program:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0100000003000012fa54a889d575e6116beec860be040001000500000017000000b82c8542146dfd9a26b06ad49e671845da348ec8f4a39148aee62efd6685edd0be6ff71aa3b47009a969f3d27fce37146beb29eb84f64914a5de15a8539fbfd52e6617e260849ba564421dc93bf08f19d0accc36d734c85c4795b0f9b7e35489ebe8b35cf2255b76f3d18c945fc971ad53346463925ed9b66e9f3dcf9c590b91f6cd829d707825695506e110a26130ea1eb4f905e35f057c8e138cf3927a48581fb88bd851d13d0924ea25a9148939ba3e9b205bf2a339cad14912d3b74ef4d7d0ff1012adfc6df9eefccfe1c4e922c003dd9ba5edc951935216d55439103a152263c875cbac306032b1ada61411c43f0000000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x7, 0x32, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r3 = syz_mount_image$iso9660(&(0x7f0000000940), &(0x7f0000000980)='./file0\x00', 0x800, &(0x7f0000000200)=ANY=[@ANYBLOB='block=0x0000000000000000,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c636865636b3d72656c617865642c756e686964040000007566742c63727566742c6d6f64653d3078303030303030303030303030303030352c686964652c63727566742c00"], 0x1, 0x954, &(0x7f0000001340)="$eJzs3U9vHGcdB/DvODY1btWmbShRlDablLRua5y1TVOsXnDstbPFf5DtSI04kNK4KIpFUQtSWyERJMSJCg6IA9x6REKq1EsrIZR3wI0Dl76FilNuRjNrO47r9Sau7Q3h87HGM7Pzm+f5zc7uPJrZ3XnC/7K1tbVq2OP8pb8eZrLcfy5Mff7Rxx+Ww69v5Gs5kpeLT5P+JLWkN8nxpG9yanFhrkNB15MrSW4mRZKH0hrfoafNqldS/D6P3J6/meIvZb0cvDX+r3X79QcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPejYnKqXh8pMtucv/R6rb2qC/Bdlm+U91nV63fxWcd6k6Ic0t+/0dX38WO3Fz9V/juTk625k1WH5OnPBw8/dfTVJ3t7NtbfJaFD8e77H1x/Y3V15Z1uJ9IlM4355tJCc25iplFrLi3Uxs+fr5+7OL1Um27ONpYuLy035mqTi42J5YXF2uDkC7WR8fGxWmP48sKl+ZmpidnGxoOvfHu0Xj9fe234B42JxaWF+XOvDS9NXmzOzjbnZ6qYcnEZ80r5Qvx+c7m23JiYq9Xeura6MtYpyTJo5G6CRjsFjdZHR0dGRkdHzr88/vIr9Xrvlx6ob5MvRXT/RUt37fsxHPaqZ739z2yamc+lvJ7ajn+TmcpiFjLXZnmlf7P9P3uusWu9W9v/jVb++O3FJ/75t7+f3Jx7pl373yaXr/bXl81y+zrV8G7ezwe5njeymtWs5J0Dyej+/ZtJI/NpZikLaWYuE9UjtfVHahnP+ZxPPT/KxUxnKbVMp5nZNLKUy1nKchrVK2oyi2lkIstZyGJqGcxkXkgtIxnPeMZSSyPDuZyFXMp8ZjKViaqUt3Ktet7HdslxM2jkboJGdwnS/vPVHcRhHPZkbaP9BwAAAB5YRXX1vTz/78vT1dR0c7ZR73ZaAAAAwD6qPvk/WY76yqmnUzj/BwAAgAdNkWfWrwIM5FRrauOXUC4CAAAAwAOi+vz/mXI0UE6dSnFP5/99B54gAAAA8JV1vsd+x4hiaOP2v7WrrfHV9Yj1+/wOTDdnG8OTC7OvjuS56i4D1S8Ndiytr/r5wYs53Yo6PdAaD9xZYn8ZNTL86khezJn1DXmsGj07uEPkaCvy+Vbk84PPto0cKyMB4EF3pkN7vL39L4O2t/8vZqgVMXSibEzTe2KHlrWuZQWA+8WZ6vv/u/Wx0zGi+E6H8/8nNr9SMJw383ZWczVD1a8Nqm8c7FjqwJavIQx1uBowsKWHl6HN6wE7n+UPbOnoZajDFYEqdm1t7VcZO4Q9AQCH50yHdvhu2v+hDuf/A35SCAD3lc0e7DtNDKRzTJuJbm8jAHAnrTQAAAAAAAAAAAAAAAAAAAAAAAAAAADsvz3e0t+ECRMP9ES3j0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAchiI5stPjPclDSepJzh1+VgfnRrcT6LLiVm7lvTza7TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB406/f/70lr/HDrofT2JGeTXEnyw27nuJ9udTuBLtty//9yn2etSG9rt6fom5xaXJgrd3/V90PP5x99/GE57KWesoCyhjs6l1ivYXtKtycfr9YamFp59/rP3/5ZbepCleSF5enZqbmZxe/dDnyq+CSppTVs2Mj3l2f/8YcdtvyTckt3