b283a1dc4d00e9992a6f6cf6d0feebecb2b2e2561d8641a5e8792292594a447db8aa05b0dd7c2b649c159618ee6bbdc07e51e5ec335bb9c81e4eff03847c52ad2a7d1532b8a103a5cf82a203d239c9f24382ac4371fc7c3e6b5e57522fbc6b5262bed26bdf4118e17e70fb3f59640c9551d37a31286462221588383d3b2573dbeecc4f9516ee1c0aeeb63b56f2ec90709a00ed3961317eeaec3572cf7418bb57ee05c58c7141e6151968399989ad23922550accbab37bbd9efba95b4cf920bfe8dee6021024e37663727771b37d2d2ab1cdf00568c94f2e62ea3f7e10a329c35544942b9df1e98e6aeda9176a8844a39fefe5b5983dd7c012863cb1fa43c7efc5639d20cc7862b6cf9bd5412ba47160e1217c63e3728961659f1ccfc924d88b5c6e0c544707c60219eba20dce83db5cea62ad418cd771fb46a2b4552524e8e082a7b74aec2eaacd6841c70ad23b03ca366d95ca2336621d80a84e18e0d318098d12d92e2091283f0506c5619a31b06a927a5b092b1e7c7bce613132718184f76c3f794939f0f4e1fcb0c3ebe4136dca3e811781e7c3ef319387ff73daede7ea38745a6698416690ebb3b95f2efc986499df95a106adf8668bcb421a2eb333b2d027087709e4c802e898f6ff649deaf2f73695e1611ac9a12d72a96f1c634455413d81d30d2e134806dabfc60b459ab5a15c326e6222797a966a38c1d9e1d3a8aab307835bb3203628e11a7cf2fb86ea6c42bcfcdd472a33e2477c73a01191691498476eb4cfaee0c56cf28d49d08cbaa01d7a55118e989e13673d6b04d1c8344ecfbbea68086963bd244050309ff1440b4486081b99b2d5acdcf286087fc66ff2708b599a31d0f4c47778bb28cf92e435bb383b0785ab86c6972feaf63e788cf432d669e1edd4c63c28c2bf182c5e8cdd8a9e3c7ff48c76c6eba1fc32a93e3f7210d4420cf7fd4b29bea83c96768c0c22623991865f044d45d029db5bf4b1be8f86065396183b0f4d9b7e37b06e7c89cf07cb1afd5007ea5a6c1bc9b2bbdba9dfbb30e74f43db788c9027199ee66b4ef5501017e7241dc10c5d07b60796fb1995fdb5fa828083cb111903d05cab1bf6fdb580c237d771be31d13c667512ba6ec95345cd20c0bd8da55ab92ff1ce3b4336049eaf3704fd11ca04ea03317394e2fe34481846fa1c028cbd7fa8f449746724348453283fc97ceafad53b93f78fb7a7a96452817d4f8270821d1e2b7ae0a7906fd36fcc24923694e04641e0005aee5242107f42ce87c57269a5fe6dd19b63eea274624052e81a69f17ee8e3000de13495d58a6b29c2f4b78df57337367374ac07dbf7796e147ef477d7890faf801a1efc915923af9e09530a32c30d0b5e4339eb90317113930a707fcdf0b93566e9c94851040bf231039b1d5700dd1f861a2af63c17aa3f746f008b04020786d0a4c250b7a8584eb40875c5bd35b3a0fb94f82b9fbba77be70f96533431848f5deb1e052c8aa7ffd9595628d1a1045f05b1a55f34a7e8ea61eb004fcad69336237d80b7d7abdd4a4d03eb8acbf549cc28363e31a3ab3ac074b26cc47e5889c8f21f1b2cb8e0074976f15d0576c83619e2fcf964a54299abb132c9edf6be2fbde3f440d7de883e7b0558a2876e8f116dbbfb0ccd97210dda6c9b2cb0d5aacf3506e932aa8cdc6baab5a63ea941ae87d5441825ba9df1241dff6ed0aa14fef3fda566e5386175294a63d9f56c33ff58a293b5d6573799dfcf3665a183f42801869853750f54711e46d9cf33333ee61c18c144746785d0f99768f7ee3c198aaa1c5ef92afe39490ea88b9d2da8c79b789392f307fbe23d085d9bfad89ea1182a645e8a1aff7f35d4e38a35aa158be4a000192df3e9202adaaeea34c572f1835ddf08e56cd54684eac362ee7b286868bcff8419cd90cfbfd0fa0c5961f240d28c44e5bd34f32c262cbe8c85cc7095da03a5beefd49befefb87808a7c39a6becdbf088ac4f3f31c5025739578c821de78c6a0019f8df86158c3c8cd05d8d8a9f02a64fba3054e5de1c2addf858ac58c9f4449d2b1eb7fdb41c3526a0a014e4d5a6178cecc18a0c1e6f739f70f1eec84078d3a535d6b9a72d9abb80f8b93bad14ffb390e5f7e6d67a676795a8cf478162fa9de987f5ea7294c3076042c0b21b22e72af9f5d949f2f0fabb8c2085e4b051c01e910b0105f6b3b823267f150532d74af8aeb1ef995506eda767ef040b61ae2489a89776aa31f14867eefbb47705451907e9e27644ed2b1c0bb185521d73cfa2e3fa33dca9ecf1c35f326379802a6fee8ca447698539280d8503811e1e28f37287d8dee9d3afd3a113cd22d900a2196a6190dcf5012596ef92d15fcf943b704ce0a12d0b84e719af644239a65658b11dafe780d1d08a6460da40785a2882d36b2adc8eecd300209f90dd4abcd704e291e663b957d69704fe932784a516dc1aef8913865067cca6ca20a6695ee7acf7fd5bc7e60cb441e6a89f13227f28cbbf81bbae9cb38f08e455d302c259a4f1509801861c3182c7de3f79ad9fec0260a3f72c431faf773b160ef9295dca99e2a34f65847643627b1ffd1bfc1bec48048a79ddad8408273234d5230c0873f9336335bcdc1ea7ca1c4f372237222ef25e225dda4b5d49fb15e7c385029fc16ba71eec00dd243115f2fa994efc600b411ba203817fab424cc24285a97fdb1fbf365258d112f2dd680983b72c48773864e54319848e84c6162b0044d9c696d1c117985055c60d025209d1dd1253be620fbe14b1a2c9b511a1905a5f6d33a16b9afa0f1751e8108218f92cde2b16aaba52b2088750d6375446c5507c063aea1e1103b70b773563c5822ccffe047732eb7bcf3862fd75c0c593cace22356f70af09c7cd66d075def1996d240e32cc5b6eb16ee594362ca5d32f37e31365194eb3d1d807ba841805aabc95aa8aae691b4b93da5b76f59b5b2feb9015db7d14b5579a5c043d0ac3a56bdea2999c6bccdb4ff45c2e001e43d2081a5fdf579865f8d44a15454c57d025a73cec0fa24fa5878372bd673c7d0cde2a28c8aa1dbfce11653e18659bb2326f449852b0e9ec9984e6816e5adb0069889d0e5a52eba628fcef3daafe4b036604c9b442470bf55f18b34591ba7c4a88a2b7ef44cc300f75cc3e8c7fada155e9323a4bc99edf62ef52c0938e6d96ef2fd2e431ec9b40ac4eefab5d6b1d69182dcc387adcb4e24e650a7f5a814f98aca540e7ac9cdc34403e1d88442dede8497e469150f72aa863adc99932dd33f8435f61b1f2b90db5ec7d8932729300ccf8ef837b6b3335773ae9be658fecc890cd0a696c776360ca3017c703f78bd7b73edca70f71d238b5efa093de2259ddbfeca7763474c2f76d9e2d25804145f42f873a7554cff89e58053752fb35ed0d718f777f9ce252fa08ccad702166150ccdc1f44f41a647c5c619dbba5a6ac8924349363a9776cd28d3f6f50c7d1ae4a317b81f1053b95e917423c857ef4d6007d99761b0ffde9b05cd0e9521845b637dbb5a6fb9b7aaeadd1a2d70810e5a2f822e21002c7efd8d4f475f3e0e12f6e6e73ea9e20d3bedb5a3c78923865490a185a1f79cf3e2647b218ea8e537cc97f3d1a45ebaa893f07e79ef87ffa02d4758de8fb1fe8fe821ab5697dc0418649341f584e153e17aab1e9838cb9638dbe57a1b50a23044ca40bbb03bb22508cf6847f740c530cfeb9946616441620343d230edd52cffa23bd93ff56e2460509da5efc0ae35ca990fa298d12a39f99bd6ee26da2a5c2c0ea48cb30c047253eb23d43ca7918a94213c328cdca872e7f804fcc18b01681c233bd1bc2343dacf3254b66e069d06efa219391069939fd24501da49e5c25a8a272bb399b62ad91c9ca10592ac5fa9bc08ececed3d557296189341c3a0fbc7389ae28055079de83fd5bf27c0ca34609145c4d1ad763be1e324908151c2e8a732801c953fa149ef8513c4fe8eec8807fc65a824ac8616edc0997c5e51701c2c007297d7bdaf8964533e2cacf5fa3379e439dab1bf8ab9862fc4acf301d8e5b3b4381366475f4486bb42954602e4337e6e68bea7f59dffa0bca46250b7dfa4e506187c87757aa2a35feb4770c01837537390f23204e8581beef9827ad9e8030d967c8bc9af4ebea7c22c0e6aeff2d21ae0a879d8c12a46ee30b97b109ccd759bf301989f93570cc03aeaef8fd378cadd102c950e0a7112e36ead54ae942ef2447c2316dc307d07c0c4528647ce796cfdd0dff62352f2bb622b17d28e12043cd62958eb3ee6f50902e3b87fa84e9061ef1679402a461c2178a3994088b903146b9b28bc91f9806c31ee613f7524687a07b8853a7a27b4c51246756024066883eab8fc44432a7995ac0e45f4e0dc0cca8be6b81c81b5d8dcf9e662985b2f241b34a56336680007eaf79541bb92da3f82c7c0ef25c9090ee8680d10d236cca3dcd07250cd39c88445e4d7893b56225c3d5e8d9909fb016401a1438d339f4f50ca36e35bb29d899cc55d34528cc4705dca56ef1128aa61e81a55df9e1188854095025eaae93489fddc6bf6ff22c208dc92a56bdf9adf01f8996fc37ebd207da8a5c97f4b06d503789672330b53446e4263bdde8cc6aeae5bb7015c9b41ad21f9d5990b746baa2f56640f4d4feb0e36a38ed1f7658b781b8f68f1fbe7b4403450f97e13524bfd4d8af7f1abf74fae8e5709030db461ccfa8c203f76ef3b885ae7c3042fe339d330528de1afe87af3d165113ff3a5e8318080ec2cc5a186b880d7d30325c878dba81c87194c9a75574239718952c11ccfa58958266485ac7a6934e4df3ce8cd1c26c20c54c2e7b448dc85656a53fe6e7bd20f612254abd8361a7579c0df71067d54e78dc63e883ed12571c6aa8ac955e07039299a83c9ae6fbe0d71284223f422e0458e9d55107e8f02776f09a56fd59775e5136db9be036b1d52ded1889e99105950d9a2acc199bee7670f59a39bf85b0aef7e39b5fc185a727e0abd5b93846bb6862c2c7150fa39695576fd6c02792e6a0530a0f414b541844c2cd4764594c8c95f88dcab3f82d290051ecf274fa2dceb7788b9fe2d0aaaa860556f606d659f00a6e3dc819c86272390914a024de591fc360a02c7e493e425078bc6ecb4b9f981768df70e3b3a98dee4ce268a82cfe4444ad548e2c6ea7d66f27f8eabcb64b50f2d435c3acf20d536fa2e654b6ed62e5b9be774cfcaa0398257ad192f6545e3dbf615c9a63f63d47a5da0f2568b804b7235c39a90ca6ef6eda6269e8784afb878cc684db6b86e11a6260e781239b936dd731fce1f1dd16eb4cb817df10d7ce66aacb1b7498a305439571a63176c76224cb07335e00b4f32c7e268745b45de868eaa3ece03ebdf740c1008a783b9c7d6f87bf78af7c83f0b6113b65e17c1e2183ff38b7135f772602ab8d52ab0e23b94ea8b68646e51aa616c6f0616689713209a0bf4305ec8ad56b07d63cd05d2a171f3441426403e7a12edd23eed0103a980d3aa5804d760ef074fcf37e22afb0208e590ad3085df339f2356ff5e8f7b7eb699857e254260d93dc8633f0a859d775c05bebc9a653eddd53603f5bb858be4c66ae4f6ce37d3f983725688ffa611142d5ecec87b"], 0x1004) (async)

13:52:00 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x510)

