program:
syz_usb_connect(0x1, 0x36, &(0x7f0000000680)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a86200000904000002ca744d07090503020000ff99090805848f"], &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x200000a, 0x4c831, 0xffffffffffffffff, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x7000001, 0x6e073, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0xf, 0x8041)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, &(0x7f00000001c0)={0x0, 0x2, "4cf90fba85c830e42a3ca4b10f01bbcb15f3806c4853e7c44a6974759d9f643905a56baa4195fb396d9bfa306999f1586e5d1ca49add100a36b751a7d9fe0b182ebf2c8a0e66f72c1c08260030752f07cd4089473e52885a3c85bacf3ccfac5bb9435fe036dcfccd7254bbd8bce90e2284d29e1f17d6652270fd0abcb8729f16ff602b438bd122a9e09984e2799d0dbfef7533d1a930ea4f4b57605ace45f5815450693650ae122d34aa0c5ca5e793516d156e5a5b34d6c17c40d753426a3d8e15e726d0f2622e873e0cbe63751bb62c68594d4cb0a21b92ad2e80f24a9b290a87ee6779022a0b7f5223e4e8c9f53f501ec8c439724078fdc076a51d50760566"})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000009feffff720a00fef8ffffff71a400fe0000000071101000000000001d300200000000004704000001ed030407000000c00000001d440000000000006b0a00fe0000000072030000000a0000e500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a26048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdec86f9b1eb93d491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f806694d461b76a58d88cf0f520310a1e80dc18cde9ad662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a090f3b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r0)
[ 59.025257][ T4682] Bluetooth: hci0: command tx timeout
[ 59.182573][ T5332] usb 5-1: new low-speed USB device number 2 using dummy_hcd
[ 59.335472][ T5332] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[ 59.338356][ T5332] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt
[ 59.343237][ T5332] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 59.346814][ T5332] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[ 59.350869][ T5332] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 59.357008][ T5332] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[ 59.359630][ T5332] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt
[ 59.364632][ T5332] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 59.368047][ T5332] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[ 59.371919][ T5332] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 59.377345][ T5332] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[ 59.380238][ T5332] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt
[ 59.385172][ T5332] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 59.388910][ T5332] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[ 59.393398][ T5332] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 59.399999][ T5332] usb 5-1: string descriptor 0 read error: -22
[ 59.403884][ T5332] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 59.407331][ T5332] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 59.429549][ T5332] adutux 5-1:168.0: ADU100 now attached to /dev/usb/adutux0
[ 59.643333][ T5338] usb 5-1: USB disconnect, device number 2
[ 60.757653][ T5338] ==================================================================
[ 60.760535][ T5338] BUG: KASAN: vmalloc-out-of-bounds in vrealloc_noprof+0x340/0x3a0