tr3e6areqS/X+82d1t693t1cW10ZLWtabry+/IufXntvy6Incjp5djAZvLOmn5RDm5pOp2+32oovit8Wj+ZPuVLt//LZKNaKchc9Vm1/ufLK8Jtvr15tk9PRnEpyNem/+5xObd2/d3q4Vetb11ZX6lVQ+e9Yh/J2taXEkTbb8Hj1khm4p22otd+GSofnfT2jsTYZPZnn7nlPP9ehxh0VXxT/Li7mX/nNlv4/esr9fzZt353biqgie75ebk/1Smkb2dOKrLZ8dNcy274rOQC/y4/z3c3937Pl+L++rw7neLSlxkN6X1Qt0rFtLdL60afdOut5HmtFtcnzG3kp6T1xT0eUlzocUQ7q/f/nYjD/yQ39/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPe/IjnSZtHZJEeTPFbO1JK1/aivZ6DYj2L27EZXa+++4lZu5b082u08AAAAAAAAANgfF6Y+/+jjD8uh+jz+SL5VfJr0tz7p701ytPhj3+TU4sJch4L6kitJbu4hh3K9PHJ7/mY5d3wPBQEAd+W/AQAA//8YMGkh")
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x8ef, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
r5 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
ioctl$sock_bt_bnep_BNEPCONNADD(r5, 0x400442c8, &(0x7f00000001c0)={r4, 0x1, 0x2})
ioctl$sock_bt_bnep_BNEPGETCONNLIST(r5, 0x800442d2, &(0x7f0000000180)={0x1, &(0x7f0000000100)=[{0x0, 0x0, 0x0, @remote}]})
getdents(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x35)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x8, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="5aec6a2bcd5771a6580e0000000000000000b70300000000000085000000eef5734def45fb38240c000000b700000062d80d23c104692b000000009500000000000000"], &(0x7f0000000300)='GPL\x00', 0x9}, 0x94)
ioctl$SIOCGETMIFCNT_IN6(0xffffffffffffffff, 0x89e0, &(0x7f0000000d00)={0xf})
setsockopt$packet_int(r1, 0x107, 0x7, 0x0, 0x0)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r7, 0x400448ca, 0x0)
bind$bt_hci(r7, &(0x7f0000000040)={0x1f, 0x0, 0x4}, 0x6)
r8 = fspick(r3, &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1)
fsmount(r8, 0x0, 0x85)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="02c8000a00060001000b09"], 0xf)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x2, 0xb}, @l2cap_cid_signaling={{0x7}, [@l2cap_move_chan_req={{0xe, 0x0, 0x3}, {0x4, 0xa6}}]}}, 0x10)
r9 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$RTC_AIE_OFF(r9, 0x7002)
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f0000000f80)=ANY=[@ANYRES32, @ANYRESOCT=r6, @ANYRES64, @ANYRES32=r2, @ANYRESHEX=r0, @ANYBLOB="dcbad75874838ee9d635d231d8ada4fbce283fc108eb1674c447c2cacd7712c7124967176232231e047bcd3750482cbe917dcb65eb8367e7bb4952aea27a49b689a096991e45e3d935deb6e18d4d78227f2011d3c930", @ANYRES8], 0xff, 0x6e5, &(0x7f0000001600)="$eJzs3c9vHGcZB/DvrNeON1TBaZM2QkVYiVSQIhInVgrhgkEI5VChqhx6thKnsbpJqsRFaYUgBQQnJA79AwqSbxwQEvegcOFSbr36WAmJS8QhqpAWzezsetdex3Zirx34fKLxvO+877zzzDO/vOusNsD/rStn03yQIlfOvnGvrK+tzrfXVueP1M3tJGW5kTS7sxS3kuJhslC2FwNTBuabfLx8+a3PHq193q0166nqP9Ffb3pHIY/Yxv16ymw93uzINSd3NH53rCq8vJDkaj0fNrXTsYY6lkk7U8/hwHU2ub+b1be83oHDr/d0KrrPzU1mkqP1k7n6naC+OzTGF+H+2NVdDgAAAJ5Tn94+6AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg+VN//39RT416ntkUve//n+otq8uH0MKOez7Y1zgAAAAAAAAAYDy+9jiPcy/HevVOUf3N/3RVOZEvOsmX8n7uZil3ci73spiVrOROLiSZGRho6t7iysqdC/01S6PXvDhyzYvj2mMAAAAAAAAA+J/0i7TW//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACHQZFMdGfVdKKeZyaNZtbbcj/5R5Kpg453F4pRCx+MPw4AAAB4JtNPsc6XH+dx7uVYr94pqtf8L1evl6fzfm5lJctZSTtLuVa/hi5f9TfWVufba6vzN8uprA+P+71/7SqMqXqEiao2asunqh6tXM9yteRcrhbJfzqdTqO77TPJqV48A3EN+KiMqfhubYeRNeu0lnv+u63eRdgTw29FNJ7Qs7UeXNLPyFwdW7nm8W4GiuqNmmRjJrY9Os2h2kw16mR/SxfS6L/zc2Ifcn60npf78+t9zflu9TPRSJWJi2n0j9TLT85E8vW//PHtG+1b7964fvfs4dmlbUxssXzjOTE/kIlXnutMNHfZf67KxMl+/Up+mB/nbGbzZu5kOT/JYlaylE7dvlifz+XPmSdnamGo9uZ2kUzVx6V7zHYS02x+UJUWc7pa91iWU+R2rmUpr1f/LuZCvpVLuZTLA0f45JZxV/tWXfWNjVd970j/dWTwZ75RF8q722/W73ILT9rjrc7OvdK995d5PT6Q1+5Z/6jf6/jAdTA3kKUXe9mZHDn409wbm1+pC+U2frnNc2K8ZupMlBdQ7ynRi+6lbiaa1bNo83n++065Xtq3Op0bi+9tMf79DfXX6nl5Wq1+dbvePaMPxd4qz5cXM13fSYbPjrLtpf5dZqCts34ud9uGn7jleiertqLoXak/yu3qBNh8pU7Vv8N1R5oYGOli1fbKyK3MV22nBtqGft/K7bRzbQz5A+Bp/P3tfnEmR6da/2x92vqk9avWjdYb098/8u0jr05l8m+T32nOTbzWeLX4cz7Jz9Zf/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE/v7gcfvrvYbi/dGV1obN20uND74pp2e6mVjX02jlw0U/U5MnrAov5Cn23iOZSFNDc3TZd5GVwy2U3UmCNsbQxjU6Hz82TsGet9ieDoPr8tC81NZ9SowsLQkj9tHvCjXUZY7Oy62MdCI+PdaHkVj2o6oBsSMDbnV26+d/7uBx9+c/nm4jtL7yzdmrx06fLc5Uuvz5+/vtxemuv+POgogf2w/tA/6EgAAAAAAAAAAACAnRr1wYDTL2z3oZEdfcbD/ywEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9sSVs2k+SJELc+fmyvra6ny7nHrl9Z7NJI1GUvw0KR4mC+lOmRkYrsgfHqYzYjsfL19+67NHa5+vj9Xs9k8a9XxrT25Ncr+eMptkop4/g6Hxrj7zeMW/e/tQJuyLTqez8Gzxwd74bwAAAP//uNjyEw==")
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x0, &(0x7f0000000240), 0x21, 0x4aa, &(0x7f0000001140)="$eJzs3c9PXFsdAPDvvUChlBaqXahRW2u1mqYzMG1J01V1oTFNE2PjykWLMCWEGYYwgxbsgv4PJjZxpX+CCxMXJl25d6e7t+lbNOl7r3kv5SVvMS/3zvCjlAHeK2US5vNJTu499wzzPYfJPWf4AnMC6FkXImItIk5ExIOIGG1fT9olbrdK9rjXrx5Pr796PJ1Es3nv4yRvz67Ftq/JnGo/51BE/OaXEb9P3o5bX1mdn6pUykvterFRXSzWV1avzlWnZsv9sVAqTU5Mjt+8dqN0aGM9X/3Hy1/M3fntv//1vef/Xfvpn7JujbTbto/jMLWGPrAZJ9MfEXfeR7Au6GuP50S3O8LXkkbENyLiYn7/j0Zf/moCAMdZszkazdHtdQDguEvzHFiSFtq5gJFI00KhlcM7F8NppVZvXHlYW16YaeXKxmIgfThXKY+3c4VjMZBk9Yn8fKte2lG/FhFnI+LPgyfzemG6Vpnp5hsfAOhhp3as/58NttZ/AOCYG+p2BwCAI2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvLru3ez0lxvf/71zB9WlucHI6Jcny9Ul6cL07WlxcJsrTabf2ZPdb/nq9RqixPXY/lRsVGuN4r1ldX71dryQuN+/rne98sDRzIqAGAvZ88/+38SEWu3TuYltu3lYK2G4y3tdgeArunrdgeArrHbF/QuP+MDu2zR+4aOfyL09PD7AhyNy9+W/4deJf8PvUv+H3qX/D/0rmYzsec/APQYOX7A7/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgqxvJS5IW2nuBj0SaFgoRpyNiLAaSh3OV8nhEnImI/w0ODGb1iW53GgB4R+mLpL3/1+XRSyM7W08knw/mx4j441/v/eXRVKOxNJFd/2TzeuNp+3qpG/0HAPazsU5vrOMbXr96PL1RjrI/L3/W2lw0i7veLq2W/ujPj0MxEBHDnybtekv2fqXvEOKvPYmIb+02/iTPjYy1dz7dGT+LffpI46dvxE/zttYx+1588xD6Ar3mWTb/3N7t/kvjQn7c/f4fymeod7cx/62/Nf+lm/NfX4f578JBY1z/z686tj2J+E7/VvwXP9+afzbiJx3iXzpg/A+++/2Lndqaf4u4HLuNP3kjVrFRXSzWV1avzlWnZsuz5YVSaXJicvzmtRulYp6jLm5kqt/20a0rZ/Ya/3CH+EP7jP9HBxz/37948Lsf7BH/Jz/c/fU/t0f8bE388QHjTw3/s+P23Vn8mQ7j3+/1v3LA+M8/XJ054EMBgCNQX1mdn6pUyktOnDhxsnnS7ZkJeN+2bvpu9wQAAAAAAAAAAAAAAOjkKP6dqNtjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Pj6MgAA//8Z7dZO")
