Warning: Permanently added '[localhost]:39189' (ECDSA) to the list of known hosts.
2025/09/01 10:31:52 fuzzer started
2025/09/01 10:31:53 dialing manager at localhost:35473
syzkaller login: [   48.557217] cgroup: Unknown subsys name 'net'
[   48.631285] cgroup: Unknown subsys name 'cpuset'
[   48.668106] cgroup: Unknown subsys name 'rlimit'
2025/09/01 10:32:02 syscalls: 2214
2025/09/01 10:32:02 code coverage: enabled
2025/09/01 10:32:02 comparison tracing: enabled
2025/09/01 10:32:02 extra coverage: enabled
2025/09/01 10:32:02 setuid sandbox: enabled
2025/09/01 10:32:02 namespace sandbox: enabled
2025/09/01 10:32:02 Android sandbox: enabled
2025/09/01 10:32:02 fault injection: enabled
2025/09/01 10:32:02 leak checking: enabled
2025/09/01 10:32:02 net packet injection: enabled
2025/09/01 10:32:02 net device setup: enabled
2025/09/01 10:32:02 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/09/01 10:32:02 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/09/01 10:32:02 USB emulation: enabled
2025/09/01 10:32:02 hci packet injection: enabled
2025/09/01 10:32:02 wifi device emulation: enabled
2025/09/01 10:32:02 802.15.4 emulation: enabled
2025/09/01 10:32:02 fetching corpus: 0, signal 0/2000 (executing program)
2025/09/01 10:32:02 fetching corpus: 50, signal 23774/27229 (executing program)
2025/09/01 10:32:03 fetching corpus: 100, signal 38523/43241 (executing program)
2025/09/01 10:32:03 fetching corpus: 150, signal 46278/52255 (executing program)
2025/09/01 10:32:03 fetching corpus: 200, signal 51074/58259 (executing program)
2025/09/01 10:32:03 fetching corpus: 250, signal 56975/65203 (executing program)
2025/09/01 10:32:03 fetching corpus: 300, signal 61033/70325 (executing program)
2025/09/01 10:32:03 fetching corpus: 350, signal 64426/74740 (executing program)
2025/09/01 10:32:03 fetching corpus: 400, signal 66866/78200 (executing program)
2025/09/01 10:32:03 fetching corpus: 450, signal 69190/81548 (executing program)
2025/09/01 10:32:03 fetching corpus: 500, signal 72359/85547 (executing program)
2025/09/01 10:32:03 fetching corpus: 550, signal 75106/89105 (executing program)
2025/09/01 10:32:03 fetching corpus: 600, signal 78079/92850 (executing program)
2025/09/01 10:32:03 fetching corpus: 650, signal 80097/95665 (executing program)
2025/09/01 10:32:03 fetching corpus: 700, signal 82111/98452 (executing program)
2025/09/01 10:32:04 fetching corpus: 750, signal 84019/101109 (executing program)
2025/09/01 10:32:04 fetching corpus: 800, signal 85770/103598 (executing program)
2025/09/01 10:32:04 fetching corpus: 850, signal 87457/106005 (executing program)
2025/09/01 10:32:04 fetching corpus: 900, signal 89435/108636 (executing program)
2025/09/01 10:32:04 fetching corpus: 950, signal 91606/111313 (executing program)
2025/09/01 10:32:04 fetching corpus: 1000, signal 93219/113531 (executing program)
2025/09/01 10:32:04 fetching corpus: 1050, signal 95130/115940 (executing program)
2025/09/01 10:32:04 fetching corpus: 1100, signal 97311/118486 (executing program)
2025/09/01 10:32:04 fetching corpus: 1150, signal 100688/121902 (executing program)
2025/09/01 10:32:04 fetching corpus: 1200, signal 101866/123621 (executing program)
2025/09/01 10:32:04 fetching corpus: 1250, signal 103162/125438 (executing program)
2025/09/01 10:32:05 fetching corpus: 1300, signal 104044/126917 (executing program)
2025/09/01 10:32:05 fetching corpus: 1350, signal 105709/128895 (executing program)
2025/09/01 10:32:05 fetching corpus: 1400, signal 107126/130690 (executing program)
2025/09/01 10:32:05 fetching corpus: 1450, signal 108349/132317 (executing program)
2025/09/01 10:32:05 fetching corpus: 1500, signal 109276/133713 (executing program)
2025/09/01 10:32:05 fetching corpus: 1550, signal 110692/135442 (executing program)
2025/09/01 10:32:05 fetching corpus: 1600, signal 111941/137049 (executing program)
2025/09/01 10:32:05 fetching corpus: 1650, signal 112749/138286 (executing program)
2025/09/01 10:32:05 fetching corpus: 1700, signal 113724/139647 (executing program)
2025/09/01 10:32:05 fetching corpus: 1750, signal 114550/140898 (executing program)
2025/09/01 10:32:05 fetching corpus: 1800, signal 115687/142282 (executing program)
2025/09/01 10:32:06 fetching corpus: 1850, signal 117043/143755 (executing program)
2025/09/01 10:32:06 fetching corpus: 1900, signal 118180/145138 (executing program)
2025/09/01 10:32:06 fetching corpus: 1950, signal 119290/146453 (executing program)
2025/09/01 10:32:06 fetching corpus: 2000, signal 120119/147637 (executing program)
2025/09/01 10:32:06 fetching corpus: 2050, signal 121070/148818 (executing program)
2025/09/01 10:32:06 fetching corpus: 2100, signal 122244/150118 (executing program)
2025/09/01 10:32:06 fetching corpus: 2150, signal 123378/151350 (executing program)
2025/09/01 10:32:06 fetching corpus: 2200, signal 125793/153204 (executing program)
2025/09/01 10:32:06 fetching corpus: 2250, signal 126850/154325 (executing program)
2025/09/01 10:32:06 fetching corpus: 2300, signal 127702/155409 (executing program)
2025/09/01 10:32:06 fetching corpus: 2350, signal 128929/156621 (executing program)
2025/09/01 10:32:07 fetching corpus: 2400, signal 129996/157677 (executing program)
2025/09/01 10:32:07 fetching corpus: 2450, signal 130812/158620 (executing program)
2025/09/01 10:32:07 fetching corpus: 2500, signal 131608/159553 (executing program)
2025/09/01 10:32:07 fetching corpus: 2550, signal 132524/160453 (executing program)
2025/09/01 10:32:07 fetching corpus: 2600, signal 133733/161451 (executing program)
2025/09/01 10:32:07 fetching corpus: 2650, signal 135323/162591 (executing program)
2025/09/01 10:32:07 fetching corpus: 2700, signal 135926/163397 (executing program)
2025/09/01 10:32:07 fetching corpus: 2750, signal 136960/164265 (executing program)
2025/09/01 10:32:07 fetching corpus: 2800, signal 137648/165007 (executing program)
2025/09/01 10:32:07 fetching corpus: 2850, signal 138161/165660 (executing program)
2025/09/01 10:32:08 fetching corpus: 2900, signal 138797/166376 (executing program)
2025/09/01 10:32:08 fetching corpus: 2950, signal 139407/167049 (executing program)
2025/09/01 10:32:08 fetching corpus: 3000, signal 140053/167725 (executing program)
2025/09/01 10:32:08 fetching corpus: 3050, signal 140655/168404 (executing program)
2025/09/01 10:32:08 fetching corpus: 3100, signal 141235/169056 (executing program)
2025/09/01 10:32:08 fetching corpus: 3150, signal 141915/169707 (executing program)
2025/09/01 10:32:08 fetching corpus: 3200, signal 142622/170402 (executing program)
2025/09/01 10:32:08 fetching corpus: 3250, signal 143408/171097 (executing program)
2025/09/01 10:32:08 fetching corpus: 3300, signal 143992/171664 (executing program)
2025/09/01 10:32:08 fetching corpus: 3350, signal 144659/172234 (executing program)
2025/09/01 10:32:08 fetching corpus: 3400, signal 145140/172739 (executing program)
2025/09/01 10:32:09 fetching corpus: 3450, signal 145719/173282 (executing program)