13:52:00 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

13:52:00 executing program 3:
io_uring_register$IORING_REGISTER_PROBE(0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x0, 0x0, 0x0, '\x00', [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}]}, 0x22)
syz_emit_vhci(&(0x7f0000000140)=ANY=[], 0x8)
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0x38)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xba}, "08907218aca25d6932a231d58cdf470084cc7908d0cdd78021ea66811ae5594bff3388f432597d7b6a1917f8f08cd4de3367c230b529f096e7fc3e3471471e69910cf48a6261725a017f1b3ed01e77ba52f3126f1327b3ff690756566488c1497afeeb459a6d1ec896d57d9d0b49a6f6f30d0d927c501b7aa2a7b93950fece4f47c008422de845b6a79592b921904ce3c038bbbe8cdec3c18014d39f41d2ace95d56a9eaff613014ff9ad193f7dbc2899770316e57aee7fc88b0"}, 0xbe)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_host_features={{0x3d, 0xe}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, "44d296b510340b7d"}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x3, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_req={{0x14, 0x0, 0xa}, {0x6, 0x1f, 0x8000, 0x4, 0x3f}}}}, 0x17)
syz_emit_vhci(&(0x7f00000002c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x0, 0xa}, {0x0, 0x7f, 0x3ff, 0xe5, 0x8}}}}, 0x17)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_move_chan_cfm={{0x10, 0x7, 0x4}, {0xfc01, 0x1}}]}}, 0x11)

13:52:00 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000006000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:52:00 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x528)