[ 60.763272][ T5338] Write of size 4064 at addr ffffc9000d329020 by task syz.0.0/5338
[ 60.766032][ T5338]
[ 60.766886][ T5338] CPU: 0 UID: 0 PID: 5338 Comm: syz.0.0 Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0
[ 60.770338][ T5338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 60.774298][ T5338] Call Trace:
[ 60.775589][ T5338]
[ 60.776711][ T5338] dump_stack_lvl+0x241/0x360
[ 60.778518][ T5338] ? __pfx_dump_stack_lvl+0x10/0x10
[ 60.780475][ T5338] ? __pfx__printk+0x10/0x10
[ 60.782085][ T5338] ? _printk+0xd5/0x120
[ 60.783385][ T5338] print_report+0x169/0x550
[ 60.785050][ T5338] ? __virt_addr_valid+0xbd/0x530
[ 60.786989][ T5338] ? vrealloc_noprof+0x340/0x3a0
[ 60.788798][ T5338] kasan_report+0x143/0x180
[ 60.790280][ T5338] ? vrealloc_noprof+0x340/0x3a0
[ 60.791874][ T5338] kasan_check_range+0x282/0x290
[ 60.793480][ T5338] __asan_memset+0x23/0x50
[ 60.795050][ T5338] vrealloc_noprof+0x340/0x3a0
[ 60.796621][ T5338] push_insn_history+0x16c/0x6a0
[ 60.798313][ T5338] do_check+0x692f/0xfcd0
[ 60.799848][ T5338] ? __pfx_do_check+0x10/0x10
[ 60.801641][ T5338] ? mark_reg_not_init+0xd4/0x4b0
[ 60.803554][ T5338] ? __asan_memcpy+0x40/0x70
[ 60.805306][ T5338] ? mark_reg_not_init+0xd4/0x4b0
[ 60.807163][ T5338] do_check_common+0x1564/0x2010
[ 60.808867][ T5338] bpf_check+0x19380/0x1f1b0
[ 60.810554][ T5338] ? _raw_spin_unlock_irqrestore+0x8f/0x140
[ 60.812886][ T5338] ? validate_chain+0x11e/0x5920
[ 60.814725][ T5338] ? page_ext_get+0x20/0x2a0
[ 60.816448][ T5338] ? post_alloc_hook+0x206/0x230
[ 60.818329][ T5338] ? __pfx_validate_chain+0x10/0x10
[ 60.820113][ T5338] ? validate_chain+0x11e/0x5920
[ 60.821980][ T5338] ? validate_chain+0x11e/0x5920
[ 60.823908][ T5338] ? mark_lock+0x9a/0x360
[ 60.825588][ T5338] ? __pfx___might_resched+0x10/0x10
[ 60.827616][ T5338] ? validate_chain+0x11e/0x5920
[ 60.829453][ T5338] ? validate_chain+0x11e/0x5920
[ 60.831303][ T5338] ? __pfx_validate_chain+0x10/0x10
[ 60.833241][ T5338] ? validate_chain+0x11e/0x5920
[ 60.835013][ T5338] ? validate_chain+0x11e/0x5920
[ 60.836673][ T5338] ? validate_chain+0x11e/0x5920
[ 60.838523][ T5338] ? __pfx_validate_chain+0x10/0x10
[ 60.840455][ T5338] ? __pfx_validate_chain+0x10/0x10
[ 60.842363][ T5338] ? __pfx_bpf_check+0x10/0x10
[ 60.844135][ T5338] ? __pfx_validate_chain+0x10/0x10
[ 60.846188][ T5338] ? mark_lock+0x9a/0x360
[ 60.847817][ T5338] ? mark_lock+0x9a/0x360
[ 60.849459][ T5338] ? __lock_acquire+0x1397/0x2100
[ 60.851481][ T5338] ? mark_lock+0x9a/0x360
[ 60.853048][ T5338] ? __lock_acquire+0x1397/0x2100
[ 60.854898][ T5338] ? __pfx_lock_acquire+0x10/0x10
[ 60.856998][ T5338] ? ktime_get_with_offset+0x8c/0x290
[ 60.858961][ T5338] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 60.861161][ T5338] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 60.863413][ T5338] ? ktime_get_with_offset+0x8c/0x290
[ 60.865331][ T5338] ? seqcount_lockdep_reader_access+0x157/0x220
[ 60.867617][ T5338] ? lockdep_hardirqs_on+0x99/0x150
[ 60.869533][ T5338] ? seqcount_lockdep_reader_access+0x1d7/0x220
[ 60.871814][ T5338] ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[ 60.874200][ T5338] ? _raw_spin_unlock+0x28/0x50
[ 60.875830][ T5338] ? __asan_memset+0x23/0x50