2025/09/01 10:32:09 fetching corpus: 3500, signal 146318/173814 (executing program)
2025/09/01 10:32:09 fetching corpus: 3550, signal 146793/174311 (executing program)
2025/09/01 10:32:09 fetching corpus: 3600, signal 147538/174815 (executing program)
2025/09/01 10:32:09 fetching corpus: 3650, signal 147929/175261 (executing program)
2025/09/01 10:32:09 fetching corpus: 3700, signal 148518/175733 (executing program)
2025/09/01 10:32:09 fetching corpus: 3750, signal 149165/176226 (executing program)
2025/09/01 10:32:09 fetching corpus: 3800, signal 149553/176618 (executing program)
2025/09/01 10:32:09 fetching corpus: 3850, signal 150292/177067 (executing program)
2025/09/01 10:32:09 fetching corpus: 3900, signal 150592/177466 (executing program)
2025/09/01 10:32:09 fetching corpus: 3950, signal 151147/177874 (executing program)
2025/09/01 10:32:09 fetching corpus: 4000, signal 151452/178225 (executing program)
2025/09/01 10:32:10 fetching corpus: 4050, signal 152110/178568 (executing program)
2025/09/01 10:32:10 fetching corpus: 4100, signal 152579/178912 (executing program)
2025/09/01 10:32:10 fetching corpus: 4150, signal 153142/179275 (executing program)
2025/09/01 10:32:10 fetching corpus: 4200, signal 153524/179621 (executing program)
2025/09/01 10:32:10 fetching corpus: 4250, signal 153903/179980 (executing program)
2025/09/01 10:32:10 fetching corpus: 4300, signal 154312/180288 (executing program)
2025/09/01 10:32:10 fetching corpus: 4350, signal 154803/180605 (executing program)
2025/09/01 10:32:10 fetching corpus: 4400, signal 155141/180880 (executing program)
2025/09/01 10:32:10 fetching corpus: 4450, signal 155547/180890 (executing program)
2025/09/01 10:32:10 fetching corpus: 4500, signal 156022/180952 (executing program)
2025/09/01 10:32:10 fetching corpus: 4550, signal 156348/180954 (executing program)
2025/09/01 10:32:11 fetching corpus: 4600, signal 156683/180954 (executing program)
2025/09/01 10:32:11 fetching corpus: 4650, signal 157137/180966 (executing program)
2025/09/01 10:32:11 fetching corpus: 4700, signal 157743/180974 (executing program)
2025/09/01 10:32:11 fetching corpus: 4750, signal 158358/181013 (executing program)
2025/09/01 10:32:11 fetching corpus: 4800, signal 159209/181027 (executing program)
2025/09/01 10:32:11 fetching corpus: 4850, signal 159678/181032 (executing program)
2025/09/01 10:32:11 fetching corpus: 4900, signal 160431/181038 (executing program)
2025/09/01 10:32:11 fetching corpus: 4950, signal 160861/181049 (executing program)
2025/09/01 10:32:11 fetching corpus: 5000, signal 161196/181065 (executing program)
2025/09/01 10:32:11 fetching corpus: 5050, signal 161537/181075 (executing program)
2025/09/01 10:32:12 fetching corpus: 5100, signal 162304/181083 (executing program)
2025/09/01 10:32:12 fetching corpus: 5150, signal 162652/181177 (executing program)
2025/09/01 10:32:12 fetching corpus: 5200, signal 162958/181192 (executing program)
2025/09/01 10:32:12 fetching corpus: 5250, signal 163353/181194 (executing program)
2025/09/01 10:32:12 fetching corpus: 5300, signal 163820/181195 (executing program)
2025/09/01 10:32:12 fetching corpus: 5350, signal 164220/181206 (executing program)
2025/09/01 10:32:12 fetching corpus: 5400, signal 164901/181308 (executing program)
2025/09/01 10:32:12 fetching corpus: 5450, signal 165227/181318 (executing program)
2025/09/01 10:32:12 fetching corpus: 5500, signal 165862/181321 (executing program)
2025/09/01 10:32:12 fetching corpus: 5550, signal 166245/181333 (executing program)
2025/09/01 10:32:12 fetching corpus: 5600, signal 166677/181345 (executing program)
2025/09/01 10:32:12 fetching corpus: 5650, signal 167222/181351 (executing program)
2025/09/01 10:32:13 fetching corpus: 5700, signal 167545/181355 (executing program)
2025/09/01 10:32:13 fetching corpus: 5750, signal 167919/181369 (executing program)
2025/09/01 10:32:13 fetching corpus: 5800, signal 168205/181382 (executing program)
2025/09/01 10:32:13 fetching corpus: 5850, signal 168527/181389 (executing program)
2025/09/01 10:32:13 fetching corpus: 5900, signal 168875/181397 (executing program)
2025/09/01 10:32:13 fetching corpus: 5950, signal 169145/181408 (executing program)
2025/09/01 10:32:13 fetching corpus: 6000, signal 169413/181408 (executing program)
2025/09/01 10:32:13 fetching corpus: 6050, signal 169650/181411 (executing program)
2025/09/01 10:32:13 fetching corpus: 6100, signal 169994/181421 (executing program)
2025/09/01 10:32:13 fetching corpus: 6150, signal 170496/181424 (executing program)
2025/09/01 10:32:13 fetching corpus: 6200, signal 171483/181433 (executing program)
2025/09/01 10:32:14 fetching corpus: 6250, signal 171828/181433 (executing program)
2025/09/01 10:32:14 fetching corpus: 6300, signal 172261/181444 (executing program)
2025/09/01 10:32:14 fetching corpus: 6350, signal 172779/181448 (executing program)
2025/09/01 10:32:14 fetching corpus: 6400, signal 173138/181451 (executing program)
2025/09/01 10:32:14 fetching corpus: 6450, signal 173393/181464 (executing program)
2025/09/01 10:32:14 fetching corpus: 6500, signal 173730/181481 (executing program)
2025/09/01 10:32:14 fetching corpus: 6550, signal 174010/181483 (executing program)
2025/09/01 10:32:14 fetching corpus: 6600, signal 174302/181508 (executing program)
2025/09/01 10:32:14 fetching corpus: 6650, signal 174615/181516 (executing program)
2025/09/01 10:32:14 fetching corpus: 6700, signal 174942/181519 (executing program)
2025/09/01 10:32:15 fetching corpus: 6750, signal 175206/181523 (executing program)
2025/09/01 10:32:15 fetching corpus: 6800, signal 175509/181529 (executing program)
2025/09/01 10:32:15 fetching corpus: 6850, signal 175817/181532 (executing program)
2025/09/01 10:32:15 fetching corpus: 6900, signal 176087/181536 (executing program)
2025/09/01 10:32:15 fetching corpus: 6950, signal 176321/181540 (executing program)
2025/09/01 10:32:15 fetching corpus: 7000, signal 176672/181547 (executing program)
2025/09/01 10:32:15 fetching corpus: 7050, signal 176839/181559 (executing program)
2025/09/01 10:32:15 fetching corpus: 7100, signal 177404/181563 (executing program)
2025/09/01 10:32:15 fetching corpus: 7150, signal 177838/181569 (executing program)
2025/09/01 10:32:15 fetching corpus: 7200, signal 178090/181574 (executing program)
2025/09/01 10:32:15 fetching corpus: 7250, signal 178460/181581 (executing program)
2025/09/01 10:32:16 fetching corpus: 7300, signal 178769/181619 (executing program)
2025/09/01 10:32:16 fetching corpus: 7350, signal 178958/181619 (executing program)
2025/09/01 10:32:16 fetching corpus: 7352, signal 178963/181619 (executing program)
2025/09/01 10:32:16 fetching corpus: 7352, signal 178963/181619 (executing program)
2025/09/01 10:32:18 starting 8 fuzzer processes
10:32:18 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_MCAST_LEAVE_GROUP(r0, 0x0, 0x4, &(0x7f0000000040)={0x0, {{0x2, 0x0, @multicast1}}}, 0x88)