13:52:00 executing program 1:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000001080), 0x101000, 0x0)
setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f00000010c0)=@gcm_128={{0x304}, "1936d47c5f884ef5", "6222c04acab217fad41eeaca0ad976b1", "74a48e8d", "254fbfb744c197b2"}, 0x28)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="03010000c64af9d778d4868d35f78bdd06eed93784889107ff4a17c1764b630714189ea61be35f67ce933f410042237d7c585fbd7ab1d02b77e19d5fe6edf7b3b725f151eb3c56640653717a0767e214c10b48bc4790d7114d51c8f6024559f2e5583d267c92f2c1de9d9cda79cc5b2bc1de50d0ac832bdf74b1bffead8b6b283a1dc4d00e9992a6f6cf6d0feebecb2b2e2561d8641a5e8792292594a447db8aa05b0dd7c2b649c159618ee6bbdc07e51e5ec335bb9c81e4eff03847c52ad2a7d1532b8a103a5cf82a203d239c9f24382ac4371fc7c3e6b5e57522fbc6b5262bed26bdf4118e17e70fb3f59640c9551d37a31286462221588383d3b2573dbeecc4f9516ee1c0aeeb63b56f2ec90709a00ed3961317eeaec3572cf7418bb57ee05c58c7141e6151968399989ad23922550accbab37bbd9efba95b4cf920bfe8dee6021024e37663727771b37d2d2ab1cdf00568c94f2e62ea3f7e10a329c35544942b9df1e98e6aeda9176a8844a39fefe5b5983dd7c012863cb1fa43c7efc5639d20cc7862b6cf9bd5412ba47160e1217c63e3728961659f1ccfc924d88b5c6e0c544707c60219eba20dce83db5cea62ad418cd771fb46a2b4552524e8e082a7b74aec2eaacd6841c70ad23b03ca366d95ca2336621d80a84e18e0d318098d12d92e2091283f0506c5619a31b06a927a5b092b1e7c7bce613132718184f76c3f794939f0f4e1fcb0c3ebe4136dca3e811781e7c3ef319387ff73daede7ea38745a6698416690ebb3b95f2efc986499df95a106adf8668bcb421a2eb333b2d027087709e4c802e898f6ff649deaf2f73695e1611ac9a12d72a96f1c634455413d81d30d2e134806dabfc60b459ab5a15c326e6222797a966a38c1d9e1d3a8aab307835bb3203628e11a7cf2fb86ea6c42bcfcdd472a33e2477c73a01191691498476eb4cfaee0c56cf28d49d08cbaa01d7a55118e989e13673d6b04d1c8344ecfbbea68086963bd244050309ff1440b4486081b99b2d5acdcf286087fc66ff2708b599a31d0f4c47778bb28cf92e435bb383b0785ab86c6972feaf63e788cf432d669e1edd4c63c28c2bf182c5e8cdd8a9e3c7ff48c76c6eba1fc32a93e3f7210d4420cf7fd4b29bea83c96768c0c22623991865f044d45d029db5bf4b1be8f86065396183b0f4d9b7e37b06e7c89cf07cb1afd5007ea5a6c1bc9b2bbdba9dfbb30e74f43db788c9027199ee66b4ef5501017e7241dc10c5d07b60796fb1995fdb5fa828083cb111903d05cab1bf6fdb580c237d771be31d13c667512ba6ec95345cd20c0bd8da55ab92ff1ce3b4336049eaf3704fd11ca04ea03317394e2fe34481846fa1c028cbd7fa8f449746724348453283fc97ceafad53b93f78fb7a7a96452817d4f8270821d1e2b7ae0a7906fd36fcc24923694e04641e0005aee5242107f42ce87c57269a5fe6dd19b63eea274624052e81a69f17ee8e3000de13495d58a6b29c2f4b78df57337367374ac07dbf7796e147ef477d7890faf801a1efc915923af9e09530a32c30d0b5e4339eb90317113930a707fcdf0b93566e9c94851040bf231039b1d5700dd1f861a2af63c17aa3f746f008b04020786d0a4c250b7a8584eb40875c5bd35b3a0fb94f82b9fbba77be70f96533431848f5deb1e052c8aa7ffd9595628d1a1045f05b1a55f34a7e8ea61eb004fcad69336237d80b7d7abdd4a4d03eb8acbf549cc28363e31a3ab3ac074b26cc47e5889c8f21f1b2cb8e0074976f15d0576c83619e2fcf964a54299abb132c9edf6be2fbde3f440d7de883e7b0558a2876e8f116dbbfb0ccd97210dda6c9b2cb0d5aacf3506e932aa8cdc6baab5a63ea941ae87d5441825ba9df1241dff6ed0aa14fef3fda566e5386175294a63d9f56c33ff58a293b5d6573799dfcf3665a183f42801869853750f54711e46d9cf33333ee61c18c144746785d0f99768f7ee3c198aaa1c5ef92afe39490ea88b9d2da8c79b789392f307fbe23d085d9bfad89ea1182a645e8a1aff7f35d4e38a35aa158be4a000192df3e9202adaaeea34c572f1835ddf08e56cd54684eac362ee7b286868bcff8419cd90cfbfd0fa0c5961f240d28c44e5bd34f32c262cbe8c85cc7095da03a5beefd49befefb87808a7c39a6becdbf088ac4f3f31c5025739578c821de78c6a0019f8df86158c3c8cd05d8d8a9f02a64fba3054e5de1c2addf858ac58c9f4449d2b1eb7fdb41c3526a0a014e4d5a6178cecc18a0c1e6f739f70f1eec84078d3a535d6b9a72d9abb80f8b93bad14ffb390e5f7e6d67a676795a8cf478162fa9de987f5ea7294c3076042c0b21b22e72af9f5d949f2f0fabb8c2085e4b051c01e910b0105f6b3b823267f150532d74af8aeb1ef995506eda767ef040b61ae2489a89776aa31f14867eefbb47705451907e9e27644ed2b1c0bb185521d73cfa2e3fa33dca9ecf1c35f326379802a6fee8ca447698539280d8503811e1e28f37287d8dee9d3afd3a113cd22d900a2196a6190dcf5012596ef92d15fcf943b704ce0a12d0b84e719af644239a65658b11dafe780d1d08a6460da40785a2882d36b2adc8eecd300209f90dd4abcd704e291e663b957d69704fe932784a516dc1aef8913865067cca6ca20a6695ee7acf7fd5bc7e60cb441e6a89f13227f28cbbf81bbae9cb38f08e455d302c259a4f1509801861c3182c7de3f79ad9fec0260a3f72c431faf773b160ef9295dca99e2a34f65847643627b1ffd1bfc1bec48048a79ddad8408273234d5230c0873f9336335bcdc1ea7ca1c4f372237222ef25e225dda4b5d49fb15e7c385029fc16ba71eec00dd243115f2fa994efc600b411ba203817fab424cc24285a97fdb1fbf365258d112f2dd680983b72c48773864e54319848e84c6162b0044d9c696d1c117985055c60d025209d1dd1253be620fbe14b1a2c9b511a1905a5f6d33a16b9afa0f1751e8108218f92cde2b16aaba52b2088750d6375446c5507c063aea1e1103b70b773563c5822ccffe047732eb7bcf3862fd75c0c593cace22356f70af09c7cd66d075def1996d240e32cc5b6eb16ee594362ca5d32f37e31365194eb3d1d807ba841805aabc95aa8aae691b4b93da5b76f59b5b2feb9015db7d14b5579a5c043d0ac3a56bdea2999c6bccdb4ff45c2e001e43d2081a5fdf579865f8d44a15454c57d025a73cec0fa24fa5878372bd673c7d0cde2a28c8aa1dbfce11653e18659bb2326f449852b0e9ec9984e6816e5adb0069889d0e5a52eba628fcef3daafe4b036604c9b442470bf55f18b34591ba7c4a88a2b7ef44cc300f75cc3e8c7fada155e9323a4bc99edf62ef52c0938e6d96ef2fd2e431ec9b40ac4eefab5d6b1d69182dcc387adcb4e24e650a7f5a814f98aca540e7ac9cdc34403e1d88442dede8497e469150f72aa863adc99932dd33f8435f61b1f2b90db5ec7d8932729300ccf8ef837b6b3335773ae9be658fecc890cd0a696c776360ca3017c703f78bd7b73edca70f71d238b5efa093de2259ddbfeca7763474c2f76d9e2d25804145f42f873a7554cff89e58053752fb35ed0d718f777f9ce252fa08ccad702166150ccdc1f44f41a647c5c619dbba5a6ac8924349363a9776cd28d3f6f50c7d1ae4a317b81f1053b95e917423c857ef4d6007d99761b0ffde9b05cd0e9521845b637dbb5a6fb9b7aaeadd1a2d70810e5a2f822e21002c7efd8d4f475f3e0e12f6e6e73ea9e20d3bedb5a3c78923865490a185a1f79cf3e2647b218ea8e537cc97f3d1a45ebaa893f07e79ef87ffa02d4758de8fb1fe8fe821ab5697dc0418649341f584e153e17aab1e9838cb9638dbe57a1b50a23044ca40bbb03bb22508cf6847f740c530cfeb9946616441620343d230edd52cffa23bd93ff56e2460509da5efc0ae35ca990fa298d12a39f99bd6ee26da2a5c2c0ea48cb30c047253eb23d43ca7918a94213c328cdca872e7f804fcc18b01681c233bd1bc2343dacf3254b66e069d06efa219391069939fd24501da49e5c25a8a272bb399b62ad91c9ca10592ac5fa9bc08ececed3d557296189341c3a0fbc7389ae28055079de83fd5bf27c0ca34609145c4d1ad763be1e324908151c2e8a732801c953fa149ef8513c4fe8eec8807fc65a824ac8616edc0997c5e51701c2c007297d7bdaf8964533e2cacf5fa3379e439dab1bf8ab9862fc4acf301d8e5b3b4381366475f4486bb42954602e4337e6e68bea7f59dffa0bca46250b7dfa4e506187c87757aa2a35feb4770c01837537390f23204e8581beef9827ad9e8030d967c8bc9af4ebea7c22c0e6aeff2d21ae0a879d8c12a46ee30b97b109ccd759bf301989f93570cc03aeaef8fd378cadd102c950e0a7112e36ead54ae942ef2447c2316dc307d07c0c4528647ce796cfdd0dff62352f2bb622b17d28e12043cd62958eb3ee6f50902e3b87fa84e9061ef1679402a461c2178a3994088b903146b9b28bc91f9806c31ee613f7524687a07b8853a7a27b4c51246756024066883eab8fc44432a7995ac0e45f4e0dc0cca8be6b81c81b5d8dcf9e662985b2f241b34a56336680007eaf79541bb92da3f82c7c0ef25c9090ee8680d10d236cca3dcd07250cd39c88445e4d7893b56225c3d5e8d9909fb016401a1438d339f4f50ca36e35bb29d899cc55d34528cc4705dca56ef1128aa61e81a55df9e1188854095025eaae93489fddc6bf6ff22c208dc92a56bdf9adf01f8996fc37ebd207da8a5c97f4b06d503789672330b53446e4263bdde8cc6aeae5bb7015c9b41ad21f9d5990b746baa2f56640f4d4feb0e36a38ed1f7658b781b8f68f1fbe7b4403450f97e13524bfd4d8af7f1abf74fae8e5709030db461ccfa8c203f76ef3b885ae7c3042fe339d330528de1afe87af3d165113ff3a5e8318080ec2cc5a186b880d7d30325c878dba81c87194c9a75574239718952c11ccfa58958266485ac7a6934e4df3ce8cd1c26c20c54c2e7b448dc85656a53fe6e7bd20f612254abd8361a7579c0df71067d54e78dc63e883ed12571c6aa8ac955e07039299a83c9ae6fbe0d71284223f422e0458e9d55107e8f02776f09a56fd59775e5136db9be036b1d52ded1889e99105950d9a2acc199bee7670f59a39bf85b0aef7e39b5fc185a727e0abd5b93846bb6862c2c7150fa39695576fd6c02792e6a0530a0f414b541844c2cd4764594c8c95f88dcab3f82d290051ecf274fa2dceb7788b9fe2d0aaaa860556f606d659f00a6e3dc819c86272390914a024de591fc360a02c7e493e425078bc6ecb4b9f981768df70e3b3a98dee4ce268a82cfe4444ad548e2c6ea7d66f27f8eabcb64b50f2d435c3acf20d536fa2e654b6ed62e5b9be774cfcaa0398257ad192f6545e3dbf615c9a63f63d47a5da0f2568b804b7235c39a90ca6ef6eda6269e8784afb878cc684db6b86e11a6260e781239b936dd731fce1f1dd16eb4cb817df10d7ce66aacb1b7498a305439571a63176c76224cb07335e00b4f32c7e268745b45de868eaa3ece03ebdf740c1008a783b9c7d6f87bf78af7c83f0b6113b65e17c1e2183ff38b7135f772602ab8d52ab0e23b94ea8b68646e51aa616c6f0616689713209a0bf4305ec8ad56b07d63cd05d2a171f3441426403e7a12edd23eed0103a980d3aa5804d760ef074fcf37e22afb0208e590ad3085df339f2356ff5e8f7b7eb699857e254260d93dc8633f0a859d775c05bebc9a653eddd53603f5bb858be4c66ae4f6ce37d3f983725688ffa611142d5ecec87b"], 0x1004)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000001080), 0x101000, 0x0) (async)
setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f00000010c0)=@gcm_128={{0x304}, "1936d47c5f884ef5", "6222c04acab217fad41eeaca0ad976b1", "74a48e8d", "254fbfb744c197b2"}, 0x28) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) (async)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="03010000c64af9d778d4868d35f78bdd06eed93784889107ff4a17c1764b630714189ea61be35f67ce933f410042237d7c585fbd7ab1d02b77e19d5fe6edf7b3b725f151eb3c56640653717a0767e214c10b48bc4790d7114d51c8f6024559f2e5583d267c92f2c1de9d9cda79cc5b2bc1de50d0ac832bdf74b1bffead8b6b283a1dc4d00e9992a6f6cf6d0feebecb2b2e2561d8641a5e8792292594a447db8aa05b0dd7c2b649c159618ee6bbdc07e51e5ec335bb9c81e4eff03847c52ad2a7d1532b8a103a5cf82a203d239c9f24382ac4371fc7c3e6b5e57522fbc6b5262bed26bdf4118e17e70fb3f59640c9551d37a31286462221588383d3b2573dbeecc4f9516ee1c0aeeb63b56f2ec90709a00ed3961317eeaec3572cf7418bb57ee05c58c7141e6151968399989ad23922550accbab37bbd9efba95b4cf920bfe8dee6021024e37663727771b37d2d2ab1cdf00568c94f2e62ea3f7e10a329c35544942b9df1e98e6aeda9176a8844a39fefe5b5983dd7c012863cb1fa43c7efc5639d20cc7862b6cf9bd5412ba47160e1217c63e3728961659f1ccfc924d88b5c6e0c544707c60219eba20dce83db5cea62ad418cd771fb46a2b4552524e8e082a7b74aec2eaacd6841c70ad23b03ca366d95ca2336621d80a84e18e0d318098d12d92e2091283f0506c5619a31b06a927a5b092b1e7c7bce613132718184f76c3f794939f0f4e1fcb0c3ebe4136dca3e811781e7c3ef319387ff73daede7ea38745a6698416690ebb3b95f2efc986499df95a106adf8668bcb421a2eb333b2d027087709e4c802e898f6ff649deaf2f73695e1611ac9a12d72a96f1c634455413d81d30d2e134806dabfc60b459ab5a15c326e6222797a966a38c1d9e1d3a8aab307835bb3203628e11a7cf2fb86ea6c42bcfcdd472a33e2477c73a01191691498476eb4cfaee0c56cf28d49d08cbaa01d7a55118e989e13673d6b04d1c8344ecfbbea68086963bd244050309ff1440b4486081b99b2d5acdcf286087fc66ff2708b599a31d0f4c47778bb28cf92e435bb383b0785ab86c6972feaf63e788cf432d669e1edd4c63c28c2bf182c5e8cdd8a9e3c7ff48c76c6eba1fc32a93e3f7210d4420cf7fd4b29bea83c96768c0c22623991865f044d45d029db5bf4b1be8f86065396183b0f4d9b7e37b06e7c89cf07cb1afd5007ea5a6c1bc9b2bbdba9dfbb30e74f43db788c9027199ee66b4ef5501017e7241dc10c5d07b60796fb1995fdb5fa828083cb111903d05cab1bf6fdb580c237d771be31d13c667512ba6ec95345cd20c0bd8da55ab92ff1ce3b4336049eaf3704fd11ca04ea03317394e2fe34481846fa1c028cbd7fa8f449746724348453283fc97ceafad53b93f78fb7a7a96452817d4f8270821d1e2b7ae0a7906fd36fcc24923694e04641e0005aee5242107f42ce87c57269a5fe6dd19b63eea274624052e81a69f17ee8e3000de13495d58a6b29c2f4b78df57337367374ac07dbf7796e147ef477d7890faf801a1efc915923af9e09530a32c30d0b5e4339eb90317113930a707fcdf0b93566e9c94851040bf231039b1d5700dd1f861a2af63c17aa3f746f008b04020786d0a4c250b7a8584eb40875c5bd35b3a0fb94f82b9fbba77be70f96533431848f5deb1e052c8aa7ffd9595628d1a1045f05b1a55f34a7e8ea61eb004fcad69336237d80b7d7abdd4a4d03eb8acbf549cc28363e31a3ab3ac074b26cc47e5889c8f21f1b2cb8e0074976f15d0576c83619e2fcf964a54299abb132c9edf6be2fbde3f440d7de883e7b0558a2876e8f116dbbfb0ccd97210dda6c9b2cb0d5aacf3506e932aa8cdc6baab5a63ea941ae87d5441825ba9df1241dff6ed0aa14fef3fda566e5386175294a63d9f56c33ff58a293b5d6573799dfcf3665a183f42801869853750f54711e46d9cf33333ee61c18c144746785d0f99768f7ee3c198aaa1c5ef92afe39490ea88b9d2da8c79b789392f307fbe23d085d9bfad89ea1182a645e8a1aff7f35d4e38a35aa158be4a000192df3e9202adaaeea34c572f1835ddf08e56cd54684eac362ee7b286868bcff8419cd90cfbfd0fa0c5961f240d28c44e5bd34f32c262cbe8c85cc7095da03a5beefd49befefb87808a7c39a6becdbf088ac4f3f31c5025739578c821de78c6a0019f8df86158c3c8cd05d8d8a9f02a64fba3054e5de1c2addf858ac58c9f4449d2b1eb7fdb41c3526a0a014e4d5a6178cecc18a0c1e6f739f70f1eec84078d3a535d6b9a72d9abb80f8b93bad14ffb390e5f7e6d67a676795a8cf478162fa9de987f5ea7294c3076042c0b21b22e72af9f5d949f2f0fabb8c2085e4b051c01e910b0105f6b3b823267f150532d74af8aeb1ef995506eda767ef040b61ae2489a89776aa31f14867eefbb47705451907e9e27644ed2b1c0bb185521d73cfa2e3fa33dca9ecf1c35f326379802a6fee8ca447698539280d8503811e1e28f37287d8dee9d3afd3a113cd22d900a2196a6190dcf5012596ef92d15fcf943b704ce0a12d0b84e719af644239a65658b11dafe780d1d08a6460da40785a2882d36b2adc8eecd300209f90dd4abcd704e291e663b957d69704fe932784a516dc1aef8913865067cca6ca20a6695ee7acf7fd5bc7e60cb441e6a89f13227f28cbbf81bbae9cb38f08e455d302c259a4f1509801861c3182c7de3f79ad9fec0260a3f72c431faf773b160ef9295dca99e2a34f65847643627b1ffd1bfc1bec48048a79ddad8408273234d5230c0873f9336335bcdc1ea7ca1c4f372237222ef25e225dda4b5d49fb15e7c385029fc16ba71eec00dd243115f2fa994efc600b411ba203817fab424cc24285a97fdb1fbf365258d112f2dd680983b72c48773864e54319848e84c6162b0044d9c696d1c117985055c60d025209d1dd1253be620fbe14b1a2c9b511a1905a5f6d33a16b9afa0f1751e8108218f92cde2b16aaba52b2088750d6375446c5507c063aea1e1103b70b773563c5822ccffe047732eb7bcf3862fd75c0c593cace22356f70af09c7cd66d075def1996d240e32cc5b6eb16ee594362ca5d32f37e31365194eb3d1d807ba841805aabc95aa8aae691b4b93da5b76f59b5b2feb9015db7d14b5579a5c043d0ac3a56bdea2999c6bccdb4ff45c2e001e43d2081a5fdf579865f8d44a15454c57d025a73cec0fa24fa5878372bd673c7d0cde2a28c8aa1dbfce11653e18659bb2326f449852b0e9ec9984e6816e5adb0069889d0e5a52eba628fcef3daafe4b036604c9b442470bf55f18b34591ba7c4a88a2b7ef44cc300f75cc3e8c7fada155e9323a4bc99edf62ef52c0938e6d96ef2fd2e431ec9b40ac4eefab5d6b1d69182dcc387adcb4e24e650a7f5a814f98aca540e7ac9cdc34403e1d88442dede8497e469150f72aa863adc99932dd33f8435f61b1f2b90db5ec7d8932729300ccf8ef837b6b3335773ae9be658fecc890cd0a696c776360ca3017c703f78bd7b73edca70f71d238b5efa093de2259ddbfeca7763474c2f76d9e2d25804145f42f873a7554cff89e58053752fb35ed0d718f777f9ce252fa08ccad702166150ccdc1f44f41a647c5c619dbba5a6ac8924349363a9776cd28d3f6f50c7d1ae4a317b81f1053b95e917423c857ef4d6007d99761b0ffde9b05cd0e9521845b637dbb5a6fb9b7aaeadd1a2d70810e5a2f822e21002c7efd8d4f475f3e0e12f6e6e73ea9e20d3bedb5a3c78923865490a185a1f79cf3e2647b218ea8e537cc97f3d1a45ebaa893f07e79ef87ffa02d4758de8fb1fe8fe821ab5697dc0418649341f584e153e17aab1e9838cb9638dbe57a1b50a23044ca40bbb03bb22508cf6847f740c530cfeb9946616441620343d230edd52cffa23bd93ff56e2460509da5efc0ae35ca990fa298d12a39f99bd6ee26da2a5c2c0ea48cb30c047253eb23d43ca7918a94213c328cdca872e7f804fcc18b01681c233bd1bc2343dacf3254b66e069d06efa219391069939fd24501da49e5c25a8a272bb399b62ad91c9ca10592ac5fa9bc08ececed3d557296189341c3a0fbc7389ae28055079de83fd5bf27c0ca34609145c4d1ad763be1e324908151c2e8a732801c953fa149ef8513c4fe8eec8807fc65a824ac8616edc0997c5e51701c2c007297d7bdaf8964533e2cacf5fa3379e439dab1bf8ab9862fc4acf301d8e5b3b4381366475f4486bb42954602e4337e6e68bea7f59dffa0bca46250b7dfa4e506187c87757aa2a35feb4770c01837537390f23204e8581beef9827ad9e8030d967c8bc9af4ebea7c22c0e6aeff2d21ae0a879d8c12a46ee30b97b109ccd759bf301989f93570cc03aeaef8fd378cadd102c950e0a7112e36ead54ae942ef2447c2316dc307d07c0c4528647ce796cfdd0dff62352f2bb622b17d28e12043cd62958eb3ee6f50902e3b87fa84e9061ef1679402a461c2178a3994088b903146b9b28bc91f9806c31ee613f7524687a07b8853a7a27b4c51246756024066883eab8fc44432a7995ac0e45f4e0dc0cca8be6b81c81b5d8dcf9e662985b2f241b34a56336680007eaf79541bb92da3f82c7c0ef25c9090ee8680d10d236cca3dcd07250cd39c88445e4d7893b56225c3d5e8d9909fb016401a1438d339f4f50ca36e35bb29d899cc55d34528cc4705dca56ef1128aa61e81a55df9e1188854095025eaae93489fddc6bf6ff22c208dc92a56bdf9adf01f8996fc37ebd207da8a5c97f4b06d503789672330b53446e4263bdde8cc6aeae5bb7015c9b41ad21f9d5990b746baa2f56640f4d4feb0e36a38ed1f7658b781b8f68f1fbe7b4403450f97e13524bfd4d8af7f1abf74fae8e5709030db461ccfa8c203f76ef3b885ae7c3042fe339d330528de1afe87af3d165113ff3a5e8318080ec2cc5a186b880d7d30325c878dba81c87194c9a75574239718952c11ccfa58958266485ac7a6934e4df3ce8cd1c26c20c54c2e7b448dc85656a53fe6e7bd20f612254abd8361a7579c0df71067d54e78dc63e883ed12571c6aa8ac955e07039299a83c9ae6fbe0d71284223f422e0458e9d55107e8f02776f09a56fd59775e5136db9be036b1d52ded1889e99105950d9a2acc199bee7670f59a39bf85b0aef7e39b5fc185a727e0abd5b93846bb6862c2c7150fa39695576fd6c02792e6a0530a0f414b541844c2cd4764594c8c95f88dcab3f82d290051ecf274fa2dceb7788b9fe2d0aaaa860556f606d659f00a6e3dc819c86272390914a024de591fc360a02c7e493e425078bc6ecb4b9f981768df70e3b3a98dee4ce268a82cfe4444ad548e2c6ea7d66f27f8eabcb64b50f2d435c3acf20d536fa2e654b6ed62e5b9be774cfcaa0398257ad192f6545e3dbf615c9a63f63d47a5da0f2568b804b7235c39a90ca6ef6eda6269e8784afb878cc684db6b86e11a6260e781239b936dd731fce1f1dd16eb4cb817df10d7ce66aacb1b7498a305439571a63176c76224cb07335e00b4f32c7e268745b45de868eaa3ece03ebdf740c1008a783b9c7d6f87bf78af7c83f0b6113b65e17c1e2183ff38b7135f772602ab8d52ab0e23b94ea8b68646e51aa616c6f0616689713209a0bf4305ec8ad56b07d63cd05d2a171f3441426403e7a12edd23eed0103a980d3aa5804d760ef074fcf37e22afb0208e590ad3085df339f2356ff5e8f7b7eb699857e254260d93dc8633f0a859d775c05bebc9a653eddd53603f5bb858be4c66ae4f6ce37d3f983725688ffa611142d5ecec87b"], 0x1004) (async)