syz_emit_vhci(&(0x7f0000001100)=ANY=[@ANYBLOB="040e04001120"], 0x7)
syz_emit_ethernet(0x6f, &(0x7f0000000540)={@empty, @local, @void, {@generic={0x806, "b77dd8daa1c483e60f069af17f85d9cacaa11bde587915535da8cd629eb7ef7316a7385681bc682a96131f59ab5f98830230dd0eec61e91fd0bd72621a31c35b7ced10b5772b8beae80276aa95d07ee3acfca440efba3a1c23bb0718a302599298"}}}, &(0x7f0000000780)={0x5, 0x2, [0x5bc, 0x19a, 0xbde, 0x4c9]})
bind$bt_hci(r7, &(0x7f0000000140)={0x1f, 0x3, 0x1}, 0x6)

[  102.982381][ T5290] Bluetooth: hci0: command tx timeout
[  103.116035][ T5330] loop0: detected capacity change from 0 to 1764
[  103.296178][ T5330] ==================================================================
[  103.299546][ T5330] BUG: KASAN: slab-use-after-free in strnlen+0x66/0x90
[  103.302609][ T5330] Read of size 1 at addr ffff8880126e8120 by task syz.0.0/5330
[  103.305957][ T5330] 
[  103.307081][ T5330] CPU: 0 UID: 0 PID: 5330 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[  103.307096][ T5330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  103.307104][ T5330] Call Trace:
[  103.307111][ T5330]  <TASK>
[  103.307117][ T5330]  dump_stack_lvl+0xe8/0x150
[  103.307136][ T5330]  print_address_description+0x55/0x1e0
[  103.307149][ T5330]  ? strnlen+0x66/0x90
[  103.307161][ T5330]  print_report+0x58/0x70
[  103.307171][ T5330]  kasan_report+0x117/0x150
[  103.307189][ T5330]  ? strnlen+0x66/0x90
[  103.307200][ T5330]  strnlen+0x66/0x90
[  103.307211][ T5330]  bnep_add_connection+0x90c/0xca0
[  103.307227][ T5330]  ? __pfx_bnep_add_connection+0x10/0x10
[  103.307237][ T5330]  ? __fget_files+0x3a0/0x420
[  103.307251][ T5330]  do_bnep_sock_ioctl+0x40b/0x650
[  103.307264][ T5330]  ? __pfx_do_bnep_sock_ioctl+0x10/0x10
[  103.307277][ T5330]  ? tomoyo_path_number_perm+0x219/0x630
[  103.307335][ T5330]  sock_do_ioctl+0x101/0x320
[  103.307354][ T5330]  ? __pfx_sock_do_ioctl+0x10/0x10
[  103.307369][ T5330]  ? do_futex+0x395/0x420
[  103.307385][ T5330]  sock_ioctl+0x5c6/0x7f0
[  103.307403][ T5330]  ? __pfx_sock_ioctl+0x10/0x10
[  103.307418][ T5330]  ? __fget_files+0x2a/0x420
[  103.307428][ T5330]  ? __fget_files+0x3a0/0x420
[  103.307439][ T5330]  ? __fget_files+0x2a/0x420
[  103.307450][ T5330]  ? bpf_lsm_file_ioctl+0x9/0x20
[  103.307465][ T5330]  ? __pfx_sock_ioctl+0x10/0x10
[  103.307479][ T5330]  __se_sys_ioctl+0xfc/0x170
[  103.307495][ T5330]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.307506][ T5330]  do_syscall_64+0x15f/0xf80
[  103.307522][ T5330]  ? trace_irq_disable+0x3b/0x140
[  103.307540][ T5330]  ? clear_bhb_loop+0x40/0x90
[  103.307553][ T5330]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.307566][ T5330] RIP: 0033:0x7f3074f9ce59