10:32:18 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000000)=@req3={0x1000, 0x1, 0x400, 0x4}, 0x1c)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r1, &(0x7f0000006100)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x0, @empty}, 0x1c, 0x0}}], 0x1, 0x0)

10:32:18 executing program 7:
syz_emit_vhci(&(0x7f00000007c0)=ANY=[@ANYBLOB="040e040912204007a36a2f74a5a8cb4afef2541ebc5b4200603f6908884684145fbd04179fea9e02835ae6306d911a55dfa1dbc8db9a0f444809345a122b8a3de6f188f757ba6369aed8283cf9ab156f6ed154d0ca1a833b5207445923c222d41dea8a94f2eee34296ba87169462cd5c15f1ef1c005461ded632e874ea764801a332f303a370972a8acf4f040d1a9fc9e2bfd890164047f3166d95c214f4a6bcf1f444500b3903abd9a1b23728b4a0d1512ce0535dd92e21e8146095d6ed3274236ab362dd45105a144ead1d82b3030d741d131ee47f511a0000529c1416df442d8ec75f67619ea9fa1662fe94cfc1ff563636a1a8"], 0x7)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_move_chan_rsp={{0xf, 0x3, 0x4}, {0x4, 0x9}}]}}, 0x11)
syz_emit_vhci(&(0x7f0000000100)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x4, 0x0, 0x41c}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000180), 0x103180, 0x0)
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="03c800a23b9d1d50823db5e2e45988439ba596412882a4a358c2aadd49ebbc0ac108037fd8d8a2ce0e22630aca0a5a00a708b5785800dc05cbd28b2f73d04ea40222b037b3f53c82bee4a2c5a30c7afbe4259ace371f82e3a651cf064f90a3b1d64cee29c1e1c666def7bc6ee3c62ffbbfa31f6b97f5ea0a3dd6597d746320e598031b2cceddb4adc829a1ee1c1119d4eb41939be2f9c119b1c38aef5742e35b2b5de861e4da"], 0xa6)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="03c900009e14e837273701de118d8aad382a2ee9f865767a450b0ce0497a1c7e0977a673802bf56b874c3aea0b1fe4876f06be57ef79f965a7f1cd1fe1bf9d46e29255c8a58c47488ca00c00eba31c89ba1c40cc01a08ed8d37aee0b442f5785ab6dc4342378839eccb5677f44a43dbfcc9bb9375ab873a1cd04b29c15780d1823f686e4bdb209c750cade7ba758bd4f6520c2fd1f9d427d54142daacb9c16270cfa6d8599d58c72f2a4629f75fb238c3929215cca5d888643088fe02670d8c07a5a06e7e8d1ee8ff9a20b5da148f7d6737e0a5d0583471a33fbd62a4e3f0a01c8a65466d810ef3d82a57e4c196a2ea8f477fb59036f1e1616cfaa68735835dfdd644f144f4d78da2edb3a32707d1816baa4c603a978c9446174a83b460b157556bfb4dd1204f0aead"], 0x54)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_num_comp_blocks={{0x48, 0xf}, {0x8, 0x2, [{0xc8, 0x8001, 0x2}, {0xc8, 0x3, 0x3f}]}}}, 0x12)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
faccessat2(r0, &(0x7f0000000040)='./file0\x00', 0x120, 0xa00)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f0000000700)=ANY=[@ANYBLOB="371337cfa3139f00000000ff78856d451224038c293def2129b762617306025dc3ab02fefdc8c81e99c9432b4d763185f3798ea45a000000807a2997604e26d27d4fbe5367b47a6abe08e052100b78407f797ddf1677b6ca78623a60e86aa735eafc950014d31476d3c19ab92ba9bf1e12da13b50d629cacccc89b1000"/134])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYRESHEX, @ANYRESHEX=r0, @ANYRESOCT=r1, @ANYRESOCT=r0, @ANYRES16=r0, @ANYRESDEC=r0, @ANYRESOCT], 0x54df1abb4fd15e78)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYRESDEC=r0], 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

10:32:18 executing program 2:
syz_mount_image$nfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$9p_tcp(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000380)={'trans=tcp,', {}, 0x2c, {[{@msize={'msize', 0x3d, 0x8cffffff}}]}})

10:32:18 executing program 3:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000007e40), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000007f40)={&(0x7f0000007e00), 0xc, &(0x7f0000007f00)={&(0x7f0000007e80)={0x30, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @private1}, @NLBL_MGMT_A_DOMAIN={0x6, 0x1, '\xff\xff'}]}, 0x30}}, 0x0)

[   74.093779] audit: type=1400 audit(1756722738.769:7): avc:  denied  { execmem } for  pid=272 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
10:32:18 executing program 5:
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x2196b2a4c4405538, 0xffffffffffffffff, 0x0)

10:32:18 executing program 6:
syz_mount_image$nfs(0x0, &(0x7f0000000300)='.\x00', 0x0, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000340)="1c", 0x1}], 0x0, 0x0)

10:32:18 executing program 4:
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000080)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)
getsockname$packet(r0, 0x0, &(0x7f0000000040))