13:52:00 executing program 3:
io_uring_register$IORING_REGISTER_PROBE(0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x0, 0x0, 0x0, '\x00', [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}]}, 0x22)
syz_emit_vhci(&(0x7f0000000140)=ANY=[], 0x8)
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0x38)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xba}, "08907218aca25d6932a231d58cdf470084cc7908d0cdd78021ea66811ae5594bff3388f432597d7b6a1917f8f08cd4de3367c230b529f096e7fc3e3471471e69910cf48a6261725a017f1b3ed01e77ba52f3126f1327b3ff690756566488c1497afeeb459a6d1ec896d57d9d0b49a6f6f30d0d927c501b7aa2a7b93950fece4f47c008422de845b6a79592b921904ce3c038bbbe8cdec3c18014d39f41d2ace95d56a9eaff613014ff9ad193f7dbc2899770316e57aee7fc88b0"}, 0xbe)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_host_features={{0x3d, 0xe}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, "44d296b510340b7d"}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x3, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_req={{0x14, 0x0, 0xa}, {0x6, 0x1f, 0x8000, 0x4, 0x3f}}}}, 0x17)
syz_emit_vhci(&(0x7f00000002c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x0, 0xa}, {0x0, 0x7f, 0x3ff, 0xe5, 0x8}}}}, 0x17)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_move_chan_cfm={{0x10, 0x7, 0x4}, {0xfc01, 0x1}}]}}, 0x11)

13:52:00 executing program 4:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = syz_open_dev$vcsu(&(0x7f0000000280), 0x7fffffffffffffff, 0x800)
getsockopt$TIPC_NODE_RECVQ_DEPTH(r1, 0x10f, 0x83, &(0x7f00000002c0), &(0x7f0000000300)=0x4)
ioctl$sock_SIOCOUTQ(r0, 0x5411, &(0x7f0000000340))
clock_gettime(0x0, &(0x7f0000002b40)={<r2=>0x0, <r3=>0x0})
recvmmsg(r0, &(0x7f0000002a00)=[{{&(0x7f0000000000)=@in={0x2, 0x0, @local}, 0x80, &(0x7f0000000700)=[{&(0x7f0000000180)=""/229, 0xe5}, {&(0x7f0000002bc0)=""/240, 0xf0}, {&(0x7f0000000080)=""/175, 0xaf}, {&(0x7f0000000380)=""/228, 0xe4}, {&(0x7f0000000480)=""/156, 0x9c}, {&(0x7f0000000540)=""/118, 0x76}, {&(0x7f0000002cc0)=""/197, 0xc5}, {&(0x7f0000000680)=""/109, 0x6d}], 0x8}, 0xfff}, {{&(0x7f0000000780)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev}}}, 0x80, &(0x7f0000000c40), 0x0, &(0x7f0000000cc0)=""/167, 0xa7}, 0x10c83b8e}, {{0x0, 0x0, &(0x7f0000001040)=[{&(0x7f0000000d80)=""/21, 0x15}, {&(0x7f0000000dc0)=""/103, 0x67}, {&(0x7f0000000e40)=""/224, 0xe0}, {&(0x7f0000000f40)=""/232, 0xe8}], 0x4, &(0x7f0000001080)=""/116, 0x74}, 0x9}, {{&(0x7f0000001100)=@pptp={0x18, 0x2, {0x0, @empty}}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000001180)=""/197, 0xc5}, {&(0x7f0000000900)=""/101, 0x65}, {&(0x7f0000001300)=""/186, 0xba}, {&(0x7f00000013c0)=""/170, 0xaa}, {&(0x7f0000002dc0)=""/4106, 0x100a}, {&(0x7f0000002480)=""/144, 0x90}, {&(0x7f0000002540)=""/82, 0x52}, {&(0x7f00000025c0)=""/211, 0xd3}, {&(0x7f00000026c0)=""/184, 0xb8}, {&(0x7f0000000800)=""/240, 0xf0}], 0xa, &(0x7f0000002840)=""/40, 0x28}, 0x6}, {{&(0x7f0000002880)=@x25={0x9, @remote}, 0x80, &(0x7f0000000280), 0x0, &(0x7f00000029c0)=""/51, 0x33}, 0xfffffff9}], 0x5, 0x40012040, &(0x7f0000002b80)={r2, r3+10000000})
syz_emit_vhci(&(0x7f0000000980)=ANY=[@ANYBLOB="0000fe039927f02b6a638345211aae4e3c6f7d2b3ea7f4d94180a1b1e18e594eb0eade5f4a87baf7801a60972c56d7c79859ec7c67bbe08f39a3d37dab081437476d7d03eff4a58e7cc577350a990c4d8abf7e5942145693418614bcdde76a131f01b7bea49709c6e1da6771f6259fd10abd980fcbc3fa93eb4b8b5f88ef9ca74c5e545eb0cce6f1c6a79c03358cb0ca29ebfc8643b5ce136300d7b28c900748156c4f72f32286d6154034988afcbc"], 0x8)

13:52:00 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000586500bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:52:00 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x540)

13:52:00 executing program 3:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi_and_pscan_mode={{0x22, 0x6a}, {0x7, [{@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x1, 0x3, 0x3, "af2103", 0x1, 0x82}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x1, 0x9, 0xc1, "7c69a4", 0x1, 0x6}, {@none, 0x5, 0x4b, 0xc6, "fd6f25", 0x8, 0xe2}, {@none, 0x2, 0x2, 0x1, "2cdc4b", 0x5, 0x2}, {@any, 0x1, 0x0, 0xe1, "ac46ab", 0x1, 0x9}, {@any, 0x0, 0x40, 0x9, "fc46e6", 0x9, 0x1f}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x80, 0x6f, 0x1, "5fe5bd", 0x53, 0x20}]}}}, 0x6d)

13:52:00 executing program 4:
r0 = socket$tipc(0x1e, 0x2, 0x0) (async)
r1 = syz_open_dev$vcsu(&(0x7f0000000280), 0x7fffffffffffffff, 0x800)
getsockopt$TIPC_NODE_RECVQ_DEPTH(r1, 0x10f, 0x83, &(0x7f00000002c0), &(0x7f0000000300)=0x4)
ioctl$sock_SIOCOUTQ(r0, 0x5411, &(0x7f0000000340))
clock_gettime(0x0, &(0x7f0000002b40)={<r2=>0x0, <r3=>0x0})
recvmmsg(r0, &(0x7f0000002a00)=[{{&(0x7f0000000000)=@in={0x2, 0x0, @local}, 0x80, &(0x7f0000000700)=[{&(0x7f0000000180)=""/229, 0xe5}, {&(0x7f0000002bc0)=""/240, 0xf0}, {&(0x7f0000000080)=""/175, 0xaf}, {&(0x7f0000000380)=""/228, 0xe4}, {&(0x7f0000000480)=""/156, 0x9c}, {&(0x7f0000000540)=""/118, 0x76}, {&(0x7f0000002cc0)=""/197, 0xc5}, {&(0x7f0000000680)=""/109, 0x6d}], 0x8}, 0xfff}, {{&(0x7f0000000780)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev}}}, 0x80, &(0x7f0000000c40), 0x0, &(0x7f0000000cc0)=""/167, 0xa7}, 0x10c83b8e}, {{0x0, 0x0, &(0x7f0000001040)=[{&(0x7f0000000d80)=""/21, 0x15}, {&(0x7f0000000dc0)=""/103, 0x67}, {&(0x7f0000000e40)=""/224, 0xe0}, {&(0x7f0000000f40)=""/232, 0xe8}], 0x4, &(0x7f0000001080)=""/116, 0x74}, 0x9}, {{&(0x7f0000001100)=@pptp={0x18, 0x2, {0x0, @empty}}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000001180)=""/197, 0xc5}, {&(0x7f0000000900)=""/101, 0x65}, {&(0x7f0000001300)=""/186, 0xba}, {&(0x7f00000013c0)=""/170, 0xaa}, {&(0x7f0000002dc0)=""/4106, 0x100a}, {&(0x7f0000002480)=""/144, 0x90}, {&(0x7f0000002540)=""/82, 0x52}, {&(0x7f00000025c0)=""/211, 0xd3}, {&(0x7f00000026c0)=""/184, 0xb8}, {&(0x7f0000000800)=""/240, 0xf0}], 0xa, &(0x7f0000002840)=""/40, 0x28}, 0x6}, {{&(0x7f0000002880)=@x25={0x9, @remote}, 0x80, &(0x7f0000000280), 0x0, &(0x7f00000029c0)=""/51, 0x33}, 0xfffffff9}], 0x5, 0x40012040, &(0x7f0000002b80)={r2, r3+10000000}) (async)
syz_emit_vhci(&(0x7f0000000980)=ANY=[@ANYBLOB="0000fe039927f02b6a638345211aae4e3c6f7d2b3ea7f4d94180a1b1e18e594eb0eade5f4a87baf7801a60972c56d7c79859ec7c67bbe08f39a3d37dab081437476d7d03eff4a58e7cc577350a990c4d8abf7e5942145693418614bcdde76a131f01b7bea49709c6e1da6771f6259fd10abd980fcbc3fa93eb4b8b5f88ef9ca74c5e545eb0cce6f1c6a79c03358cb0ca29ebfc8643b5ce136300d7b28c900748156c4f72f32286d6154034988afcbc"], 0x8)

13:52:00 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB="03c800bb3bbf618a3e58f8207186763a77e36763cfabef7b321486044a4c188ca273547ca4ad27bfc4cb686d6c5870fab1c3a5422527ae3257692e213e7d534c0b819e1dd39f77ea3c7702e89b3d36ec650166c84df7086a1ce1fd74e6bdb2cab71f8bfe1c74b4600b96a4ebc5d6b6157e10ed8cd269a3ae67946ca773986159115628afeddb45c4586382852e2d9cf23868d274f051b8380eb27be05f97ad550de706a132663ac14364450b957545c6f73ba86aa56e85556a5dffce74077b76ec69c402c38ff74b8483aeb91b3b5539696ce30c0d034e0f694ad3c304ae0baacec96c7fa2c2084f953e6c3e4558fa0e20753a0700000024ee90e780c74ee748950cec2f30dc62be78296037d4efaa684fb645d9f71dc2e66cd293720711757f448bedcc2c29a6558f6353af57d1d2dba91a691d32ab588dbec152f27422529d4501a2bcff02ebd872195b30bb170fdb7cb0"], 0xbf)