[ 60.877346][ T5338] ? bpf_obj_name_cpy+0x18a/0x1d0
[ 60.879114][ T5338] bpf_prog_load+0x1667/0x20f0
[ 60.880654][ T5338] ? __pfx_bpf_prog_load+0x10/0x10
[ 60.882307][ T5338] ? __pfx___might_resched+0x10/0x10
[ 60.884297][ T5338] ? __might_fault+0xc6/0x120
[ 60.886194][ T5338] __sys_bpf+0x4ee/0x810
[ 60.887677][ T5338] ? __pfx___sys_bpf+0x10/0x10
[ 60.889493][ T5338] ? __rseq_handle_notify_resume+0x34d/0x14d0
[ 60.891748][ T5338] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 60.893643][ T5338] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 60.895964][ T5338] ? do_syscall_64+0x100/0x230
[ 60.897660][ T5338] __x64_sys_bpf+0x7c/0x90
[ 60.899280][ T5338] do_syscall_64+0xf3/0x230
[ 60.901034][ T5338] ? clear_bhb_loop+0x35/0x90
[ 60.902647][ T5338] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 60.904711][ T5338] RIP: 0033:0x7fed0917e819
[ 60.906375][ T5338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 60.912797][ T5338] RSP: 002b:00007fed09f09038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 60.915643][ T5338] RAX: ffffffffffffffda RBX: 00007fed09335fa0 RCX: 00007fed0917e819
[ 60.918569][ T5338] RDX: 0000000000000048 RSI: 00000000200017c0 RDI: 0000000000000005
[ 60.921517][ T5338] RBP: 00007fed091f175e R08: 0000000000000000 R09: 0000000000000000
[ 60.924592][ T5338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 60.927326][ T5338] R13: 0000000000000000 R14: 00007fed09335fa0 R15: 00007ffca399baf8
[ 60.930149][ T5338]
[ 60.931232][ T5338]
[ 60.932114][ T5338] The buggy address belongs to the virtual mapping at
[ 60.932114][ T5338] [ffffc9000d309000, ffffc9000d32b000) created by:
[ 60.932114][ T5338] kvrealloc_noprof+0xc7/0x120
[ 60.938475][ T5338]
[ 60.939377][ T5338] The buggy address belongs to the physical page:
[ 60.941854][ T5338] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88805228b8c0 pfn:0x5228b
[ 60.945827][ T5338] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 60.948561][ T5338] raw: 04fff00000000000 0000000000000000 dead000000000122 0000000000000000
[ 60.951779][ T5338] raw: ffff88805228b8c0 0000000000000000 00000001ffffffff 0000000000000000
[ 60.954958][ T5338] page dumped because: kasan: bad access detected
[ 60.957383][ T5338] page_owner tracks the page as allocated
[ 60.959563][ T5338] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x102cc2(GFP_HIGHUSER|__GFP_NOWARN), pid 5338, tgid 5337 (syz.0.0), ts 60757529600, free_ts 59915952071
[ 60.966059][ T5338] post_alloc_hook+0x1f3/0x230
[ 60.967756][ T5338] get_page_from_freelist+0x3649/0x3790
[ 60.969772][ T5338] __alloc_pages_slowpath+0x414/0x1020
[ 60.971761][ T5338] __alloc_pages_noprof+0x493/0x710
[ 60.973698][ T5338] alloc_pages_mpol_noprof+0x3e8/0x680
[ 60.975688][ T5338] __vmalloc_node_range_noprof+0xa2b/0x13f0
[ 60.977951][ T5338] __kvmalloc_node_noprof+0x142/0x190
[ 60.980008][ T5338] kvrealloc_noprof+0xc7/0x120
[ 60.981493][ T5338] push_insn_history+0x16c/0x6a0
[ 60.983273][ T5338] do_check+0x692f/0xfcd0
[ 60.984789][ T5338] do_check_common+0x1564/0x2010
[ 60.986525][ T5338] bpf_check+0x19380/0x1f1b0
[ 60.988267][ T5338] bpf_prog_load+0x1667/0x20f0
[ 60.989963][ T5338] __sys_bpf+0x4ee/0x810
[ 60.991541][ T5338] __x64_sys_bpf+0x7c/0x90
[ 60.993136][ T5338] do_syscall_64+0xf3/0x230