[   75.352000] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   75.355146] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   75.358012] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   75.359769] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   75.362275] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   75.363008] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   75.365978] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   75.366634] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   75.368314] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   75.370054] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   75.373926] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   75.377975] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   75.394547] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   75.395997] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   75.403823] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   75.466688] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   75.469934] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   75.478114] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   75.485280] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   75.487871] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   75.530941] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   75.538970] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   75.545286] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   75.564805] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   75.571194] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   75.603014] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   75.610797] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   75.637791] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   75.639267] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   75.647321] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   75.669339] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   75.681196] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   75.685715] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   75.692990] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   75.694522] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   75.697052] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   75.713048] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   75.719777] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   75.782888] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   75.786767] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   77.436656] Bluetooth: hci2: command tx timeout
[   77.437758] Bluetooth: hci0: command tx timeout
[   77.437786] Bluetooth: hci1: command tx timeout
[   77.564380] Bluetooth: hci3: command tx timeout
[   77.692390] Bluetooth: hci4: command tx timeout
[   77.755519] Bluetooth: hci7: command tx timeout
[   77.755574] Bluetooth: hci6: command tx timeout
[   77.884931] Bluetooth: hci5: command tx timeout
[   79.483493] Bluetooth: hci2: command tx timeout
[   79.484218] Bluetooth: hci0: command tx timeout
[   79.484992] Bluetooth: hci1: command tx timeout
[   79.613411] Bluetooth: hci3: command tx timeout
[   79.740402] Bluetooth: hci4: command tx timeout
[   79.803525] Bluetooth: hci6: command tx timeout
[   79.804527] Bluetooth: hci7: command tx timeout
[   79.933400] Bluetooth: hci5: command tx timeout
[   81.531513] Bluetooth: hci0: command tx timeout
[   81.533170] Bluetooth: hci1: command tx timeout
[   81.533201] Bluetooth: hci2: command tx timeout
[   81.659400] Bluetooth: hci3: command tx timeout
[   81.787387] Bluetooth: hci4: command tx timeout
[   81.851985] Bluetooth: hci7: command tx timeout
[   81.852012] Bluetooth: hci6: command tx timeout
[   81.979656] Bluetooth: hci5: command tx timeout
[   83.579494] Bluetooth: hci2: command tx timeout
[   83.581498] Bluetooth: hci1: command tx timeout
[   83.581880] Bluetooth: hci0: command tx timeout
[   83.707528] Bluetooth: hci3: command tx timeout
[   83.836393] Bluetooth: hci4: command tx timeout
[   83.899484] Bluetooth: hci7: command tx timeout
[   83.900069] Bluetooth: hci6: command tx timeout
[   84.027508] Bluetooth: hci5: command tx timeout
[  112.751641] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  112.752306] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.933616] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  112.934225] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  113.151665] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  113.152298] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  113.315062] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  113.315931] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
10:32:58 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x0, 0x0, 0x0)
llistxattr(&(0x7f0000001700)='./file0\x00', &(0x7f0000001740)=""/198, 0xc6)

[  113.596970] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  113.598046] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
10:32:58 executing program 1:
r0 = syz_open_dev$evdev(&(0x7f0000000340), 0x0, 0x0)
ioctl$EVIOCSCLOCKID(r0, 0x400445a0, 0x0)

[  113.695649] audit: type=1400 audit(1756722778.372:8): avc:  denied  { open } for  pid=3812 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  113.697634] audit: type=1400 audit(1756722778.373:9): avc:  denied  { kernel } for  pid=3812 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
10:32:58 executing program 1:
fsopen(0x0, 0xe09868fa6d6955bb)

[  113.726113] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  113.726870] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  113.854183] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  113.854806] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  113.963390] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  113.964002] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  114.300335] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  114.300986] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  114.385594] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  114.386244] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  114.468423] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  114.469030] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  114.520050] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  114.520984] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  114.632660] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  114.633273] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  114.697646] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  114.698251] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  114.705900] Bluetooth: Unexpected continuation frame (len 12)
[  114.776698] Bluetooth: Unexpected continuation frame (len 12)
[  114.962774] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  114.963433] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  115.031168] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  115.032247] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
10:32:59 executing program 3:
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000080)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)
getsockname$packet(r0, 0x0, &(0x7f0000000040))

10:32:59 executing program 1:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
madvise(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xb)

10:32:59 executing program 4:
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000080)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)
getsockname$packet(r0, 0x0, &(0x7f0000000040))

10:32:59 executing program 7:
syz_emit_vhci(&(0x7f00000007c0)=ANY=[@ANYBLOB="040e040912204007a36a2f74a5a8cb4afef2541ebc5b4200603f6908884684145fbd04179fea9e02835ae6306d911a55dfa1dbc8db9a0f444809345a122b8a3de6f188f757ba6369aed8283cf9ab156f6ed154d0ca1a833b5207445923c222d41dea8a94f2eee34296ba87169462cd5c15f1ef1c005461ded632e874ea764801a332f303a370972a8acf4f040d1a9fc9e2bfd890164047f3166d95c214f4a6bcf1f444500b3903abd9a1b23728b4a0d1512ce0535dd92e21e8146095d6ed3274236ab362dd45105a144ead1d82b3030d741d131ee47f511a0000529c1416df442d8ec75f67619ea9fa1662fe94cfc1ff563636a1a8"], 0x7)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_move_chan_rsp={{0xf, 0x3, 0x4}, {0x4, 0x9}}]}}, 0x11)
syz_emit_vhci(&(0x7f0000000100)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x4, 0x0, 0x41c}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000180), 0x103180, 0x0)
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="03c800a23b9d1d50823db5e2e45988439ba596412882a4a358c2aadd49ebbc0ac108037fd8d8a2ce0e22630aca0a5a00a708b5785800dc05cbd28b2f73d04ea40222b037b3f53c82bee4a2c5a30c7afbe4259ace371f82e3a651cf064f90a3b1d64cee29c1e1c666def7bc6ee3c62ffbbfa31f6b97f5ea0a3dd6597d746320e598031b2cceddb4adc829a1ee1c1119d4eb41939be2f9c119b1c38aef5742e35b2b5de861e4da"], 0xa6)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="03c900009e14e837273701de118d8aad382a2ee9f865767a450b0ce0497a1c7e0977a673802bf56b874c3aea0b1fe4876f06be57ef79f965a7f1cd1fe1bf9d46e29255c8a58c47488ca00c00eba31c89ba1c40cc01a08ed8d37aee0b442f5785ab6dc4342378839eccb5677f44a43dbfcc9bb9375ab873a1cd04b29c15780d1823f686e4bdb209c750cade7ba758bd4f6520c2fd1f9d427d54142daacb9c16270cfa6d8599d58c72f2a4629f75fb238c3929215cca5d888643088fe02670d8c07a5a06e7e8d1ee8ff9a20b5da148f7d6737e0a5d0583471a33fbd62a4e3f0a01c8a65466d810ef3d82a57e4c196a2ea8f477fb59036f1e1616cfaa68735835dfdd644f144f4d78da2edb3a32707d1816baa4c603a978c9446174a83b460b157556bfb4dd1204f0aead"], 0x54)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_num_comp_blocks={{0x48, 0xf}, {0x8, 0x2, [{0xc8, 0x8001, 0x2}, {0xc8, 0x3, 0x3f}]}}}, 0x12)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
faccessat2(r0, &(0x7f0000000040)='./file0\x00', 0x120, 0xa00)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f0000000700)=ANY=[@ANYBLOB="371337cfa3139f00000000ff78856d451224038c293def2129b762617306025dc3ab02fefdc8c81e99c9432b4d763185f3798ea45a000000807a2997604e26d27d4fbe5367b47a6abe08e052100b78407f797ddf1677b6ca78623a60e86aa735eafc950014d31476d3c19ab92ba9bf1e12da13b50d629cacccc89b1000"/134])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYRESHEX, @ANYRESHEX=r0, @ANYRESOCT=r1, @ANYRESOCT=r0, @ANYRES16=r0, @ANYRESDEC=r0, @ANYRESOCT], 0x54df1abb4fd15e78)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYRESDEC=r0], 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

