Warning: Permanently added '[localhost]:60395' (ED25519) to the list of known hosts.
2025/05/05 01:49:31 ignoring optional flag "sandboxArg"="0"
2025/05/05 01:49:32 parsed 1 programs
[   80.147778][   T40] audit: type=1400 audit(1746409774.641:145): avc:  denied  { unlink } for  pid=6178 comm="syz-executor" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   81.057492][ T6178] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   81.416346][ T1334] cfg80211: failed to load regulatory.db
[   82.587742][   T67] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   82.590726][   T67] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   82.593599][   T67] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   82.596807][   T67] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   82.599580][   T67] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   83.386144][ T6255] chnl_net:caif_netlink_parms(): no params data found
[   83.454247][ T6255] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.456683][ T6255] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.458962][ T6255] bridge_slave_0: entered allmulticast mode
[   83.461604][ T6255] bridge_slave_0: entered promiscuous mode
[   83.464715][ T6255] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.467551][ T6255] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.470131][ T6255] bridge_slave_1: entered allmulticast mode
[   83.473214][ T6255] bridge_slave_1: entered promiscuous mode
[   83.503004][ T6255] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   83.513304][ T6255] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   83.545439][ T6255] team0: Port device team_slave_0 added
[   83.549303][ T6255] team0: Port device team_slave_1 added
[   83.578466][ T6255] batman_adv: batadv0: Adding interface: batadv_slave_0
[   83.580700][ T6255] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   83.588945][ T6255] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   83.595915][ T6255] batman_adv: batadv0: Adding interface: batadv_slave_1
[   83.598702][ T6255] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   83.608696][ T6255] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   83.644710][ T6255] hsr_slave_0: entered promiscuous mode
[   83.647375][ T6255] hsr_slave_1: entered promiscuous mode
[   84.175087][ T6255] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   84.180778][ T6255] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   84.187164][ T6255] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   84.195122][ T6255] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   84.213538][ T6255] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.216596][ T6255] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.219796][ T6255] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.222791][ T6255] bridge0: port 1(bridge_slave_0) entered forwarding state
[   84.265440][ T6255] 8021q: adding VLAN 0 to HW filter on device bond0
[   84.276423][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.279335][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.289518][ T6255] 8021q: adding VLAN 0 to HW filter on device team0
[   84.297323][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.299552][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   84.304212][ T1151] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.306485][ T1151] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.409541][ T6255] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.438336][ T6255] veth0_vlan: entered promiscuous mode
[   84.443362][ T6255] veth1_vlan: entered promiscuous mode
[   84.459440][ T6255] veth0_macvtap: entered promiscuous mode
[   84.463225][ T6255] veth1_macvtap: entered promiscuous mode
[   84.472176][ T6255] batman_adv: batadv0: Interface activated: batadv_slave_0