[  103.307577][ T5330] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  103.307587][ T5330] RSP: 002b:00007f3075f38fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  103.307601][ T5330] RAX: ffffffffffffffda RBX: 00007f3075215fa0 RCX: 00007f3074f9ce59
[  103.307610][ T5330] RDX: 00002000000001c0 RSI: 00000000400442c8 RDI: 0000000000000006
[  103.307618][ T5330] RBP: 00007f3075032d6f R08: 0000000000000000 R09: 0000000000000000
[  103.307625][ T5330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  103.307632][ T5330] R13: 00007f3075216038 R14: 00007f3075215fa0 R15: 00007fff1a9f2b28
[  103.307644][ T5330]  </TASK>
[  103.307648][ T5330] 
[  103.411204][ T5330] Allocated by task 5330:
[  103.413083][ T5330]  kasan_save_track+0x3e/0x80
[  103.415104][ T5330]  __kasan_kmalloc+0x93/0xb0
[  103.417176][ T5330]  __kvmalloc_node_noprof+0x528/0x8a0
[  103.419353][ T5330]  alloc_netdev_mqs+0xa8/0x1210
[  103.421293][ T5330]  bnep_add_connection+0x214/0xca0
[  103.423494][ T5330]  do_bnep_sock_ioctl+0x40b/0x650
[  103.425817][ T5330]  sock_do_ioctl+0x101/0x320
[  103.427963][ T5330]  sock_ioctl+0x5c6/0x7f0
[  103.429905][ T5330]  __se_sys_ioctl+0xfc/0x170
[  103.431980][ T5330]  do_syscall_64+0x15f/0xf80
[  103.433907][ T5330]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.436369][ T5330] 
[  103.437410][ T5330] Freed by task 5333:
[  103.439081][ T5330]  kasan_save_track+0x3e/0x80
[  103.440947][ T5330]  kasan_save_free_info+0x46/0x50
[  103.442972][ T5330]  __kasan_slab_free+0x5c/0x80
[  103.444965][ T5330]  kfree+0x1c5/0x640
[  103.446784][ T5330]  device_release+0xc4/0x1f0
[  103.449350][ T5330]  kobject_put+0x228/0x560
[  103.451388][ T5330]  bnep_session+0x2b45/0x2c50
[  103.453465][ T5330]  kthread+0x389/0x470
[  103.455273][ T5330]  ret_from_fork+0x514/0xb70
[  103.457503][ T5330]  ret_from_fork_asm+0x1a/0x30
[  103.459681][ T5330] 
[  103.460774][ T5330] The buggy address belongs to the object at ffff8880126e8000
[  103.460774][ T5330]  which belongs to the cache kmalloc-cg-4k of size 4096
[  103.466701][ T5330] The buggy address is located 288 bytes inside of
[  103.466701][ T5330]  freed 4096-byte region [ffff8880126e8000, ffff8880126e9000)
[  103.472586][ T5330] 
[  103.473691][ T5330] The buggy address belongs to the physical page:
[  103.476314][ T5330] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x126e8
[  103.480270][ T5330] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  103.483927][ T5330] memcg:ffff88801abd5001
[  103.485625][ T5330] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  103.488743][ T5330] page_type: f5(slab)
[  103.490452][ T5330] raw: 00fff00000000040 ffff88801ac58500 dead000000000100 dead000000000122
[  103.494186][ T5330] raw: 0000000000000000 0000000800040004 00000000f5000000 ffff88801abd5001