10:32:59 executing program 6:
syz_mount_image$nfs(0x0, &(0x7f0000000300)='.\x00', 0x0, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000340)="1c", 0x1}], 0x0, 0x0)

10:32:59 executing program 5:
syz_emit_vhci(&(0x7f00000007c0)=ANY=[@ANYBLOB="040e040912204007a36a2f74a5a8cb4afef2541ebc5b4200603f6908884684145fbd04179fea9e02835ae6306d911a55dfa1dbc8db9a0f444809345a122b8a3de6f188f757ba6369aed8283cf9ab156f6ed154d0ca1a833b5207445923c222d41dea8a94f2eee34296ba87169462cd5c15f1ef1c005461ded632e874ea764801a332f303a370972a8acf4f040d1a9fc9e2bfd890164047f3166d95c214f4a6bcf1f444500b3903abd9a1b23728b4a0d1512ce0535dd92e21e8146095d6ed3274236ab362dd45105a144ead1d82b3030d741d131ee47f511a0000529c1416df442d8ec75f67619ea9fa1662fe94cfc1ff563636a1a8"], 0x7)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_move_chan_rsp={{0xf, 0x3, 0x4}, {0x4, 0x9}}]}}, 0x11)
syz_emit_vhci(&(0x7f0000000100)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x4, 0x0, 0x41c}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000180), 0x103180, 0x0)
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="03c800a23b9d1d50823db5e2e45988439ba596412882a4a358c2aadd49ebbc0ac108037fd8d8a2ce0e22630aca0a5a00a708b5785800dc05cbd28b2f73d04ea40222b037b3f53c82bee4a2c5a30c7afbe4259ace371f82e3a651cf064f90a3b1d64cee29c1e1c666def7bc6ee3c62ffbbfa31f6b97f5ea0a3dd6597d746320e598031b2cceddb4adc829a1ee1c1119d4eb41939be2f9c119b1c38aef5742e35b2b5de861e4da"], 0xa6)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="03c900009e14e837273701de118d8aad382a2ee9f865767a450b0ce0497a1c7e0977a673802bf56b874c3aea0b1fe4876f06be57ef79f965a7f1cd1fe1bf9d46e29255c8a58c47488ca00c00eba31c89ba1c40cc01a08ed8d37aee0b442f5785ab6dc4342378839eccb5677f44a43dbfcc9bb9375ab873a1cd04b29c15780d1823f686e4bdb209c750cade7ba758bd4f6520c2fd1f9d427d54142daacb9c16270cfa6d8599d58c72f2a4629f75fb238c3929215cca5d888643088fe02670d8c07a5a06e7e8d1ee8ff9a20b5da148f7d6737e0a5d0583471a33fbd62a4e3f0a01c8a65466d810ef3d82a57e4c196a2ea8f477fb59036f1e1616cfaa68735835dfdd644f144f4d78da2edb3a32707d1816baa4c603a978c9446174a83b460b157556bfb4dd1204f0aead"], 0x54)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_num_comp_blocks={{0x48, 0xf}, {0x8, 0x2, [{0xc8, 0x8001, 0x2}, {0xc8, 0x3, 0x3f}]}}}, 0x12)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
faccessat2(r0, &(0x7f0000000040)='./file0\x00', 0x120, 0xa00)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f0000000700)=ANY=[@ANYBLOB="371337cfa3139f00000000ff78856d451224038c293def2129b762617306025dc3ab02fefdc8c81e99c9432b4d763185f3798ea45a000000807a2997604e26d27d4fbe5367b47a6abe08e052100b78407f797ddf1677b6ca78623a60e86aa735eafc950014d31476d3c19ab92ba9bf1e12da13b50d629cacccc89b1000"/134])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYRESHEX, @ANYRESHEX=r0, @ANYRESOCT=r1, @ANYRESOCT=r0, @ANYRES16=r0, @ANYRESDEC=r0, @ANYRESOCT], 0x54df1abb4fd15e78)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYRESDEC=r0], 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

10:32:59 executing program 2:
syz_mount_image$nfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$9p_tcp(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000380)={'trans=tcp,', {}, 0x2c, {[{@msize={'msize', 0x3d, 0x8cffffff}}]}})

10:32:59 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_MCAST_LEAVE_GROUP(r0, 0x0, 0x4, &(0x7f0000000040)={0x0, {{0x2, 0x0, @multicast1}}}, 0x88)

[  115.162084] Bluetooth: Unexpected continuation frame (len 12)
[  115.166475] audit: type=1400 audit(1756722779.843:10): avc:  denied  { read } for  pid=3908 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  115.199854] Bluetooth: Unexpected continuation frame (len 12)
10:32:59 executing program 4:
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000080)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)
getsockname$packet(r0, 0x0, &(0x7f0000000040))

10:32:59 executing program 2:
syz_mount_image$nfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$9p_tcp(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000380)={'trans=tcp,', {}, 0x2c, {[{@msize={'msize', 0x3d, 0x8cffffff}}]}})

10:32:59 executing program 2:
syz_mount_image$nfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$9p_tcp(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000380)={'trans=tcp,', {}, 0x2c, {[{@msize={'msize', 0x3d, 0x8cffffff}}]}})

10:32:59 executing program 3:
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000080)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)
getsockname$packet(r0, 0x0, &(0x7f0000000040))

10:32:59 executing program 6:
syz_mount_image$nfs(0x0, &(0x7f0000000300)='.\x00', 0x0, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000340)="1c", 0x1}], 0x0, 0x0)

10:32:59 executing program 1:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
madvise(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xb)

10:32:59 executing program 2:
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), 0xffffffffffffffff)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

10:32:59 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_MCAST_LEAVE_GROUP(r0, 0x0, 0x4, &(0x7f0000000040)={0x0, {{0x2, 0x0, @multicast1}}}, 0x88)

10:33:00 executing program 6:
syz_mount_image$nfs(0x0, &(0x7f0000000300)='.\x00', 0x0, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000340)="1c", 0x1}], 0x0, 0x0)

10:33:00 executing program 3:
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000080)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)
getsockname$packet(r0, 0x0, &(0x7f0000000040))

10:33:00 executing program 4:
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000080)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)
getsockname$packet(r0, 0x0, &(0x7f0000000040))