[   84.480174][ T6255] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.484509][ T6255] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.488877][ T6255] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.491914][ T6255] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.495052][ T6255] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.568068][   T64] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.652406][   T64] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.712574][   T64] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.783989][   T64] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   85.231402][   T40] audit: type=1401 audit(1746409779.721:146): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
[   85.420992][   T43] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.424304][   T43] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.438444][ T1206] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.440878][ T1206] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/05/05 01:49:40 executed programs: 0
[   85.726097][ T5283] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   85.728923][ T5283] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   85.731378][ T5283] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   85.733956][ T5283] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   85.738052][ T5283] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   85.824867][ T6412] chnl_net:caif_netlink_parms(): no params data found
[   85.920352][ T6412] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.922637][ T6412] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.925265][ T6412] bridge_slave_0: entered allmulticast mode
[   85.928001][ T6412] bridge_slave_0: entered promiscuous mode
[   85.931759][ T6412] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.934022][ T6412] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.936775][ T6412] bridge_slave_1: entered allmulticast mode
[   85.939967][ T6412] bridge_slave_1: entered promiscuous mode
[   85.980565][ T6412] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   85.985076][ T6412] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   86.028759][ T6412] team0: Port device team_slave_0 added
[   86.032753][ T6412] team0: Port device team_slave_1 added
[   86.063504][ T6412] batman_adv: batadv0: Adding interface: batadv_slave_0
[   86.066634][ T6412] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   86.076887][ T6412] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   86.083310][ T6412] batman_adv: batadv0: Adding interface: batadv_slave_1
[   86.086260][ T6412] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   86.095441][ T6412] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   86.154867][ T6412] hsr_slave_0: entered promiscuous mode
[   86.157077][ T6412] hsr_slave_1: entered promiscuous mode
[   86.159181][ T6412] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   86.161543][ T6412] Cannot create hsr debugfs directory
[   87.815452][ T5283] Bluetooth: hci0: command tx timeout
[   87.866494][   T64] bridge_slave_1: left allmulticast mode
[   87.868326][   T64] bridge_slave_1: left promiscuous mode
[   87.870175][   T64] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.873793][   T64] bridge_slave_0: left allmulticast mode
[   87.876699][   T64] bridge_slave_0: left promiscuous mode
[   87.878566][   T64] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.122248][   T64] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   88.126435][   T64] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   88.129963][   T64] bond0 (unregistering): Released all slaves
[   88.265120][   T64] hsr_slave_0: left promiscuous mode
[   88.267618][   T64] hsr_slave_1: left promiscuous mode
[   88.269601][   T64] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   88.271978][   T64] batman_adv: batadv0: Removing interface: batadv_slave_0
[   88.274988][   T64] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   88.277246][   T64] batman_adv: batadv0: Removing interface: batadv_slave_1
[   88.288898][   T64] veth1_macvtap: left promiscuous mode