[ 60.994697][ T5338] page last free pid 5321 tgid 5321 stack trace:
[ 60.996768][ T5338] free_unref_page+0xdf9/0x1140
[ 60.998292][ T5338] __put_partials+0xeb/0x130
[ 60.999868][ T5338] put_cpu_partial+0x17c/0x250
[ 61.001468][ T5338] __slab_free+0x2ea/0x3d0
[ 61.003002][ T5338] qlist_free_all+0x9a/0x140
[ 61.004555][ T5338] kasan_quarantine_reduce+0x14f/0x170
[ 61.006398][ T5338] __kasan_slab_alloc+0x23/0x80
[ 61.008116][ T5338] __kmalloc_cache_noprof+0x132/0x2c0
[ 61.010111][ T5338] nsim_fib_event_work+0xe1a/0x4130
[ 61.012094][ T5338] process_scheduled_works+0xa63/0x1850
[ 61.014157][ T5338] worker_thread+0x870/0xd30
[ 61.015866][ T5338] kthread+0x2f0/0x390
[ 61.017363][ T5338] ret_from_fork+0x4b/0x80
[ 61.018997][ T5338] ret_from_fork_asm+0x1a/0x30
[ 61.020710][ T5338]
[ 61.021529][ T5338] Memory state around the buggy address:
[ 61.023529][ T5338] ffffc9000d328f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 61.026512][ T5338] ffffc9000d328f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 61.029582][ T5338] >ffffc9000d329000: 00 00 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 61.032436][ T5338] ^
[ 61.034297][ T5338] ffffc9000d329080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 61.037236][ T5338] ffffc9000d329100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 61.040316][ T5338] ==================================================================
[ 61.119103][ T4682] Bluetooth: hci0: command tx timeout
[ 61.128539][ T5338] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 61.131181][ T5338] CPU: 0 UID: 0 PID: 5338 Comm: syz.0.0 Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0
[ 61.134710][ T5338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 61.138710][ T5338] Call Trace:
[ 61.139932][ T5338]
[ 61.141082][ T5338] dump_stack_lvl+0x241/0x360
[ 61.142815][ T5338] ? __pfx_dump_stack_lvl+0x10/0x10
[ 61.144788][ T5338] ? __pfx__printk+0x10/0x10
[ 61.146482][ T5338] ? preempt_schedule+0xe1/0xf0
[ 61.148253][ T5338] ? vscnprintf+0x5d/0x90
[ 61.149816][ T5338] panic+0x349/0x880
[ 61.151187][ T5338] ? check_panic_on_warn+0x21/0xb0
[ 61.153046][ T5338] ? __pfx_panic+0x10/0x10
[ 61.154618][ T5338] ? _raw_spin_unlock_irqrestore+0x130/0x140
[ 61.156763][ T5338] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 61.158959][ T5338] ? print_report+0x502/0x550
[ 61.160600][ T5338] check_panic_on_warn+0x86/0xb0
[ 61.162587][ T5338] ? vrealloc_noprof+0x340/0x3a0
[ 61.164438][ T5338] end_report+0x77/0x160
[ 61.165967][ T5338] kasan_report+0x154/0x180
[ 61.167679][ T5338] ? vrealloc_noprof+0x340/0x3a0
[ 61.169567][ T5338] kasan_check_range+0x282/0x290
[ 61.171332][ T5338] __asan_memset+0x23/0x50
[ 61.172923][ T5338] vrealloc_noprof+0x340/0x3a0
[ 61.174633][ T5338] push_insn_history+0x16c/0x6a0
[ 61.176332][ T5338] do_check+0x692f/0xfcd0
[ 61.177896][ T5338] ? __pfx_do_check+0x10/0x10
[ 61.179611][ T5338] ? mark_reg_not_init+0xd4/0x4b0
[ 61.181462][ T5338] ? __asan_memcpy+0x40/0x70
[ 61.183014][ T5338] ? mark_reg_not_init+0xd4/0x4b0
[ 61.184833][ T5338] do_check_common+0x1564/0x2010
[ 61.186598][ T5338] bpf_check+0x19380/0x1f1b0
[ 61.188161][ T5338] ? _raw_spin_unlock_irqrestore+0x8f/0x140
[ 61.190042][ T5338] ? validate_chain+0x11e/0x5920
[ 61.191714][ T5338] ? page_ext_get+0x20/0x2a0
[ 61.193344][ T5338] ? post_alloc_hook+0x206/0x230