10:33:00 executing program 7:
syz_emit_vhci(&(0x7f00000007c0)=ANY=[@ANYBLOB="040e040912204007a36a2f74a5a8cb4afef2541ebc5b4200603f6908884684145fbd04179fea9e02835ae6306d911a55dfa1dbc8db9a0f444809345a122b8a3de6f188f757ba6369aed8283cf9ab156f6ed154d0ca1a833b5207445923c222d41dea8a94f2eee34296ba87169462cd5c15f1ef1c005461ded632e874ea764801a332f303a370972a8acf4f040d1a9fc9e2bfd890164047f3166d95c214f4a6bcf1f444500b3903abd9a1b23728b4a0d1512ce0535dd92e21e8146095d6ed3274236ab362dd45105a144ead1d82b3030d741d131ee47f511a0000529c1416df442d8ec75f67619ea9fa1662fe94cfc1ff563636a1a8"], 0x7)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_move_chan_rsp={{0xf, 0x3, 0x4}, {0x4, 0x9}}]}}, 0x11)
syz_emit_vhci(&(0x7f0000000100)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x4, 0x0, 0x41c}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000180), 0x103180, 0x0)
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="03c800a23b9d1d50823db5e2e45988439ba596412882a4a358c2aadd49ebbc0ac108037fd8d8a2ce0e22630aca0a5a00a708b5785800dc05cbd28b2f73d04ea40222b037b3f53c82bee4a2c5a30c7afbe4259ace371f82e3a651cf064f90a3b1d64cee29c1e1c666def7bc6ee3c62ffbbfa31f6b97f5ea0a3dd6597d746320e598031b2cceddb4adc829a1ee1c1119d4eb41939be2f9c119b1c38aef5742e35b2b5de861e4da"], 0xa6)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="03c900009e14e837273701de118d8aad382a2ee9f865767a450b0ce0497a1c7e0977a673802bf56b874c3aea0b1fe4876f06be57ef79f965a7f1cd1fe1bf9d46e29255c8a58c47488ca00c00eba31c89ba1c40cc01a08ed8d37aee0b442f5785ab6dc4342378839eccb5677f44a43dbfcc9bb9375ab873a1cd04b29c15780d1823f686e4bdb209c750cade7ba758bd4f6520c2fd1f9d427d54142daacb9c16270cfa6d8599d58c72f2a4629f75fb238c3929215cca5d888643088fe02670d8c07a5a06e7e8d1ee8ff9a20b5da148f7d6737e0a5d0583471a33fbd62a4e3f0a01c8a65466d810ef3d82a57e4c196a2ea8f477fb59036f1e1616cfaa68735835dfdd644f144f4d78da2edb3a32707d1816baa4c603a978c9446174a83b460b157556bfb4dd1204f0aead"], 0x54)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_num_comp_blocks={{0x48, 0xf}, {0x8, 0x2, [{0xc8, 0x8001, 0x2}, {0xc8, 0x3, 0x3f}]}}}, 0x12)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
faccessat2(r0, &(0x7f0000000040)='./file0\x00', 0x120, 0xa00)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f0000000700)=ANY=[@ANYBLOB="371337cfa3139f00000000ff78856d451224038c293def2129b762617306025dc3ab02fefdc8c81e99c9432b4d763185f3798ea45a000000807a2997604e26d27d4fbe5367b47a6abe08e052100b78407f797ddf1677b6ca78623a60e86aa735eafc950014d31476d3c19ab92ba9bf1e12da13b50d629cacccc89b1000"/134])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYRESHEX, @ANYRESHEX=r0, @ANYRESOCT=r1, @ANYRESOCT=r0, @ANYRES16=r0, @ANYRESDEC=r0, @ANYRESOCT], 0x54df1abb4fd15e78)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYRESDEC=r0], 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

10:33:00 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_MCAST_LEAVE_GROUP(r0, 0x0, 0x4, &(0x7f0000000040)={0x0, {{0x2, 0x0, @multicast1}}}, 0x88)

[  115.475479] Bluetooth: Unexpected continuation frame (len 12)
10:33:00 executing program 5:
syz_emit_vhci(&(0x7f00000007c0)=ANY=[@ANYBLOB="040e040912204007a36a2f74a5a8cb4afef2541ebc5b4200603f6908884684145fbd04179fea9e02835ae6306d911a55dfa1dbc8db9a0f444809345a122b8a3de6f188f757ba6369aed8283cf9ab156f6ed154d0ca1a833b5207445923c222d41dea8a94f2eee34296ba87169462cd5c15f1ef1c005461ded632e874ea764801a332f303a370972a8acf4f040d1a9fc9e2bfd890164047f3166d95c214f4a6bcf1f444500b3903abd9a1b23728b4a0d1512ce0535dd92e21e8146095d6ed3274236ab362dd45105a144ead1d82b3030d741d131ee47f511a0000529c1416df442d8ec75f67619ea9fa1662fe94cfc1ff563636a1a8"], 0x7)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_move_chan_rsp={{0xf, 0x3, 0x4}, {0x4, 0x9}}]}}, 0x11)
syz_emit_vhci(&(0x7f0000000100)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x4, 0x0, 0x41c}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000180), 0x103180, 0x0)
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="03c800a23b9d1d50823db5e2e45988439ba596412882a4a358c2aadd49ebbc0ac108037fd8d8a2ce0e22630aca0a5a00a708b5785800dc05cbd28b2f73d04ea40222b037b3f53c82bee4a2c5a30c7afbe4259ace371f82e3a651cf064f90a3b1d64cee29c1e1c666def7bc6ee3c62ffbbfa31f6b97f5ea0a3dd6597d746320e598031b2cceddb4adc829a1ee1c1119d4eb41939be2f9c119b1c38aef5742e35b2b5de861e4da"], 0xa6)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="03c900009e14e837273701de118d8aad382a2ee9f865767a450b0ce0497a1c7e0977a673802bf56b874c3aea0b1fe4876f06be57ef79f965a7f1cd1fe1bf9d46e29255c8a58c47488ca00c00eba31c89ba1c40cc01a08ed8d37aee0b442f5785ab6dc4342378839eccb5677f44a43dbfcc9bb9375ab873a1cd04b29c15780d1823f686e4bdb209c750cade7ba758bd4f6520c2fd1f9d427d54142daacb9c16270cfa6d8599d58c72f2a4629f75fb238c3929215cca5d888643088fe02670d8c07a5a06e7e8d1ee8ff9a20b5da148f7d6737e0a5d0583471a33fbd62a4e3f0a01c8a65466d810ef3d82a57e4c196a2ea8f477fb59036f1e1616cfaa68735835dfdd644f144f4d78da2edb3a32707d1816baa4c603a978c9446174a83b460b157556bfb4dd1204f0aead"], 0x54)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_num_comp_blocks={{0x48, 0xf}, {0x8, 0x2, [{0xc8, 0x8001, 0x2}, {0xc8, 0x3, 0x3f}]}}}, 0x12)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
faccessat2(r0, &(0x7f0000000040)='./file0\x00', 0x120, 0xa00)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f0000000700)=ANY=[@ANYBLOB="371337cfa3139f00000000ff78856d451224038c293def2129b762617306025dc3ab02fefdc8c81e99c9432b4d763185f3798ea45a000000807a2997604e26d27d4fbe5367b47a6abe08e052100b78407f797ddf1677b6ca78623a60e86aa735eafc950014d31476d3c19ab92ba9bf1e12da13b50d629cacccc89b1000"/134])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYRESHEX, @ANYRESHEX=r0, @ANYRESOCT=r1, @ANYRESOCT=r0, @ANYRES16=r0, @ANYRESDEC=r0, @ANYRESOCT], 0x54df1abb4fd15e78)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYRESDEC=r0], 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