[   88.290710][   T64] veth0_macvtap: left promiscuous mode
[   88.292502][   T64] veth1_vlan: left promiscuous mode
[   88.294183][   T64] veth0_vlan: left promiscuous mode
[   88.667976][   T64] team0 (unregistering): Port device team_slave_1 removed
[   88.703887][   T64] team0 (unregistering): Port device team_slave_0 removed
[   89.351355][ T6412] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   89.356362][ T6412] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   89.360366][ T6412] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   89.366535][ T6412] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   89.421528][ T6412] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.433101][ T6412] 8021q: adding VLAN 0 to HW filter on device team0
[   89.437892][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.440623][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.448054][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.450355][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.680153][ T6412] 8021q: adding VLAN 0 to HW filter on device batadv0
[   89.701971][ T6412] veth0_vlan: entered promiscuous mode
[   89.706759][ T6412] veth1_vlan: entered promiscuous mode
[   89.730233][ T6412] veth0_macvtap: entered promiscuous mode
[   89.737904][ T6412] veth1_macvtap: entered promiscuous mode
[   89.749721][ T6412] batman_adv: batadv0: Interface activated: batadv_slave_0
[   89.759860][ T6412] batman_adv: batadv0: Interface activated: batadv_slave_1
[   89.765890][ T6412] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   89.768630][ T6412] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   89.771361][ T6412] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   89.774135][ T6412] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   89.840118][ T1151] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.842602][ T1151] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.855349][ T1151] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.857863][ T1151] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.889689][   T40] audit: type=1400 audit(1746409784.381:147): avc:  denied  { map_create } for  pid=6491 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   89.895802][   T40] audit: type=1400 audit(1746409784.381:148): avc:  denied  { read } for  pid=6491 comm="syz.0.16" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   89.902885][   T40] audit: type=1400 audit(1746409784.381:149): avc:  denied  { open } for  pid=6491 comm="syz.0.16" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   89.904740][ T5283] Bluetooth: hci0: command tx timeout
[   89.911536][   T40] audit: type=1400 audit(1746409784.381:150): avc:  denied  { ioctl } for  pid=6491 comm="syz.0.16" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   89.934938][   T40] audit: type=1400 audit(1746409784.421:151): avc:  denied  { bind } for  pid=6491 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   89.935328][ T6492] Bluetooth: MGMT ver 1.23
[   89.945332][   T40] audit: type=1400 audit(1746409784.431:152): avc:  denied  { write } for  pid=6491 comm="syz.0.16" path="socket:[11429]" dev="sockfs" ino=11429 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   89.945809][ T5283] ==================================================================
[   89.958282][ T5283] BUG: KASAN: slab-out-of-bounds in hci_cmd_sync_alloc+0x300/0x3a0
[   89.961549][ T5283] Read of size 7 at addr ffff888025df4ee6 by task kworker/u33:1/5283
[   89.966367][ T5283] 
[   89.967416][ T5283] CPU: 2 UID: 0 PID: 5283 Comm: kworker/u33:1 Not tainted 6.15.0-rc5-syzkaller-g92a09c47464d-dirty #0 PREEMPT(full) 
[   89.967437][ T5283] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   89.967447][ T5283] Workqueue: hci0 hci_cmd_sync_work
[   89.967465][ T5283] Call Trace:
[   89.967470][ T5283]  <TASK>
[   89.967476][ T5283]  dump_stack_lvl+0x116/0x1f0
[   89.967495][ T5283]  print_report+0xc3/0x670
[   89.967508][ T5283]  ? __virt_addr_valid+0x5e/0x590