[  103.497907][ T5330] head: 00fff00000000040 ffff88801ac58500 dead000000000100 dead000000000122
[  103.501416][ T5330] head: 0000000000000000 0000000800040004 00000000f5000000 ffff88801abd5001
[  103.504967][ T5330] head: 00fff00000000003 fffffffffffffe01 00000000ffffffff 00000000ffffffff
[  103.508813][ T5330] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  103.512659][ T5330] page dumped because: kasan: bad access detected
[  103.515393][ T5330] page_owner tracks the page as allocated
[  103.517935][ T5330] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4709, tgid 4709 (udevd), ts 42519099965, free_ts 42499523170
[  103.529178][ T5330]  post_alloc_hook+0x231/0x280
[  103.532034][ T5330]  get_page_from_freelist+0x24ba/0x2540
[  103.535194][ T5330]  __alloc_frozen_pages_noprof+0x18d/0x380
[  103.538361][ T5330]  allocate_slab+0x77/0x660
[  103.540461][ T5330]  refill_objects+0x339/0x3d0
[  103.542422][ T5330]  __pcs_replace_empty_main+0x321/0x720
[  103.544957][ T5330]  __kvmalloc_node_noprof+0x657/0x8a0
[  103.547360][ T5330]  seq_read_iter+0x202/0xe10
[  103.549350][ T5330]  vfs_read+0x582/0xa70
[  103.551258][ T5330]  ksys_read+0x150/0x270
[  103.553218][ T5330]  do_syscall_64+0x15f/0xf80
[  103.555302][ T5330]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.557828][ T5330] page last free pid 4707 tgid 4707 stack trace:
[  103.560417][ T5330]  __free_frozen_pages+0xbc7/0xd30
[  103.562426][ T5330]  __slab_free+0x274/0x2c0
[  103.564243][ T5330]  qlist_free_all+0x99/0x100
[  103.566296][ T5330]  kasan_quarantine_reduce+0x148/0x160
[  103.568713][ T5330]  __kasan_slab_alloc+0x22/0x80
[  103.570870][ T5330]  __kvmalloc_node_noprof+0x4d7/0x8a0
[  103.573301][ T5330]  seq_read_iter+0x202/0xe10
[  103.575342][ T5330]  vfs_read+0x582/0xa70
[  103.577233][ T5330]  ksys_read+0x150/0x270
[  103.579314][ T5330]  do_syscall_64+0x15f/0xf80
[  103.581874][ T5330]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.585100][ T5330] 
[  103.586525][ T5330] Memory state around the buggy address:
[  103.589676][ T5330]  ffff8880126e8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  103.594129][ T5330]  ffff8880126e8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  103.597820][ T5330] >ffff8880126e8100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  103.601241][ T5330]                                ^
[  103.603461][ T5330]  ffff8880126e8180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  103.606764][ T5330]  ffff8880126e8200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  103.609979][ T5330] ==================================================================
[  103.716020][ T5334] loop0: detected capacity change from 0 to 1024
[  103.735003][ T5334] hfsplus: Unknown parameter 'ÿÿÿÿ01777777777777777777777ÿÿÿÿÿÿÿÿ'