[ 61.195145][ T5338] ? __pfx_validate_chain+0x10/0x10
[ 61.196974][ T5338] ? validate_chain+0x11e/0x5920
[ 61.198824][ T5338] ? validate_chain+0x11e/0x5920
[ 61.200706][ T5338] ? mark_lock+0x9a/0x360
[ 61.202361][ T5338] ? __pfx___might_resched+0x10/0x10
[ 61.204343][ T5338] ? validate_chain+0x11e/0x5920
[ 61.206208][ T5338] ? validate_chain+0x11e/0x5920
[ 61.208086][ T5338] ? __pfx_validate_chain+0x10/0x10
[ 61.210034][ T5338] ? validate_chain+0x11e/0x5920
[ 61.211877][ T5338] ? validate_chain+0x11e/0x5920
[ 61.213748][ T5338] ? validate_chain+0x11e/0x5920
[ 61.215646][ T5338] ? __pfx_validate_chain+0x10/0x10
[ 61.217622][ T5338] ? __pfx_validate_chain+0x10/0x10
[ 61.219569][ T5338] ? __pfx_bpf_check+0x10/0x10
[ 61.221352][ T5338] ? __pfx_validate_chain+0x10/0x10
[ 61.223304][ T5338] ? mark_lock+0x9a/0x360
[ 61.225074][ T5338] ? mark_lock+0x9a/0x360
[ 61.226468][ T5338] ? __lock_acquire+0x1397/0x2100
[ 61.228231][ T5338] ? mark_lock+0x9a/0x360
[ 61.229795][ T5338] ? __lock_acquire+0x1397/0x2100
[ 61.231723][ T5338] ? __pfx_lock_acquire+0x10/0x10
[ 61.233656][ T5338] ? ktime_get_with_offset+0x8c/0x290
[ 61.235560][ T5338] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 61.237758][ T5338] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 61.240082][ T5338] ? ktime_get_with_offset+0x8c/0x290
[ 61.242007][ T5338] ? seqcount_lockdep_reader_access+0x157/0x220
[ 61.244102][ T5338] ? lockdep_hardirqs_on+0x99/0x150
[ 61.245872][ T5338] ? seqcount_lockdep_reader_access+0x1d7/0x220
[ 61.248054][ T5338] ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[ 61.250385][ T5338] ? _raw_spin_unlock+0x28/0x50
[ 61.252142][ T5338] ? __asan_memset+0x23/0x50
[ 61.253710][ T5338] ? bpf_obj_name_cpy+0x18a/0x1d0
[ 61.255527][ T5338] bpf_prog_load+0x1667/0x20f0
[ 61.257237][ T5338] ? __pfx_bpf_prog_load+0x10/0x10
[ 61.259077][ T5338] ? __pfx___might_resched+0x10/0x10
[ 61.261001][ T5338] ? __might_fault+0xc6/0x120
[ 61.262700][ T5338] __sys_bpf+0x4ee/0x810
[ 61.264197][ T5338] ? __pfx___sys_bpf+0x10/0x10
[ 61.265829][ T5338] ? __rseq_handle_notify_resume+0x34d/0x14d0
[ 61.267857][ T5338] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 61.269863][ T5338] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 61.272123][ T5338] ? do_syscall_64+0x100/0x230
[ 61.273830][ T5338] __x64_sys_bpf+0x7c/0x90
[ 61.275465][ T5338] do_syscall_64+0xf3/0x230
[ 61.277112][ T5338] ? clear_bhb_loop+0x35/0x90
[ 61.278965][ T5338] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 61.281469][ T5338] RIP: 0033:0x7fed0917e819
[ 61.283544][ T5338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 61.291847][ T5338] RSP: 002b:00007fed09f09038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 61.295426][ T5338] RAX: ffffffffffffffda RBX: 00007fed09335fa0 RCX: 00007fed0917e819
[ 61.298808][ T5338] RDX: 0000000000000048 RSI: 00000000200017c0 RDI: 0000000000000005
[ 61.302231][ T5338] RBP: 00007fed091f175e R08: 0000000000000000 R09: 0000000000000000
[ 61.305262][ T5338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 61.308185][ T5338] R13: 0000000000000000 R14: 00007fed09335fa0 R15: 00007ffca399baf8
[ 61.310967][ T5338]
[ 61.312339][ T5338] Kernel Offset: disabled
[ 61.313923][ T5338] Rebooting in 86400 seconds..