[   89.967528][ T5283]  ? __phys_addr+0xc6/0x150
[   89.967546][ T5283]  ? hci_cmd_sync_alloc+0x300/0x3a0
[   89.967561][ T5283]  kasan_report+0xe0/0x110
[   89.967575][ T5283]  ? hci_cmd_sync_alloc+0x300/0x3a0
[   89.967591][ T5283]  kasan_check_range+0xef/0x1a0
[   89.967608][ T5283]  __asan_memcpy+0x23/0x60
[   89.967629][ T5283]  hci_cmd_sync_alloc+0x300/0x3a0
[   89.967645][ T5283]  __hci_cmd_sync_sk+0x157/0xc90
[   89.967661][ T5283]  ? __pfx___hci_cmd_sync_sk+0x10/0x10
[   89.967675][ T5283]  ? __pfx___might_resched+0x10/0x10
[   89.967693][ T5283]  ? rcu_is_watching+0x12/0xc0
[   89.967709][ T5283]  ? trace_contention_end+0xdd/0x130
[   89.967734][ T5283]  ? __pfx___mutex_lock+0x10/0x10
[   89.967752][ T5283]  ? __lock_acquire+0xaa4/0x1ba0
[   89.967774][ T5283]  __hci_cmd_sync_ev+0x3e/0x50
[   89.967791][ T5283]  send_hci_cmd_sync+0x152/0x3a0
[   89.967806][ T5283]  hci_cmd_sync_work+0x1a8/0x430
[   89.967821][ T5283]  process_one_work+0x9cc/0x1b70
[   89.967841][ T5283]  ? __pfx_process_one_work+0x10/0x10
[   89.967858][ T5283]  ? assign_work+0x1a0/0x250
[   89.967872][ T5283]  worker_thread+0x6c8/0xf10
[   89.967889][ T5283]  ? __kthread_parkme+0x19e/0x250
[   89.967910][ T5283]  ? __pfx_worker_thread+0x10/0x10
[   89.967925][ T5283]  kthread+0x3c2/0x780
[   89.967938][ T5283]  ? __pfx_kthread+0x10/0x10
[   89.967950][ T5283]  ? __pfx_kthread+0x10/0x10
[   89.967962][ T5283]  ? __pfx_kthread+0x10/0x10
[   89.967973][ T5283]  ? __pfx_kthread+0x10/0x10
[   89.967986][ T5283]  ? rcu_is_watching+0x12/0xc0
[   89.968003][ T5283]  ? __pfx_kthread+0x10/0x10
[   89.968017][ T5283]  ret_from_fork+0x45/0x80
[   89.968032][ T5283]  ? __pfx_kthread+0x10/0x10
[   89.968051][ T5283]  ret_from_fork_asm+0x1a/0x30
[   89.968082][ T5283]  </TASK>
[   89.968088][ T5283] 
[   90.045818][ T5283] Allocated by task 6492:
[   90.047181][ T5283]  kasan_save_stack+0x33/0x60
[   90.048670][ T5283]  kasan_save_track+0x14/0x30
[   90.050195][ T5283]  __kasan_kmalloc+0xaa/0xb0
[   90.051642][ T5283]  __kmalloc_node_track_caller_noprof+0x221/0x510
[   90.053756][ T5283]  kmemdup_noprof+0x29/0x60
[   90.055202][ T5283]  mgmt_pending_new+0x10b/0x290
[   90.056731][ T5283]  mgmt_hci_cmd_sync+0x58/0x1c0
[   90.058283][ T5283]  hci_sock_sendmsg+0x151f/0x25e0
[   90.059887][ T5283]  sock_write_iter+0x4fc/0x5b0
[   90.061405][ T5283]  vfs_write+0x5ba/0x1180
[   90.062820][ T5283]  ksys_write+0x205/0x240
[   90.064193][ T5283]  do_syscall_64+0xcd/0x260
[   90.065653][ T5283]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.067506][ T5283] 
[   90.068280][ T5283] The buggy address belongs to the object at ffff888025df4ee0
[   90.068280][ T5283]  which belongs to the cache kmalloc-8 of size 8
[   90.072481][ T5283] The buggy address is located 6 bytes inside of
[   90.072481][ T5283]  allocated 7-byte region [ffff888025df4ee0, ffff888025df4ee7)
[   90.076665][ T5283] 
[   90.077417][ T5283] The buggy address belongs to the physical page:
[   90.079376][ T5283] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x25df4
[   90.082064][ T5283] anon flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   90.084390][ T5283] page_type: f5(slab)
[   90.085637][ T5283] raw: 00fff00000000000 ffff88801b442500 0000000000000000 dead000000000001
[   90.088240][ T5283] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000
[   90.090788][ T5283] page dumped because: kasan: bad access detected
[   90.092769][ T5283] page_owner tracks the page as allocated
[   90.094565][ T5283] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 1, tgid 1 (swapper/0), ts 8545114296, free_ts 0
[   90.100123][ T5283]  post_alloc_hook+0x181/0x1b0
[   90.101696][ T5283]  get_page_from_freelist+0x135c/0x3920
[   90.103412][ T5283]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   90.105153][ T5283]  alloc_pages_mpol+0x1fb/0x550
[   90.106636][ T5283]  new_slab+0x244/0x340
[   90.107918][ T5283]  ___slab_alloc+0xd9c/0x1940
[   90.109382][ T5283]  __slab_alloc.constprop.0+0x56/0xb0