[  103.786966][ T5330] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  103.790002][ T5330] CPU: 0 UID: 0 PID: 5330 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[  103.793707][ T5330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  103.798092][ T5330] Call Trace:
[  103.799598][ T5330]  <TASK>
[  103.800963][ T5330]  vpanic+0x56c/0xa60
[  103.802668][ T5330]  ? __pfx_vpanic+0x10/0x10
[  103.804615][ T5330]  ? __pfx___schedule+0x10/0x10
[  103.806783][ T5330]  panic+0xc5/0xd0
[  103.808327][ T5330]  ? __pfx_panic+0x10/0x10
[  103.810141][ T5330]  ? preempt_schedule_common+0x82/0xd0
[  103.812395][ T5330]  ? strnlen+0x66/0x90
[  103.813987][ T5330]  check_panic_on_warn+0x89/0xb0
[  103.816138][ T5330]  ? strnlen+0x66/0x90
[  103.817880][ T5330]  end_report+0x73/0x170
[  103.819709][ T5330]  ? strnlen+0x66/0x90
[  103.821480][ T5330]  kasan_report+0x128/0x150
[  103.823448][ T5330]  ? strnlen+0x66/0x90
[  103.825203][ T5330]  strnlen+0x66/0x90
[  103.826834][ T5330]  bnep_add_connection+0x90c/0xca0
[  103.828893][ T5330]  ? __pfx_bnep_add_connection+0x10/0x10
[  103.831209][ T5330]  ? __fget_files+0x3a0/0x420
[  103.833249][ T5330]  do_bnep_sock_ioctl+0x40b/0x650
[  103.835313][ T5330]  ? __pfx_do_bnep_sock_ioctl+0x10/0x10
[  103.837703][ T5330]  ? tomoyo_path_number_perm+0x219/0x630
[  103.840037][ T5330]  sock_do_ioctl+0x101/0x320
[  103.841944][ T5330]  ? __pfx_sock_do_ioctl+0x10/0x10
[  103.844143][ T5330]  ? do_futex+0x395/0x420
[  103.846029][ T5330]  sock_ioctl+0x5c6/0x7f0
[  103.847954][ T5330]  ? __pfx_sock_ioctl+0x10/0x10
[  103.850092][ T5330]  ? __fget_files+0x2a/0x420
[  103.852085][ T5330]  ? __fget_files+0x3a0/0x420
[  103.854001][ T5330]  ? __fget_files+0x2a/0x420
[  103.856112][ T5330]  ? bpf_lsm_file_ioctl+0x9/0x20
[  103.858230][ T5330]  ? __pfx_sock_ioctl+0x10/0x10
[  103.860031][ T5330]  __se_sys_ioctl+0xfc/0x170
[  103.861880][ T5330]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.864485][ T5330]  do_syscall_64+0x15f/0xf80
[  103.866676][ T5330]  ? trace_irq_disable+0x3b/0x140
[  103.868815][ T5330]  ? clear_bhb_loop+0x40/0x90
[  103.870771][ T5330]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.873252][ T5330] RIP: 0033:0x7f3074f9ce59
[  103.875089][ T5330] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  103.883265][ T5330] RSP: 002b:00007f3075f38fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  103.886970][ T5330] RAX: ffffffffffffffda RBX: 00007f3075215fa0 RCX: 00007f3074f9ce59
[  103.890369][ T5330] RDX: 00002000000001c0 RSI: 00000000400442c8 RDI: 0000000000000006
[  103.893927][ T5330] RBP: 00007f3075032d6f R08: 0000000000000000 R09: 0000000000000000
[  103.897425][ T5330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  103.900906][ T5330] R13: 00007f3075216038 R14: 00007f3075215fa0 R15: 00007fff1a9f2b28
[  103.904818][ T5330]  </TASK>
[  103.906644][ T5330] Kernel Offset: disabled
[  103.908606][ T5330] Rebooting in 86400 seconds..