13:52:00 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x558)

13:52:00 executing program 3:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi_and_pscan_mode={{0x22, 0x6a}, {0x7, [{@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x1, 0x3, 0x3, "af2103", 0x1, 0x82}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x1, 0x9, 0xc1, "7c69a4", 0x1, 0x6}, {@none, 0x5, 0x4b, 0xc6, "fd6f25", 0x8, 0xe2}, {@none, 0x2, 0x2, 0x1, "2cdc4b", 0x5, 0x2}, {@any, 0x1, 0x0, 0xe1, "ac46ab", 0x1, 0x9}, {@any, 0x0, 0x40, 0x9, "fc46e6", 0x9, 0x1f}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x80, 0x6f, 0x1, "5fe5bd", 0x53, 0x20}]}}}, 0x6d)

13:52:00 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000fe8000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:52:00 executing program 4:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = syz_open_dev$vcsu(&(0x7f0000000280), 0x7fffffffffffffff, 0x800)
getsockopt$TIPC_NODE_RECVQ_DEPTH(r1, 0x10f, 0x83, &(0x7f00000002c0), &(0x7f0000000300)=0x4)
ioctl$sock_SIOCOUTQ(r0, 0x5411, &(0x7f0000000340))
clock_gettime(0x0, &(0x7f0000002b40)={<r2=>0x0, <r3=>0x0})
recvmmsg(r0, &(0x7f0000002a00)=[{{&(0x7f0000000000)=@in={0x2, 0x0, @local}, 0x80, &(0x7f0000000700)=[{&(0x7f0000000180)=""/229, 0xe5}, {&(0x7f0000002bc0)=""/240, 0xf0}, {&(0x7f0000000080)=""/175, 0xaf}, {&(0x7f0000000380)=""/228, 0xe4}, {&(0x7f0000000480)=""/156, 0x9c}, {&(0x7f0000000540)=""/118, 0x76}, {&(0x7f0000002cc0)=""/197, 0xc5}, {&(0x7f0000000680)=""/109, 0x6d}], 0x8}, 0xfff}, {{&(0x7f0000000780)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev}}}, 0x80, &(0x7f0000000c40), 0x0, &(0x7f0000000cc0)=""/167, 0xa7}, 0x10c83b8e}, {{0x0, 0x0, &(0x7f0000001040)=[{&(0x7f0000000d80)=""/21, 0x15}, {&(0x7f0000000dc0)=""/103, 0x67}, {&(0x7f0000000e40)=""/224, 0xe0}, {&(0x7f0000000f40)=""/232, 0xe8}], 0x4, &(0x7f0000001080)=""/116, 0x74}, 0x9}, {{&(0x7f0000001100)=@pptp={0x18, 0x2, {0x0, @empty}}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000001180)=""/197, 0xc5}, {&(0x7f0000000900)=""/101, 0x65}, {&(0x7f0000001300)=""/186, 0xba}, {&(0x7f00000013c0)=""/170, 0xaa}, {&(0x7f0000002dc0)=""/4106, 0x100a}, {&(0x7f0000002480)=""/144, 0x90}, {&(0x7f0000002540)=""/82, 0x52}, {&(0x7f00000025c0)=""/211, 0xd3}, {&(0x7f00000026c0)=""/184, 0xb8}, {&(0x7f0000000800)=""/240, 0xf0}], 0xa, &(0x7f0000002840)=""/40, 0x28}, 0x6}, {{&(0x7f0000002880)=@x25={0x9, @remote}, 0x80, &(0x7f0000000280), 0x0, &(0x7f00000029c0)=""/51, 0x33}, 0xfffffff9}], 0x5, 0x40012040, &(0x7f0000002b80)={r2, r3+10000000})
syz_emit_vhci(&(0x7f0000000980)=ANY=[@ANYBLOB="0000fe039927f02b6a638345211aae4e3c6f7d2b3ea7f4d94180a1b1e18e594eb0eade5f4a87baf7801a60972c56d7c79859ec7c67bbe08f39a3d37dab081437476d7d03eff4a58e7cc577350a990c4d8abf7e5942145693418614bcdde76a131f01b7bea49709c6e1da6771f6259fd10abd980fcbc3fa93eb4b8b5f88ef9ca74c5e545eb0cce6f1c6a79c03358cb0ca29ebfc8643b5ce136300d7b28c900748156c4f72f32286d6154034988afcbc"], 0x8)
socket$tipc(0x1e, 0x2, 0x0) (async)
syz_open_dev$vcsu(&(0x7f0000000280), 0x7fffffffffffffff, 0x800) (async)
getsockopt$TIPC_NODE_RECVQ_DEPTH(r1, 0x10f, 0x83, &(0x7f00000002c0), &(0x7f0000000300)=0x4) (async)
ioctl$sock_SIOCOUTQ(r0, 0x5411, &(0x7f0000000340)) (async)
clock_gettime(0x0, &(0x7f0000002b40)) (async)
recvmmsg(r0, &(0x7f0000002a00)=[{{&(0x7f0000000000)=@in={0x2, 0x0, @local}, 0x80, &(0x7f0000000700)=[{&(0x7f0000000180)=""/229, 0xe5}, {&(0x7f0000002bc0)=""/240, 0xf0}, {&(0x7f0000000080)=""/175, 0xaf}, {&(0x7f0000000380)=""/228, 0xe4}, {&(0x7f0000000480)=""/156, 0x9c}, {&(0x7f0000000540)=""/118, 0x76}, {&(0x7f0000002cc0)=""/197, 0xc5}, {&(0x7f0000000680)=""/109, 0x6d}], 0x8}, 0xfff}, {{&(0x7f0000000780)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev}}}, 0x80, &(0x7f0000000c40), 0x0, &(0x7f0000000cc0)=""/167, 0xa7}, 0x10c83b8e}, {{0x0, 0x0, &(0x7f0000001040)=[{&(0x7f0000000d80)=""/21, 0x15}, {&(0x7f0000000dc0)=""/103, 0x67}, {&(0x7f0000000e40)=""/224, 0xe0}, {&(0x7f0000000f40)=""/232, 0xe8}], 0x4, &(0x7f0000001080)=""/116, 0x74}, 0x9}, {{&(0x7f0000001100)=@pptp={0x18, 0x2, {0x0, @empty}}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000001180)=""/197, 0xc5}, {&(0x7f0000000900)=""/101, 0x65}, {&(0x7f0000001300)=""/186, 0xba}, {&(0x7f00000013c0)=""/170, 0xaa}, {&(0x7f0000002dc0)=""/4106, 0x100a}, {&(0x7f0000002480)=""/144, 0x90}, {&(0x7f0000002540)=""/82, 0x52}, {&(0x7f00000025c0)=""/211, 0xd3}, {&(0x7f00000026c0)=""/184, 0xb8}, {&(0x7f0000000800)=""/240, 0xf0}], 0xa, &(0x7f0000002840)=""/40, 0x28}, 0x6}, {{&(0x7f0000002880)=@x25={0x9, @remote}, 0x80, &(0x7f0000000280), 0x0, &(0x7f00000029c0)=""/51, 0x33}, 0xfffffff9}], 0x5, 0x40012040, &(0x7f0000002b80)={r2, r3+10000000}) (async)
syz_emit_vhci(&(0x7f0000000980)=ANY=[@ANYBLOB="0000fe039927f02b6a638345211aae4e3c6f7d2b3ea7f4d94180a1b1e18e594eb0eade5f4a87baf7801a60972c56d7c79859ec7c67bbe08f39a3d37dab081437476d7d03eff4a58e7cc577350a990c4d8abf7e5942145693418614bcdde76a131f01b7bea49709c6e1da6771f6259fd10abd980fcbc3fa93eb4b8b5f88ef9ca74c5e545eb0cce6f1c6a79c03358cb0ca29ebfc8643b5ce136300d7b28c900748156c4f72f32286d6154034988afcbc"], 0x8) (async)

13:52:00 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB="03c800bb3bbf618a3e58f8207186763a77e36763cfabef7b321486044a4c188ca273547ca4ad27bfc4cb686d6c5870fab1c3a5422527ae3257692e213e7d534c0b819e1dd39f77ea3c7702e89b3d36ec650166c84df7086a1ce1fd74e6bdb2cab71f8bfe1c74b4600b96a4ebc5d6b6157e10ed8cd269a3ae67946ca773986159115628afeddb45c4586382852e2d9cf23868d274f051b8380eb27be05f97ad550de706a132663ac14364450b957545c6f73ba86aa56e85556a5dffce74077b76ec69c402c38ff74b8483aeb91b3b5539696ce30c0d034e0f694ad3c304ae0baacec96c7fa2c2084f953e6c3e4558fa0e20753a0700000024ee90e780c74ee748950cec2f30dc62be78296037d4efaa684fb645d9f71dc2e66cd293720711757f448bedcc2c29a6558f6353af57d1d2dba91a691d32ab588dbec152f27422529d4501a2bcff02ebd872195b30bb170fdb7cb0"], 0xbf)

13:52:00 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x570)

13:52:00 executing program 3:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi_and_pscan_mode={{0x22, 0x6a}, {0x7, [{@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x1, 0x3, 0x3, "af2103", 0x1, 0x82}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x1, 0x9, 0xc1, "7c69a4", 0x1, 0x6}, {@none, 0x5, 0x4b, 0xc6, "fd6f25", 0x8, 0xe2}, {@none, 0x2, 0x2, 0x1, "2cdc4b", 0x5, 0x2}, {@any, 0x1, 0x0, 0xe1, "ac46ab", 0x1, 0x9}, {@any, 0x0, 0x40, 0x9, "fc46e6", 0x9, 0x1f}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x80, 0x6f, 0x1, "5fe5bd", 0x53, 0x20}]}}}, 0x6d)

13:52:00 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000008100bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:52:00 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB="03c800bb3bbf618a3e58f8207186763a77e36763cfabef7b321486044a4c188ca273547ca4ad27bfc4cb686d6c5870fab1c3a5422527ae3257692e213e7d534c0b819e1dd39f77ea3c7702e89b3d36ec650166c84df7086a1ce1fd74e6bdb2cab71f8bfe1c74b4600b96a4ebc5d6b6157e10ed8cd269a3ae67946ca773986159115628afeddb45c4586382852e2d9cf23868d274f051b8380eb27be05f97ad550de706a132663ac14364450b957545c6f73ba86aa56e85556a5dffce74077b76ec69c402c38ff74b8483aeb91b3b5539696ce30c0d034e0f694ad3c304ae0baacec96c7fa2c2084f953e6c3e4558fa0e20753a0700000024ee90e780c74ee748950cec2f30dc62be78296037d4efaa684fb645d9f71dc2e66cd293720711757f448bedcc2c29a6558f6353af57d1d2dba91a691d32ab588dbec152f27422529d4501a2bcff02ebd872195b30bb170fdb7cb0"], 0xbf)

[ 2352.401893][T29360] Bluetooth: hci8: command 0x206e tx timeout
13:52:00 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x3, 0x7e}, @l2cap_cid_signaling={{0x7a}, [@l2cap_info_req={{0xa, 0x5d, 0x2}, {0xffff}}, @l2cap_info_req={{0xa, 0x6, 0x2}, {0x7}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x81, 0x2}, {0xffe0}}, @l2cap_info_rsp={{0xb, 0x3f, 0x42}, {0xe4, 0x1, "94a5b66ec1e9e74bf5b4b011810fbae1214a9d9387160175da619f0ee63bc3533fbbaf4d2f09953b17bad99be36b5c2b567b6a18855393a69f35ef5ae409"}}, @l2cap_move_chan_cfm={{0x10, 0xf5, 0x4}, {0x58ef, 0x9}}, @l2cap_move_chan_cfm={{0x10, 0x5, 0x4}, {0x2}}, @l2cap_conn_rsp={{0x3, 0x6, 0x8}, {0xd968, 0x2, 0x8, 0x5}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x5, 0x2}, {0x6}}]}}, 0x83)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_num_comp_blocks={{0x48, 0x27}, {0x5, 0x6, [{0xc8, 0xcb}, {0xc8, 0x7, 0x1}, {0xc8, 0x8, 0x20}, {0xc9, 0x6, 0x1ff}, {0xc8, 0x61, 0x3}, {0x1, 0x9, 0x6}]}}}, 0x2a)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xb1}, "d729aef486f4765ad2c158defc071fe6aa7871c5574b7503b065ae1042757c3e1486cb097c6681a8125e92423deb2621dab71298d8c5918509f26aa7bab46e771bbb19ec7ceae0301cbfe845a111d6024235d1058a99e806828fef1d0bb613ead5cc4e5d42dc2332db16a73bb2603e0f670c57961a1b816200434ae8fe610cdca232dcd777e5c3636a43aa6ff1074cc595fcf1df0b50b0a1ccb12922d647f3184b95a6310213e190c24763de9890f4a149"}, 0xb5)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x1a}, @l2cap_cid_le_signaling={{0x16}, @l2cap_ecred_conn_rsp={{0x18, 0x0, 0x12}, {0x0, 0xaaa, 0x2, 0xc50, [0x44, 0x0, 0x6, 0x4, 0x8]}}}}, 0x1f)