10:33:00 executing program 1:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
madvise(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xb)

10:33:00 executing program 7:
syz_emit_vhci(&(0x7f00000007c0)=ANY=[@ANYBLOB="040e040912204007a36a2f74a5a8cb4afef2541ebc5b4200603f6908884684145fbd04179fea9e02835ae6306d911a55dfa1dbc8db9a0f444809345a122b8a3de6f188f757ba6369aed8283cf9ab156f6ed154d0ca1a833b5207445923c222d41dea8a94f2eee34296ba87169462cd5c15f1ef1c005461ded632e874ea764801a332f303a370972a8acf4f040d1a9fc9e2bfd890164047f3166d95c214f4a6bcf1f444500b3903abd9a1b23728b4a0d1512ce0535dd92e21e8146095d6ed3274236ab362dd45105a144ead1d82b3030d741d131ee47f511a0000529c1416df442d8ec75f67619ea9fa1662fe94cfc1ff563636a1a8"], 0x7)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_move_chan_rsp={{0xf, 0x3, 0x4}, {0x4, 0x9}}]}}, 0x11)
syz_emit_vhci(&(0x7f0000000100)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x4, 0x0, 0x41c}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000180), 0x103180, 0x0)
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="03c800a23b9d1d50823db5e2e45988439ba596412882a4a358c2aadd49ebbc0ac108037fd8d8a2ce0e22630aca0a5a00a708b5785800dc05cbd28b2f73d04ea40222b037b3f53c82bee4a2c5a30c7afbe4259ace371f82e3a651cf064f90a3b1d64cee29c1e1c666def7bc6ee3c62ffbbfa31f6b97f5ea0a3dd6597d746320e598031b2cceddb4adc829a1ee1c1119d4eb41939be2f9c119b1c38aef5742e35b2b5de861e4da"], 0xa6)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="03c900009e14e837273701de118d8aad382a2ee9f865767a450b0ce0497a1c7e0977a673802bf56b874c3aea0b1fe4876f06be57ef79f965a7f1cd1fe1bf9d46e29255c8a58c47488ca00c00eba31c89ba1c40cc01a08ed8d37aee0b442f5785ab6dc4342378839eccb5677f44a43dbfcc9bb9375ab873a1cd04b29c15780d1823f686e4bdb209c750cade7ba758bd4f6520c2fd1f9d427d54142daacb9c16270cfa6d8599d58c72f2a4629f75fb238c3929215cca5d888643088fe02670d8c07a5a06e7e8d1ee8ff9a20b5da148f7d6737e0a5d0583471a33fbd62a4e3f0a01c8a65466d810ef3d82a57e4c196a2ea8f477fb59036f1e1616cfaa68735835dfdd644f144f4d78da2edb3a32707d1816baa4c603a978c9446174a83b460b157556bfb4dd1204f0aead"], 0x54)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_num_comp_blocks={{0x48, 0xf}, {0x8, 0x2, [{0xc8, 0x8001, 0x2}, {0xc8, 0x3, 0x3f}]}}}, 0x12)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
faccessat2(r0, &(0x7f0000000040)='./file0\x00', 0x120, 0xa00)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f0000000700)=ANY=[@ANYBLOB="371337cfa3139f00000000ff78856d451224038c293def2129b762617306025dc3ab02fefdc8c81e99c9432b4d763185f3798ea45a000000807a2997604e26d27d4fbe5367b47a6abe08e052100b78407f797ddf1677b6ca78623a60e86aa735eafc950014d31476d3c19ab92ba9bf1e12da13b50d629cacccc89b1000"/134])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYRESHEX, @ANYRESHEX=r0, @ANYRESOCT=r1, @ANYRESOCT=r0, @ANYRES16=r0, @ANYRESDEC=r0, @ANYRESOCT], 0x54df1abb4fd15e78)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYRESDEC=r0], 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

10:33:00 executing program 6:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, 0x0)

10:33:00 executing program 3:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000001000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000000)="1d", 0x1}], 0x1}, 0x40011)
sendmsg(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000001040)="ff", 0x1}], 0x1}, 0x0)
recvmmsg(r1, &(0x7f0000000c80)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc10e, 0x0)

10:33:00 executing program 4:
ioperm(0x0, 0x0, 0x0)
r0 = creat(&(0x7f0000000000)='./file1\x00', 0x0)
syncfs(r0)

10:33:00 executing program 2:
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)="d9543038a1b282d50a0127a3fe787904192e365d99dfc335cf588132eba1a51d12f95180d319ee1e7666ca07423b043d77f268a4db33451cf00ae47cb045f9bc4e0385ab32e07ac5000000000000000032", 0x51)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'})
ioctl$TUNSETVNETHDRSZ(r0, 0x800454d7, 0x0)

10:33:00 executing program 0:
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
ioctl$EXT4_IOC_GETSTATE(r0, 0xc0185879, &(0x7f0000002a00))

[  115.603843] Bluetooth: Unexpected continuation frame (len 12)
[  115.607382] Bluetooth: Unexpected continuation frame (len 12)
[  115.615107] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
10:33:00 executing program 5:
syz_emit_vhci(&(0x7f00000007c0)=ANY=[@ANYBLOB="040e040912204007a36a2f74a5a8cb4afef2541ebc5b4200603f6908884684145fbd04179fea9e02835ae6306d911a55dfa1dbc8db9a0f444809345a122b8a3de6f188f757ba6369aed8283cf9ab156f6ed154d0ca1a833b5207445923c222d41dea8a94f2eee34296ba87169462cd5c15f1ef1c005461ded632e874ea764801a332f303a370972a8acf4f040d1a9fc9e2bfd890164047f3166d95c214f4a6bcf1f444500b3903abd9a1b23728b4a0d1512ce0535dd92e21e8146095d6ed3274236ab362dd45105a144ead1d82b3030d741d131ee47f511a0000529c1416df442d8ec75f67619ea9fa1662fe94cfc1ff563636a1a8"], 0x7)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_move_chan_rsp={{0xf, 0x3, 0x4}, {0x4, 0x9}}]}}, 0x11)
syz_emit_vhci(&(0x7f0000000100)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x4, 0x0, 0x41c}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000180), 0x103180, 0x0)
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="03c800a23b9d1d50823db5e2e45988439ba596412882a4a358c2aadd49ebbc0ac108037fd8d8a2ce0e22630aca0a5a00a708b5785800dc05cbd28b2f73d04ea40222b037b3f53c82bee4a2c5a30c7afbe4259ace371f82e3a651cf064f90a3b1d64cee29c1e1c666def7bc6ee3c62ffbbfa31f6b97f5ea0a3dd6597d746320e598031b2cceddb4adc829a1ee1c1119d4eb41939be2f9c119b1c38aef5742e35b2b5de861e4da"], 0xa6)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="03c900009e14e837273701de118d8aad382a2ee9f865767a450b0ce0497a1c7e0977a673802bf56b874c3aea0b1fe4876f06be57ef79f965a7f1cd1fe1bf9d46e29255c8a58c47488ca00c00eba31c89ba1c40cc01a08ed8d37aee0b442f5785ab6dc4342378839eccb5677f44a43dbfcc9bb9375ab873a1cd04b29c15780d1823f686e4bdb209c750cade7ba758bd4f6520c2fd1f9d427d54142daacb9c16270cfa6d8599d58c72f2a4629f75fb238c3929215cca5d888643088fe02670d8c07a5a06e7e8d1ee8ff9a20b5da148f7d6737e0a5d0583471a33fbd62a4e3f0a01c8a65466d810ef3d82a57e4c196a2ea8f477fb59036f1e1616cfaa68735835dfdd644f144f4d78da2edb3a32707d1816baa4c603a978c9446174a83b460b157556bfb4dd1204f0aead"], 0x54)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_num_comp_blocks={{0x48, 0xf}, {0x8, 0x2, [{0xc8, 0x8001, 0x2}, {0xc8, 0x3, 0x3f}]}}}, 0x12)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
faccessat2(r0, &(0x7f0000000040)='./file0\x00', 0x120, 0xa00)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f0000000700)=ANY=[@ANYBLOB="371337cfa3139f00000000ff78856d451224038c293def2129b762617306025dc3ab02fefdc8c81e99c9432b4d763185f3798ea45a000000807a2997604e26d27d4fbe5367b47a6abe08e052100b78407f797ddf1677b6ca78623a60e86aa735eafc950014d31476d3c19ab92ba9bf1e12da13b50d629cacccc89b1000"/134])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYRESHEX, @ANYRESHEX=r0, @ANYRESOCT=r1, @ANYRESOCT=r0, @ANYRES16=r0, @ANYRESDEC=r0, @ANYRESOCT], 0x54df1abb4fd15e78)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYRESDEC=r0], 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