[   90.111093][ T5283]  __kmalloc_node_track_caller_noprof+0x2ee/0x510
[   90.113081][ T5283]  kvasprintf+0xbc/0x160
[   90.114372][ T5283]  kvasprintf_const+0x66/0x1a0
[   90.115890][ T5283]  kobject_set_name_vargs+0x5a/0x140
[   90.117482][ T5283]  kobject_add+0x129/0x240
[   90.118859][ T5283]  blk_mq_register_hctx+0x264/0x470
[   90.120495][ T5283]  blk_mq_sysfs_register+0x208/0x5f0
[   90.122154][ T5283]  blk_register_queue+0xe5/0x560
[   90.123676][ T5283]  add_disk_fwnode+0x911/0x13a0
[   90.125140][ T5283] page_owner free stack trace missing
[   90.126846][ T5283] 
[   90.127620][ T5283] Memory state around the buggy address:
[   90.129375][ T5283]  ffff888025df4d80: 05 fc fc fc 05 fc fc fc 05 fc fc fc 05 fc fc fc
[   90.131891][ T5283]  ffff888025df4e00: 05 fc fc fc 05 fc fc fc 05 fc fc fc 07 fc fc fc
[   90.134452][ T5283] >ffff888025df4e80: 07 fc fc fc 07 fc fc fc 00 fc fc fc 07 fc fc fc
[   90.136886][ T5283]                                                        ^
[   90.139072][ T5283]  ffff888025df4f00: 06 fc fc fc 02 fc fc fc 02 fc fc fc 05 fc fc fc
[   90.141458][ T5283]  ffff888025df4f80: 05 fc fc fc 05 fc fc fc 05 fc fc fc 05 fc fc fc
[   90.143898][ T5283] ==================================================================
[   90.146884][ T5283] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   90.149153][ T5283] CPU: 2 UID: 0 PID: 5283 Comm: kworker/u33:1 Not tainted 6.15.0-rc5-syzkaller-g92a09c47464d-dirty #0 PREEMPT(full) 
[   90.152955][ T5283] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   90.156328][ T5283] Workqueue: hci0 hci_cmd_sync_work
[   90.157992][ T5283] Call Trace:
[   90.159055][ T5283]  <TASK>
[   90.160011][ T5283]  dump_stack_lvl+0x3d/0x1f0
[   90.161491][ T5283]  panic+0x71c/0x800
[   90.162770][ T5283]  ? __pfx_panic+0x10/0x10
[   90.164189][ T5283]  ? mark_held_locks+0x49/0x80
[   90.165748][ T5283]  ? preempt_schedule_thunk+0x16/0x30
[   90.167435][ T5283]  ? hci_cmd_sync_alloc+0x300/0x3a0
[   90.169071][ T5283]  ? preempt_schedule_common+0x44/0xc0
[   90.170830][ T5283]  ? check_panic_on_warn+0x1f/0xb0
[   90.172475][ T5283]  ? hci_cmd_sync_alloc+0x300/0x3a0
[   90.174130][ T5283]  check_panic_on_warn+0xab/0xb0
[   90.175729][ T5283]  end_report+0x107/0x170
[   90.177102][ T5283]  kasan_report+0xee/0x110
[   90.178538][ T5283]  ? hci_cmd_sync_alloc+0x300/0x3a0
[   90.180190][ T5283]  kasan_check_range+0xef/0x1a0
[   90.181761][ T5283]  __asan_memcpy+0x23/0x60
[   90.183201][ T5283]  hci_cmd_sync_alloc+0x300/0x3a0
[   90.184791][ T5283]  __hci_cmd_sync_sk+0x157/0xc90
[   90.186376][ T5283]  ? __pfx___hci_cmd_sync_sk+0x10/0x10
[   90.188095][ T5283]  ? __pfx___might_resched+0x10/0x10
[   90.189792][ T5283]  ? rcu_is_watching+0x12/0xc0
[   90.191330][ T5283]  ? trace_contention_end+0xdd/0x130
[   90.193062][ T5283]  ? __pfx___mutex_lock+0x10/0x10
[   90.194687][ T5283]  ? __lock_acquire+0xaa4/0x1ba0
[   90.196276][ T5283]  __hci_cmd_sync_ev+0x3e/0x50
[   90.197817][ T5283]  send_hci_cmd_sync+0x152/0x3a0
[   90.199372][ T5283]  hci_cmd_sync_work+0x1a8/0x430
[   90.200952][ T5283]  process_one_work+0x9cc/0x1b70
[   90.202551][ T5283]  ? __pfx_process_one_work+0x10/0x10
[   90.204236][ T5283]  ? assign_work+0x1a0/0x250
[   90.205719][ T5283]  worker_thread+0x6c8/0xf10
[   90.207192][ T5283]  ? __kthread_parkme+0x19e/0x250
[   90.208766][ T5283]  ? __pfx_worker_thread+0x10/0x10
[   90.210414][ T5283]  kthread+0x3c2/0x780
[   90.211699][ T5283]  ? __pfx_kthread+0x10/0x10
[   90.213174][ T5283]  ? __pfx_kthread+0x10/0x10
[   90.214663][ T5283]  ? __pfx_kthread+0x10/0x10
[   90.216121][ T5283]  ? __pfx_kthread+0x10/0x10
[   90.217588][ T5283]  ? rcu_is_watching+0x12/0xc0
[   90.219106][ T5283]  ? __pfx_kthread+0x10/0x10
[   90.220593][ T5283]  ret_from_fork+0x45/0x80
[   90.222017][ T5283]  ? __pfx_kthread+0x10/0x10
[   90.223475][ T5283]  ret_from_fork_asm+0x1a/0x30
[   90.225018][ T5283]  </TASK>
[   90.226675][ T5283] Kernel Offset: disabled
[   90.228050][ T5283] Rebooting in 86400 seconds..