13:52:00 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x588)

13:52:00 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000008700bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:52:00 executing program 3:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1800)
r1 = syz_open_dev$vcsn(&(0x7f00000036c0), 0x4, 0x200)
sendmsg$nl_route(r1, &(0x7f00000035c0)={&(0x7f0000003700)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000037c0)={&(0x7f0000003600)=@bridge_newvlan={0x54, 0x70, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x52, 0x3}}}]}, 0x54}}, 0xe010)
r2 = socket$netlink(0x10, 0x3, 0x0)
writev(r2, &(0x7f0000000000)=[{&(0x7f0000000080)="390000001300090468fe0700000000000000ff3f04000000480100100000000004002b000a00010014a4ee1ee438d2fd000000000000007200", 0x39}], 0x1)
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000040)="3900000013001118680907070000000f0000ff3f04000000170a001700000000040037000a00030001302564aa58b9a64411f6bbf44dc48f57", 0x39}], 0x1)
r3 = fcntl$getown(r2, 0x9)
timer_create(0x5, &(0x7f0000000200)={0x0, 0xa, 0x4, @tid=r3}, &(0x7f00000002c0))
fcntl$lock(r0, 0x26, &(0x7f0000000080)={0x0, 0x4, 0x6, 0x3, r3})
r4 = socket(0x10, 0x2, 0x0)
write(r4, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32)
recvmmsg(r4, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x34, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@remote}, @NHA_OIF={0x8, 0x5, r7}]}, 0x34}}, 0x0)
sendmsg$GTP_CMD_GETPDP(r4, &(0x7f0000003940)={&(0x7f0000003840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003900)={&(0x7f0000003880)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="10002dbd7000fbdbdf250200000008000100", @ANYRES32=0x0, @ANYBLOB="08000800030000000800020001000000080021000000000008000700", @ANYRES32=r1, @ANYBLOB="08000100", @ANYRES32=r7, @ANYBLOB="060006000400000008000400e0000002"], 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x10)
fsmount(r1, 0x1, 0x84)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x8)

13:52:00 executing program 1:
socket$inet(0x2, 0x1, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
write$binfmt_script(r1, 0x0, 0xb)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="3c00000010008506000000ff0100000000000000", @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=ANY=[@ANYBLOB="5000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100766574680000f0ff130002801400ff0000000000", @ANYRES32=0x0, @ANYBLOB="000e00000000000008000a00", @ANYRES32=r2], 0x50}}, 0x0)
getsockname$packet(r1, &(0x7f0000000440)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000004c0)=0x14)
r4 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r4, &(0x7f00000000c0), 0x492492492492627, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8, 0x1, r2}]}}}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x48}}, 0x0)
setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), &(0x7f00000000c0)={'0000000000000000000000000000000', 0x31}, 0x20, 0x2)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

[ 2352.485842][T17952] Bluetooth: hci8: unexpected event 0x48 length: 39 > 3
[ 2352.485879][T17952] Bluetooth: hci8: wrong event for mode 0
13:52:00 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x5a0)

13:52:00 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x3, 0x7e}, @l2cap_cid_signaling={{0x7a}, [@l2cap_info_req={{0xa, 0x5d, 0x2}, {0xffff}}, @l2cap_info_req={{0xa, 0x6, 0x2}, {0x7}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x81, 0x2}, {0xffe0}}, @l2cap_info_rsp={{0xb, 0x3f, 0x42}, {0xe4, 0x1, "94a5b66ec1e9e74bf5b4b011810fbae1214a9d9387160175da619f0ee63bc3533fbbaf4d2f09953b17bad99be36b5c2b567b6a18855393a69f35ef5ae409"}}, @l2cap_move_chan_cfm={{0x10, 0xf5, 0x4}, {0x58ef, 0x9}}, @l2cap_move_chan_cfm={{0x10, 0x5, 0x4}, {0x2}}, @l2cap_conn_rsp={{0x3, 0x6, 0x8}, {0xd968, 0x2, 0x8, 0x5}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x5, 0x2}, {0x6}}]}}, 0x83) (async)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_num_comp_blocks={{0x48, 0x27}, {0x5, 0x6, [{0xc8, 0xcb}, {0xc8, 0x7, 0x1}, {0xc8, 0x8, 0x20}, {0xc9, 0x6, 0x1ff}, {0xc8, 0x61, 0x3}, {0x1, 0x9, 0x6}]}}}, 0x2a) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xb1}, "d729aef486f4765ad2c158defc071fe6aa7871c5574b7503b065ae1042757c3e1486cb097c6681a8125e92423deb2621dab71298d8c5918509f26aa7bab46e771bbb19ec7ceae0301cbfe845a111d6024235d1058a99e806828fef1d0bb613ead5cc4e5d42dc2332db16a73bb2603e0f670c57961a1b816200434ae8fe610cdca232dcd777e5c3636a43aa6ff1074cc595fcf1df0b50b0a1ccb12922d647f3184b95a6310213e190c24763de9890f4a149"}, 0xb5)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x1a}, @l2cap_cid_le_signaling={{0x16}, @l2cap_ecred_conn_rsp={{0x18, 0x0, 0x12}, {0x0, 0xaaa, 0x2, 0xc50, [0x44, 0x0, 0x6, 0x4, 0x8]}}}}, 0x1f)

[ 2352.538048][ T2332] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.3'.
13:52:00 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (async)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x3, 0x7e}, @l2cap_cid_signaling={{0x7a}, [@l2cap_info_req={{0xa, 0x5d, 0x2}, {0xffff}}, @l2cap_info_req={{0xa, 0x6, 0x2}, {0x7}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x81, 0x2}, {0xffe0}}, @l2cap_info_rsp={{0xb, 0x3f, 0x42}, {0xe4, 0x1, "94a5b66ec1e9e74bf5b4b011810fbae1214a9d9387160175da619f0ee63bc3533fbbaf4d2f09953b17bad99be36b5c2b567b6a18855393a69f35ef5ae409"}}, @l2cap_move_chan_cfm={{0x10, 0xf5, 0x4}, {0x58ef, 0x9}}, @l2cap_move_chan_cfm={{0x10, 0x5, 0x4}, {0x2}}, @l2cap_conn_rsp={{0x3, 0x6, 0x8}, {0xd968, 0x2, 0x8, 0x5}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x5, 0x2}, {0x6}}]}}, 0x83) (async)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_num_comp_blocks={{0x48, 0x27}, {0x5, 0x6, [{0xc8, 0xcb}, {0xc8, 0x7, 0x1}, {0xc8, 0x8, 0x20}, {0xc9, 0x6, 0x1ff}, {0xc8, 0x61, 0x3}, {0x1, 0x9, 0x6}]}}}, 0x2a) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xb1}, "d729aef486f4765ad2c158defc071fe6aa7871c5574b7503b065ae1042757c3e1486cb097c6681a8125e92423deb2621dab71298d8c5918509f26aa7bab46e771bbb19ec7ceae0301cbfe845a111d6024235d1058a99e806828fef1d0bb613ead5cc4e5d42dc2332db16a73bb2603e0f670c57961a1b816200434ae8fe610cdca232dcd777e5c3636a43aa6ff1074cc595fcf1df0b50b0a1ccb12922d647f3184b95a6310213e190c24763de9890f4a149"}, 0xb5) (async)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x1a}, @l2cap_cid_le_signaling={{0x16}, @l2cap_ecred_conn_rsp={{0x18, 0x0, 0x12}, {0x0, 0xaaa, 0x2, 0xc50, [0x44, 0x0, 0x6, 0x4, 0x8]}}}}, 0x1f)

[ 2352.596991][ T2332] device gretap0 entered promiscuous mode
[ 2352.604073][T17952] Bluetooth: hci8: unexpected event 0x48 length: 39 > 3
[ 2352.604107][T17952] Bluetooth: hci8: wrong event for mode 0
13:52:00 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe800000000000000000000002af00bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2352.645639][ T2336] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
13:52:01 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x5b8)

13:52:01 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x5d0)

13:52:01 executing program 4:
r0 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0), 0x220041, 0x0)
sendmsg$NFNL_MSG_ACCT_DEL(r0, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0xb8, 0x3, 0x7, 0x5, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x9}, @NFACCT_FLAGS={0xb}, @NFACCT_FILTER={0x24, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x2}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x200}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x60}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xc114}]}, @NFACCT_QUOTA={0xc}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x4ffffffff}, @NFACCT_FILTER={0x54, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x3}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xffffffd3}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xfff}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x5}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x2}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xff}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xffffff00}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xffff0001}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x1}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x9}]}]}, 0xb8}, 0x1, 0x0, 0x0, 0x20000010}, 0x4000000)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, &(0x7f0000000480)={{0x6, 0x0, 0x1f, 0x3, 'syz0\x00'}, 0x0, [0x1, 0x56, 0x3, 0x7, 0x71, 0x0, 0x800, 0x80000001, 0x100000000, 0x8, 0x400, 0x0, 0x7f, 0x90ed, 0x6, 0x81, 0x4, 0x101, 0x1, 0x9ddc, 0x0, 0x400, 0x7ff, 0x401, 0x8, 0x6, 0x5, 0x372, 0x8000, 0x17, 0x7, 0xdad, 0x8b, 0xffffffffffff1170, 0xd4e, 0x80000001, 0x4d, 0x7, 0x4, 0x24000000000000, 0xb4d, 0x6, 0xb29e, 0x3, 0x401, 0x3ff, 0x1ff, 0x1b4, 0x6, 0xfff, 0x2, 0x100, 0x9, 0x8, 0xf4, 0x3, 0xff, 0x400, 0xfffffffffffff000, 0x7, 0x2, 0x0, 0x1, 0x7, 0xfffffffffffff1e9, 0x3f, 0xc0, 0x9, 0x5, 0x6, 0xd9, 0x3f, 0x0, 0x1000, 0x100000001, 0x100, 0x3, 0x3, 0xc00, 0x3, 0x6, 0xffffffffffffff85, 0xff, 0x63, 0xf4, 0x4000000000000000, 0x8, 0x0, 0x4, 0x0, 0x4, 0xfffffffffffffff9, 0x6, 0x81, 0x1000, 0x4b3d, 0x4, 0x0, 0x6, 0x0, 0x2, 0x80000001, 0x80, 0x0, 0x5, 0x4, 0x100000000, 0x7, 0x9, 0x5, 0x0, 0x3, 0x9, 0x8165, 0x3, 0x6, 0xfffffffffffffff7, 0x5, 0xffffffffffffff01, 0x9, 0x3f, 0x100000001, 0x4, 0x8, 0x9, 0x7, 0x4, 0x6a]})
sendmsg$NL80211_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="00032cbd04000000000000000000fc423d389258ba3000000800a020810000000800270001000000"], 0x48}, 0x1, 0x0, 0x0, 0x404c804}, 0x80)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000440), 0x501100, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000400), r2)
r3 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write(r3, &(0x7f0000000380)="b290e1fabfcf9558276668b0ecd8ed3b074832b2ffdf5b40b90b14c3b96fa2ac29ccc28a15fc3cfda4f4dc5799bef8dd02d26f2d2474f3b973a762ff2abcd94e547ebb666c0080758851c67a0c568333ea0b5728bd4c40ce", 0x58)

[ 2352.722620][T17952] Bluetooth: hci8: unexpected event 0x48 length: 39 > 3
[ 2352.722658][T17952] Bluetooth: hci8: wrong event for mode 0
[ 2352.815845][ T2336] 8021q: adding VLAN 0 to HW filter on device bond5
[ 2352.836985][ T2343] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2352.850069][ T2343] 0ªX: renamed from gretap0
13:52:01 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x5e8)