10:33:00 executing program 4:
ioperm(0x0, 0x0, 0x0)
r0 = creat(&(0x7f0000000000)='./file1\x00', 0x0)
syncfs(r0)

10:33:00 executing program 0:
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
ioctl$EXT4_IOC_GETSTATE(r0, 0xc0185879, &(0x7f0000002a00))

10:33:00 executing program 1:
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
madvise(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xb)

10:33:00 executing program 2:
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)="d9543038a1b282d50a0127a3fe787904192e365d99dfc335cf588132eba1a51d12f95180d319ee1e7666ca07423b043d77f268a4db33451cf00ae47cb045f9bc4e0385ab32e07ac5000000000000000032", 0x51)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'})
ioctl$TUNSETVNETHDRSZ(r0, 0x800454d7, 0x0)

10:33:00 executing program 7:
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)="d9543038a1b282d50a0127a3fe787904192e365d99dfc335cf588132eba1a51d12f95180d319ee1e7666ca07423b043d77f268a4db33451cf00ae47cb045f9bc4e0385ab32e07ac5000000000000000032", 0x51)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'vcan0\x00'})
ioctl$TUNSETVNETHDRSZ(r0, 0x800454d7, 0x0)

10:33:00 executing program 3:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000001000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000000)="1d", 0x1}], 0x1}, 0x40011)
sendmsg(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000001040)="ff", 0x1}], 0x1}, 0x0)
recvmmsg(r1, &(0x7f0000000c80)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc10e, 0x0)

10:33:00 executing program 6:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0xc0182101, &(0x7f0000000100)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0x57676fd663354bee})

[  115.889937] Bluetooth: Unexpected continuation frame (len 12)
10:33:00 executing program 3:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000001000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000000)="1d", 0x1}], 0x1}, 0x40011)
sendmsg(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000001040)="ff", 0x1}], 0x1}, 0x0)
recvmmsg(r1, &(0x7f0000000c80)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc10e, 0x0)

10:33:00 executing program 0:
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
ioctl$EXT4_IOC_GETSTATE(r0, 0xc0185879, &(0x7f0000002a00))

10:33:00 executing program 6:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0xc0182101, &(0x7f0000000100)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0x57676fd663354bee})

10:33:00 executing program 1:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000180)={0x1f, 0x0, @fixed, 0x0, 0x2}, 0xe)
r1 = dup(r0)
setsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0xf, &(0x7f0000001080)=0x4, 0x4)
listen(r0, 0x0)

[  119.611975] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  119.613670] Bluetooth: hci1: Injecting HCI hardware error event
[  119.615591] Bluetooth: hci1: hardware error 0x00
[  119.931958] Bluetooth: hci6: Controller not accepting commands anymore: ncmd = 0
[  119.933729] Bluetooth: hci6: Injecting HCI hardware error event
[  119.935125] Bluetooth: hci6: hardware error 0x00
[  121.659557] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  121.979495] Bluetooth: hci6: Opcode 0x0c03 failed: -110
[  126.059478] unregister_netdevice: waiting for vcan0 to become free. Usage count = -7
[  126.219486] unregister_netdevice: waiting for vcan0 to become free. Usage count = -4
[  126.635554] unregister_netdevice: waiting for lo to become free. Usage count = -4

VM DIAGNOSIS:
10:33:10  Registers:
info registers vcpu 0
RAX=0000000000000000 RBX=ffff8880186d77f8 RCX=ffffffff8688e60c RDX=1ffff110030daeff
RSI=ffff8880186d7cb0 RDI=ffff8880186d77f8 RBP=ffff8880186d7cb0 RSP=ffff8880186d7750
R8 =0000000000000001 R9 =ffff8880186d7838 R10=000000000003bea3 R11=0000000000023460
R12=0000000000000008 R13=ffff8880186d7840 R14=ffff8880186d7cb0 R15=ffff8880186d77f8
RIP=ffffffff8135819a RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f29556ae700 00000000 00000000
GS =0000 ffff8880e55d8000 00000000 00000000
LDT=0000 fffffe6d00000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fb026ed0e40 CR3=000000000dffe000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=00000000000000000000000000000000 XMM03=00000000000000100000000000000000
XMM04=00007f29556ad10000007f29556ad140 XMM05=0000000000000000f9888cd46ee35400
XMM06=00007f29556ad1400000000000000000 XMM07=00000000000000000000000000000000
XMM08=2e726f7475636578652d7a7973223d6d XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000050 RBX=ffff888009a48000 RCX=ffffffff8254af86 RDX=00000000000101f7
RSI=ffffffff8254af94 RDI=0000000000000007 RBP=00000000000003e7 RSP=ffff888016bff7a8
R8 =0000000000000001 R9 =0000000000006d2c R10=00000000000101f7 R11=0000000000000001
R12=00000000000101f7 R13=ffffed1001349001 R14=ffffffff860d0a00 R15=dffffc0000000000
RIP=ffffffff8254af98 RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e56d8000 00000000 00000000
LDT=0000 fffffe5300000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000562607a8b6bc CR3=000000000b7a9000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=ff000000000000000000000000000000
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=ffbd4ebe4c2ff636000000000014c5f0 XMM05=d3fdd5f48436fbd700000000000aead0
XMM06=4407ba3099fc430300000000000ae988 XMM07=a1fcdcf819d7e1e500000000000ae728
XMM08=44495f474f4c5359530069253d595449 XMM09=00000000000000000000000000000000
XMM10=00200000000000000020000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000