13:52:01 executing program 4:
r0 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0), 0x220041, 0x0)
sendmsg$NFNL_MSG_ACCT_DEL(r0, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0xb8, 0x3, 0x7, 0x5, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x9}, @NFACCT_FLAGS={0xb}, @NFACCT_FILTER={0x24, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x2}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x200}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x60}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xc114}]}, @NFACCT_QUOTA={0xc}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x4ffffffff}, @NFACCT_FILTER={0x54, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x3}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xffffffd3}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xfff}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x5}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x2}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xff}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xffffff00}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xffff0001}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x1}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x9}]}]}, 0xb8}, 0x1, 0x0, 0x0, 0x20000010}, 0x4000000)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, &(0x7f0000000480)={{0x6, 0x0, 0x1f, 0x3, 'syz0\x00'}, 0x0, [0x1, 0x56, 0x3, 0x7, 0x71, 0x0, 0x800, 0x80000001, 0x100000000, 0x8, 0x400, 0x0, 0x7f, 0x90ed, 0x6, 0x81, 0x4, 0x101, 0x1, 0x9ddc, 0x0, 0x400, 0x7ff, 0x401, 0x8, 0x6, 0x5, 0x372, 0x8000, 0x17, 0x7, 0xdad, 0x8b, 0xffffffffffff1170, 0xd4e, 0x80000001, 0x4d, 0x7, 0x4, 0x24000000000000, 0xb4d, 0x6, 0xb29e, 0x3, 0x401, 0x3ff, 0x1ff, 0x1b4, 0x6, 0xfff, 0x2, 0x100, 0x9, 0x8, 0xf4, 0x3, 0xff, 0x400, 0xfffffffffffff000, 0x7, 0x2, 0x0, 0x1, 0x7, 0xfffffffffffff1e9, 0x3f, 0xc0, 0x9, 0x5, 0x6, 0xd9, 0x3f, 0x0, 0x1000, 0x100000001, 0x100, 0x3, 0x3, 0xc00, 0x3, 0x6, 0xffffffffffffff85, 0xff, 0x63, 0xf4, 0x4000000000000000, 0x8, 0x0, 0x4, 0x0, 0x4, 0xfffffffffffffff9, 0x6, 0x81, 0x1000, 0x4b3d, 0x4, 0x0, 0x6, 0x0, 0x2, 0x80000001, 0x80, 0x0, 0x5, 0x4, 0x100000000, 0x7, 0x9, 0x5, 0x0, 0x3, 0x9, 0x8165, 0x3, 0x6, 0xfffffffffffffff7, 0x5, 0xffffffffffffff01, 0x9, 0x3f, 0x100000001, 0x4, 0x8, 0x9, 0x7, 0x4, 0x6a]})
sendmsg$NL80211_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="00032cbd04000000000000000000fc423d389258ba3000000800a020810000000800270001000000"], 0x48}, 0x1, 0x0, 0x0, 0x404c804}, 0x80)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000440), 0x501100, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000400), r2)
r3 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write(r3, &(0x7f0000000380)="b290e1fabfcf9558276668b0ecd8ed3b074832b2ffdf5b40b90b14c3b96fa2ac29ccc28a15fc3cfda4f4dc5799bef8dd02d26f2d2474f3b973a762ff2abcd94e547ebb666c0080758851c67a0c568333ea0b5728bd4c40ce", 0x58)
openat$full(0xffffffffffffff9c, &(0x7f00000001c0), 0x220041, 0x0) (async)
sendmsg$NFNL_MSG_ACCT_DEL(r0, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0xb8, 0x3, 0x7, 0x5, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x9}, @NFACCT_FLAGS={0xb}, @NFACCT_FILTER={0x24, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x2}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x200}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x60}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xc114}]}, @NFACCT_QUOTA={0xc}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x4ffffffff}, @NFACCT_FILTER={0x54, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x3}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xffffffd3}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xfff}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x5}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x2}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xff}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xffffff00}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xffff0001}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x1}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x9}]}]}, 0xb8}, 0x1, 0x0, 0x0, 0x20000010}, 0x4000000) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, &(0x7f0000000480)={{0x6, 0x0, 0x1f, 0x3, 'syz0\x00'}, 0x0, [0x1, 0x56, 0x3, 0x7, 0x71, 0x0, 0x800, 0x80000001, 0x100000000, 0x8, 0x400, 0x0, 0x7f, 0x90ed, 0x6, 0x81, 0x4, 0x101, 0x1, 0x9ddc, 0x0, 0x400, 0x7ff, 0x401, 0x8, 0x6, 0x5, 0x372, 0x8000, 0x17, 0x7, 0xdad, 0x8b, 0xffffffffffff1170, 0xd4e, 0x80000001, 0x4d, 0x7, 0x4, 0x24000000000000, 0xb4d, 0x6, 0xb29e, 0x3, 0x401, 0x3ff, 0x1ff, 0x1b4, 0x6, 0xfff, 0x2, 0x100, 0x9, 0x8, 0xf4, 0x3, 0xff, 0x400, 0xfffffffffffff000, 0x7, 0x2, 0x0, 0x1, 0x7, 0xfffffffffffff1e9, 0x3f, 0xc0, 0x9, 0x5, 0x6, 0xd9, 0x3f, 0x0, 0x1000, 0x100000001, 0x100, 0x3, 0x3, 0xc00, 0x3, 0x6, 0xffffffffffffff85, 0xff, 0x63, 0xf4, 0x4000000000000000, 0x8, 0x0, 0x4, 0x0, 0x4, 0xfffffffffffffff9, 0x6, 0x81, 0x1000, 0x4b3d, 0x4, 0x0, 0x6, 0x0, 0x2, 0x80000001, 0x80, 0x0, 0x5, 0x4, 0x100000000, 0x7, 0x9, 0x5, 0x0, 0x3, 0x9, 0x8165, 0x3, 0x6, 0xfffffffffffffff7, 0x5, 0xffffffffffffff01, 0x9, 0x3f, 0x100000001, 0x4, 0x8, 0x9, 0x7, 0x4, 0x6a]}) (async)
sendmsg$NL80211_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="00032cbd04000000000000000000fc423d389258ba3000000800a020810000000800270001000000"], 0x48}, 0x1, 0x0, 0x0, 0x404c804}, 0x80) (async)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (async)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000440), 0x501100, 0x0) (async)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000400), r2) (async)
syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01) (async)
write(r3, &(0x7f0000000380)="b290e1fabfcf9558276668b0ecd8ed3b074832b2ffdf5b40b90b14c3b96fa2ac29ccc28a15fc3cfda4f4dc5799bef8dd02d26f2d2474f3b973a762ff2abcd94e547ebb666c0080758851c67a0c568333ea0b5728bd4c40ce", 0x58) (async)

[ 2352.866609][ T2343] device 
00ªX left promiscuous mode
[ 2352.877370][ T2343] A link change request failed with some changes committed already. Interface 
00ªX may have been left with an inconsistent configuration, please check.
[ 2352.924339][ T2338] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2352.942828][ T2338] netlink: 15 bytes leftover after parsing attributes in process `syz-executor.1'.
13:52:01 executing program 4:
r0 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0), 0x220041, 0x0)
sendmsg$NFNL_MSG_ACCT_DEL(r0, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0xb8, 0x3, 0x7, 0x5, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x9}, @NFACCT_FLAGS={0xb}, @NFACCT_FILTER={0x24, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x2}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x200}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x60}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xc114}]}, @NFACCT_QUOTA={0xc}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x4ffffffff}, @NFACCT_FILTER={0x54, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x3}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xffffffd3}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xfff}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x5}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x2}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xff}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xffffff00}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xffff0001}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x1}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x9}]}]}, 0xb8}, 0x1, 0x0, 0x0, 0x20000010}, 0x4000000)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, &(0x7f0000000480)={{0x6, 0x0, 0x1f, 0x3, 'syz0\x00'}, 0x0, [0x1, 0x56, 0x3, 0x7, 0x71, 0x0, 0x800, 0x80000001, 0x100000000, 0x8, 0x400, 0x0, 0x7f, 0x90ed, 0x6, 0x81, 0x4, 0x101, 0x1, 0x9ddc, 0x0, 0x400, 0x7ff, 0x401, 0x8, 0x6, 0x5, 0x372, 0x8000, 0x17, 0x7, 0xdad, 0x8b, 0xffffffffffff1170, 0xd4e, 0x80000001, 0x4d, 0x7, 0x4, 0x24000000000000, 0xb4d, 0x6, 0xb29e, 0x3, 0x401, 0x3ff, 0x1ff, 0x1b4, 0x6, 0xfff, 0x2, 0x100, 0x9, 0x8, 0xf4, 0x3, 0xff, 0x400, 0xfffffffffffff000, 0x7, 0x2, 0x0, 0x1, 0x7, 0xfffffffffffff1e9, 0x3f, 0xc0, 0x9, 0x5, 0x6, 0xd9, 0x3f, 0x0, 0x1000, 0x100000001, 0x100, 0x3, 0x3, 0xc00, 0x3, 0x6, 0xffffffffffffff85, 0xff, 0x63, 0xf4, 0x4000000000000000, 0x8, 0x0, 0x4, 0x0, 0x4, 0xfffffffffffffff9, 0x6, 0x81, 0x1000, 0x4b3d, 0x4, 0x0, 0x6, 0x0, 0x2, 0x80000001, 0x80, 0x0, 0x5, 0x4, 0x100000000, 0x7, 0x9, 0x5, 0x0, 0x3, 0x9, 0x8165, 0x3, 0x6, 0xfffffffffffffff7, 0x5, 0xffffffffffffff01, 0x9, 0x3f, 0x100000001, 0x4, 0x8, 0x9, 0x7, 0x4, 0x6a]})
sendmsg$NL80211_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="00032cbd04000000000000000000fc423d389258ba3000000800a020810000000800270001000000"], 0x48}, 0x1, 0x0, 0x0, 0x404c804}, 0x80)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8)
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000440), 0x501100, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000400), r2)
r3 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write(r3, &(0x7f0000000380)="b290e1fabfcf9558276668b0ecd8ed3b074832b2ffdf5b40b90b14c3b96fa2ac29ccc28a15fc3cfda4f4dc5799bef8dd02d26f2d2474f3b973a762ff2abcd94e547ebb666c0080758851c67a0c568333ea0b5728bd4c40ce", 0x58)
openat$full(0xffffffffffffff9c, &(0x7f00000001c0), 0x220041, 0x0) (async)
sendmsg$NFNL_MSG_ACCT_DEL(r0, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0xb8, 0x3, 0x7, 0x5, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x9}, @NFACCT_FLAGS={0xb}, @NFACCT_FILTER={0x24, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x2}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x200}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x60}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xc114}]}, @NFACCT_QUOTA={0xc}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x4ffffffff}, @NFACCT_FILTER={0x54, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x3}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xffffffd3}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xfff}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x5}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x2}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xff}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xffffff00}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xffff0001}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x1}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x9}]}]}, 0xb8}, 0x1, 0x0, 0x0, 0x20000010}, 0x4000000) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, &(0x7f0000000480)={{0x6, 0x0, 0x1f, 0x3, 'syz0\x00'}, 0x0, [0x1, 0x56, 0x3, 0x7, 0x71, 0x0, 0x800, 0x80000001, 0x100000000, 0x8, 0x400, 0x0, 0x7f, 0x90ed, 0x6, 0x81, 0x4, 0x101, 0x1, 0x9ddc, 0x0, 0x400, 0x7ff, 0x401, 0x8, 0x6, 0x5, 0x372, 0x8000, 0x17, 0x7, 0xdad, 0x8b, 0xffffffffffff1170, 0xd4e, 0x80000001, 0x4d, 0x7, 0x4, 0x24000000000000, 0xb4d, 0x6, 0xb29e, 0x3, 0x401, 0x3ff, 0x1ff, 0x1b4, 0x6, 0xfff, 0x2, 0x100, 0x9, 0x8, 0xf4, 0x3, 0xff, 0x400, 0xfffffffffffff000, 0x7, 0x2, 0x0, 0x1, 0x7, 0xfffffffffffff1e9, 0x3f, 0xc0, 0x9, 0x5, 0x6, 0xd9, 0x3f, 0x0, 0x1000, 0x100000001, 0x100, 0x3, 0x3, 0xc00, 0x3, 0x6, 0xffffffffffffff85, 0xff, 0x63, 0xf4, 0x4000000000000000, 0x8, 0x0, 0x4, 0x0, 0x4, 0xfffffffffffffff9, 0x6, 0x81, 0x1000, 0x4b3d, 0x4, 0x0, 0x6, 0x0, 0x2, 0x80000001, 0x80, 0x0, 0x5, 0x4, 0x100000000, 0x7, 0x9, 0x5, 0x0, 0x3, 0x9, 0x8165, 0x3, 0x6, 0xfffffffffffffff7, 0x5, 0xffffffffffffff01, 0x9, 0x3f, 0x100000001, 0x4, 0x8, 0x9, 0x7, 0x4, 0x6a]}) (async)
sendmsg$NL80211_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="00032cbd04000000000000000000fc423d389258ba3000000800a020810000000800270001000000"], 0x48}, 0x1, 0x0, 0x0, 0x404c804}, 0x80) (async)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040d"], 0x8) (async)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000440), 0x501100, 0x0) (async)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000400), r2) (async)
syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01) (async)
write(r3, &(0x7f0000000380)="b290e1fabfcf9558276668b0ecd8ed3b074832b2ffdf5b40b90b14c3b96fa2ac29ccc28a15fc3cfda4f4dc5799bef8dd02d26f2d2474f3b973a762ff2abcd94e547ebb666c0080758851c67a0c568333ea0b5728bd4c40ce", 0x58) (async)

[ 2353.029401][ T2338] bond5: (slave veth9): Enslaving as an active interface with a down link
[ 2353.087947][ T2356] bond5: (slave ip6gretap1): making interface the new active one
[ 2353.119548][ T2356] device ip6gretap1 entered promiscuous mode
[ 2353.138186][ T2356] bond5: (slave ip6gretap1): Enslaving as an active interface with an up link
[ 2353.171239][T29360] IPv6: ADDRCONF(NETDEV_CHANGE): bond5: link becomes ready
13:52:01 executing program 3:
socket$inet(0x2, 0x1, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
write$binfmt_script(r1, 0x0, 0xb)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="3c00000010008506000000ff0100000000000000", @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=ANY=[@ANYBLOB="5000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100766574680000f0ff130002801400ff0000000000", @ANYRES32=0x0, @ANYBLOB="000e00000000000008000a00", @ANYRES32=r2], 0x50}}, 0x0)
getsockname$packet(r1, &(0x7f0000000440)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000004c0)=0x14)
r4 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r4, &(0x7f00000000c0), 0x492492492492627, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8, 0x1, r2}]}}}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x48}}, 0x0)
setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), &(0x7f00000000c0)={'0000000000000000000000000000000', 0x31}, 0x20, 0x2)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

13:52:01 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x600)

13:52:01 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="048a"], 0x8)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}}}, 0x9)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_EVENT_PKT={0x4, @hci_ev_sniff_subrate={{0x2e, 0xb}, {0x80, 0xc9, 0x63c, 0x1, 0x3, 0x9}}}, 0xe)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x3, 0x2, 0x20}, @l2cap_cid_signaling={{0x1c}, [@l2cap_move_chan_rsp={{0xf, 0x1, 0x4}, {0x0, 0x4}}, @l2cap_create_chan_rsp={{0xd, 0xc, 0x8}, {0x40, 0x8, 0x200, 0xd}}, @l2cap_move_chan_cfm={{0x10, 0x8, 0x4}, {0x1, 0x101}}]}}, 0x25)
syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB="02c8e01ab1390a84087844c25e001600050018fd120001800900faffff008700ac00020007000400"], 0x1f)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x1c, 0xc}, {0x2e2, 0x2, 0x8, 0x8, [0x8, 0x6]}}}}, 0x19)
syz_emit_vhci(&(0x7f0000000100)=@HCI_EVENT_PKT={0x4, @hci_ev_disconn_complete={{0x5, 0x4}, {0x0, 0xc8, 0xfe}}}, 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_num_comp_pkts={{0x13, 0x15}, {0x5, [{0xc8, 0x1}, {0xc8, 0x1}, {0xc9, 0xfff7}, {0xc9, 0x66}, {0xc8, 0xd5}]}}}, 0x18)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)

13:52:01 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe800000000000000000000000bd00bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

13:52:01 executing program 1:
socket$inet(0x2, 0x1, 0x0) (async)
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
write$binfmt_script(r1, 0x0, 0xb) (async)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="3c00000010008506000000ff0100000000000000", @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=ANY=[@ANYBLOB="5000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100766574680000f0ff130002801400ff0000000000", @ANYRES32=0x0, @ANYBLOB="000e00000000000008000a00", @ANYRES32=r2], 0x50}}, 0x0)
getsockname$packet(r1, &(0x7f0000000440)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000004c0)=0x14)
r4 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r4, &(0x7f00000000c0), 0x492492492492627, 0x0) (async)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8, 0x1, r2}]}}}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x48}}, 0x0) (async)
setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), &(0x7f00000000c0)={'0000000000000000000000000000000', 0x31}, 0x20, 0x2)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

[ 2353.306219][ T2396] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[ 2353.328482][T17952] Bluetooth: hci8: ACL packet for unknown connection handle 0
[ 2353.342352][T17952] general protection fault, probably for non-canonical address 0xdffffc000000000b: 0000 [#1] PREEMPT SMP KASAN
[ 2353.354129][T17952] KASAN: null-ptr-deref in range [0x0000000000000058-0x000000000000005f]
[ 2353.362567][T17952] CPU: 0 PID: 17952 Comm: kworker/u5:1 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 2353.372833][T17952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 2353.378859][ T2396] 8021q: adding VLAN 0 to HW filter on device bond1
[ 2353.382921][T17952] Workqueue: hci8 hci_rx_work
[ 2353.382957][T17952] RIP: 0010:klist_next+0x49/0x510
[ 2353.383062][T17952] Code: 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 2e 04 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b 2b 48 8d 7d 58 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 33 04 00 00 4c 8d 6b 08 4c 8b 7d 58 48 b8 00 00
[ 2353.383085][T17952] RSP: 0018:ffffc9000342f9b8 EFLAGS: 00010202
[ 2353.425208][T17952] RAX: dffffc0000000000 RBX: ffffc9000342fa30 RCX: ffffc90014176000
[ 2353.433296][T17952] RDX: 000000000000000b RSI: ffffffff84214a16 RDI: 0000000000000058
[ 2353.441288][T17952] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[ 2353.449270][T17952] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000
[ 2353.457255][T17952] R13: ffffffff8860c440 R14: 1ffff92000685f42 R15: dffffc0000000000
[ 2353.465251][T17952] FS:  0000000000000000(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000
[ 2353.474210][T17952] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2353.480811][T17952] CR2: 00007f39b5d9d0b0 CR3: 0000000047301000 CR4: 00000000003506f0
[ 2353.488809][T17952] Call Trace:
[ 2353.492121][T17952]  <TASK>
[ 2353.495267][T17952]  ? synchronize_rcu_expedited+0x670/0x670
[ 2353.502502][T17952]  ? bt_link_release+0x20/0x20
[ 2353.507378][T17952]  device_find_child+0xba/0x190
[ 2353.512246][T17952]  ? device_for_each_child+0x170/0x170
[ 2353.517715][T17952]  ? _raw_spin_unlock_irqrestore+0x50/0x70
[ 2353.523538][T17952]  hci_conn_del_sysfs+0xc7/0x180
[ 2353.530423][T17952]  hci_conn_cleanup+0x315/0x7b0
[ 2353.535313][T17952]  hci_conn_del+0x29b/0x790
[ 2353.539918][T17952]  hci_disconn_complete_evt+0x833/0xeb0
[ 2353.545497][T17952]  ? skb_pull_data+0xf7/0x130
[ 2353.550354][T17952]  hci_event_packet+0x952/0xfd0
[ 2353.555492][T17952]  ? hci_cc_le_set_adv_enable+0x5b0/0x5b0
[ 2353.561234][T17952]  ? hci_cs_create_conn+0x3a0/0x3a0
[ 2353.566526][T17952]  ? kcov_remote_start+0x156/0x7a0
[ 2353.571654][T17952]  hci_rx_work+0xae7/0x1230
[ 2353.576171][T17952]  process_one_work+0x991/0x1610
[ 2353.581133][T17952]  ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 2353.586692][T17952]  ? rwlock_bug.part.0+0x90/0x90
[ 2353.591636][T17952]  ? _raw_spin_lock_irq+0x41/0x50
[ 2353.596668][T17952]  worker_thread+0x665/0x1080
[ 2353.601359][T17952]  ? __kthread_parkme+0x15f/0x220
13:52:01 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x618)

13:52:01 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="048a"], 0x8) (async)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}}}, 0x9)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_EVENT_PKT={0x4, @hci_ev_sniff_subrate={{0x2e, 0xb}, {0x80, 0xc9, 0x63c, 0x1, 0x3, 0x9}}}, 0xe) (async)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x3, 0x2, 0x20}, @l2cap_cid_signaling={{0x1c}, [@l2cap_move_chan_rsp={{0xf, 0x1, 0x4}, {0x0, 0x4}}, @l2cap_create_chan_rsp={{0xd, 0xc, 0x8}, {0x40, 0x8, 0x200, 0xd}}, @l2cap_move_chan_cfm={{0x10, 0x8, 0x4}, {0x1, 0x101}}]}}, 0x25)
syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB="02c8e01ab1390a84087844c25e001600050018fd120001800900faffff008700ac00020007000400"], 0x1f) (async)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x1c, 0xc}, {0x2e2, 0x2, 0x8, 0x8, [0x8, 0x6]}}}}, 0x19) (async)
syz_emit_vhci(&(0x7f0000000100)=@HCI_EVENT_PKT={0x4, @hci_ev_disconn_complete={{0x5, 0x4}, {0x0, 0xc8, 0xfe}}}, 0x7) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_num_comp_pkts={{0x13, 0x15}, {0x5, [{0xc8, 0x1}, {0xc8, 0x1}, {0xc9, 0xfff7}, {0xc9, 0x66}, {0xc8, 0xd5}]}}}, 0x18) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)

[ 2353.606475][T17952]  ? process_one_work+0x1610/0x1610
[ 2353.611684][T17952]  kthread+0x2e4/0x3a0
[ 2353.616198][T17952]  ? kthread_complete_and_exit+0x40/0x40
[ 2353.621845][T17952]  ret_from_fork+0x1f/0x30
[ 2353.626379][T17952]  </TASK>
[ 2353.629395][T17952] Modules linked in:
[ 2353.634566][T17952] ---[ end trace 0000000000000000 ]---
[ 2353.640354][T17952] RIP: 0010:klist_next+0x49/0x510
[ 2353.645463][T17952] Code: 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 2e 04 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b 2b 48 8d 7d 58 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 33 04 00 00 4c 8d 6b 08 4c 8b 7d 58 48 b8 00 00
[ 2353.661899][ T2399] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[ 2353.666256][T17952] RSP: 0018:ffffc9000342f9b8 EFLAGS: 00010202
[ 2353.680306][T17952] RAX: dffffc0000000000 RBX: ffffc9000342fa30 RCX: ffffc90014176000
[ 2353.688461][T17952] RDX: 000000000000000b RSI: ffffffff84214a16 RDI: 0000000000000058
[ 2353.696605][T17952] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
13:52:02 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x630)

13:52:02 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="048a"], 0x8) (async)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}}}, 0x9) (async)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_EVENT_PKT={0x4, @hci_ev_sniff_subrate={{0x2e, 0xb}, {0x80, 0xc9, 0x63c, 0x1, 0x3, 0x9}}}, 0xe) (async)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x3, 0x2, 0x20}, @l2cap_cid_signaling={{0x1c}, [@l2cap_move_chan_rsp={{0xf, 0x1, 0x4}, {0x0, 0x4}}, @l2cap_create_chan_rsp={{0xd, 0xc, 0x8}, {0x40, 0x8, 0x200, 0xd}}, @l2cap_move_chan_cfm={{0x10, 0x8, 0x4}, {0x1, 0x101}}]}}, 0x25)
syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB="02c8e01ab1390a84087844c25e001600050018fd120001800900faffff008700ac00020007000400"], 0x1f) (async)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x1c, 0xc}, {0x2e2, 0x2, 0x8, 0x8, [0x8, 0x6]}}}}, 0x19) (async)
syz_emit_vhci(&(0x7f0000000100)=@HCI_EVENT_PKT={0x4, @hci_ev_disconn_complete={{0x5, 0x4}, {0x0, 0xc8, 0xfe}}}, 0x7) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_num_comp_pkts={{0x13, 0x15}, {0x5, [{0xc8, 0x1}, {0xc8, 0x1}, {0xc9, 0xfff7}, {0xc9, 0x66}, {0xc8, 0xd5}]}}}, 0x18)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)

13:52:02 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000fec000bb08000500", @ANYRES32=r2], 0x34}}, 0x0)

[ 2353.704754][T17952] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000
[ 2353.712956][T17952] R13: ffffffff8860c440 R14: 1ffff92000685f42 R15: dffffc0000000000
[ 2353.721080][T17952] FS:  0000000000000000(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000
[ 2353.730276][T17952] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2353.736911][T17952] CR2: 00007f39b5d9d0b0 CR3: 000000007527f000 CR4: 00000000003506f0
[ 2353.745061][T17952] Kernel panic - not syncing: Fatal exception
[ 2353.751347][T17952] Kernel Offset: disabled
[ 2353.755760][T17952] Rebooting in 86400 seconds..