./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3682168591

<...>
[  102.589865][    T9] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.1.178' (ED25519) to the list of known hosts.
execve("./syz-executor3682168591", ["./syz-executor3682168591"], 0x7ffdeed726b0 /* 10 vars */) = 0
brk(NULL)                               = 0x555556734000
brk(0x555556734d00)                     = 0x555556734d00
arch_prctl(ARCH_SET_FS, 0x555556734380) = 0
set_tid_address(0x555556734650)         = 5063
set_robust_list(0x555556734660, 24)     = 0
rseq(0x555556734ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor3682168591", 4096) = 28
getrandom("\xc8\xf6\x1f\x1a\x98\x7a\x5b\x2b", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555556734d00
brk(0x555556755d00)                     = 0x555556755d00
brk(0x555556756000)                     = 0x555556756000
mprotect(0x7f27722f3000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5064 attached
, child_tidptr=0x555556734650) = 5064
[pid  5064] set_robust_list(0x555556734660, 24) = 0
[pid  5064] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5064] setpgid(0, 0)               = 0
[pid  5064] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5064] write(3, "1000", 4)         = 4
[pid  5064] close(3)                    = 0
[pid  5064] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3
[pid  5064] ioctl(3, TIOCSETD, [15])    = 0
[pid  5064] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 4
[pid  5064] ioctl(4, _IOC(_IOC_WRITE, 0x55, 0xc8, 0x4), 0x9) = 0
[pid  5064] exit_group(0)               = ?
[  107.733817][   T51] Bluetooth: hci0: sending frame failed (-49)
[  107.741346][   T51] Bluetooth: hci0: sending frame failed (-49)
[  107.749190][ T4455] general protection fault, probably for non-canonical address 0xdffffc000000000e: 0000 [#1] PREEMPT SMP KASAN PTI
[  107.761281][ T4455] KASAN: null-ptr-deref in range [0x0000000000000070-0x0000000000000077]
[  107.769698][ T4455] CPU: 0 PID: 4455 Comm: kworker/u5:1 Not tainted 6.7.0-next-20240117-syzkaller #0
[  107.778988][ T4455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
[  107.789052][ T4455] Workqueue: hci0 hci_power_on
[  107.793846][ T4455] RIP: 0010:btintel_read_version+0x65/0x1e0
[  107.799776][ T4455] Code: 08 c5 f9 48 81 fb 00 f0 ff ff 0f 87 9e 00 00 00 e8 c0 0d c5 f9 48 8d 7b 70 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e de 00 00 00 8b 6b 70 bf 0a 00
[  107.819407][ T4455] RSP: 0018:ffffc9000e057958 EFLAGS: 00010202
[  107.825492][ T4455] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff87c7146e
[  107.833471][ T4455] RDX: 000000000000000e RSI: ffffffff87c71480 RDI: 0000000000000070
[  107.841466][ T4455] RBP: ffffc9000e057a10 R08: 0000000000000007 R09: fffffffffffff000
[  107.849441][ T4455] R10: 0000000000000000 R11: 0000000000000003 R12: ffff888030f74000
[  107.857430][ T4455] R13: ffffc9000e0579f0 R14: ffff888030f74000 R15: 0000000000000000
[  107.865516][ T4455] FS:  0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[  107.874480][ T4455] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  107.881087][ T4455] CR2: 00007f27722fa1d0 CR3: 000000007ff6a000 CR4: 00000000003506f0
[  107.889084][ T4455] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  107.897074][ T4455] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  107.905061][ T4455] Call Trace:
[  107.908354][ T4455]  <TASK>
[  107.911293][ T4455]  ? show_regs+0x8e/0xa0
[  107.915566][ T4455]  ? die_addr+0x4f/0xd0
[  107.919749][ T4455]  ? exc_general_protection+0x155/0x230
[  107.925326][ T4455]  ? asm_exc_general_protection+0x26/0x30
[  107.931076][ T4455]  ? btintel_read_version+0x3e/0x1e0
[  107.936394][ T4455]  ? btintel_read_version+0x50/0x1e0
[  107.941696][ T4455]  ? btintel_read_version+0x65/0x1e0
[  107.947011][ T4455]  ? btintel_read_version+0x50/0x1e0
[  107.952315][ T4455]  ag6xx_setup+0x1b0/0xc10
[  107.956758][ T4455]  ? __pfx___timer_delete+0x10/0x10
[  107.961989][ T4455]  ? __pfx_ag6xx_setup+0x10/0x10
[  107.966951][ T4455]  ? skb_queue_purge_reason+0x2c1/0x410
[  107.972527][ T4455]  ? print_lock_class_header+0x240/0x3a0
[  107.978191][ T4455]  ? hci_sock_dev_event+0xb7/0x600
[  107.983323][ T4455]  ? __pfx_ag6xx_setup+0x10/0x10
[  107.988283][ T4455]  hci_uart_setup+0x224/0x4d0
[  107.993000][ T4455]  ? __pfx_hci_uart_setup+0x10/0x10
[  107.998225][ T4455]  hci_dev_open_sync+0x35b/0x2650
[  108.003293][ T4455]  ? __pfx_hci_dev_open_sync+0x10/0x10
[  108.008784][ T4455]  hci_dev_do_open+0x2a/0x90
[  108.013389][ T4455]  hci_power_on+0x132/0x670
[  108.017914][ T4455]  ? __pfx_hci_power_on+0x10/0x10
[  108.022971][ T4455]  process_one_work+0x8d5/0x16e0
[  108.027932][ T4455]  ? __pfx_lock_acquire+0x10/0x10
[  108.032992][ T4455]  ? __pfx_process_one_work+0x10/0x10
[  108.038384][ T4455]  ? assign_work+0x1a0/0x250
[  108.043010][ T4455]  worker_thread+0x8b6/0x1290
[  108.047725][ T4455]  ? __kthread_parkme+0x148/0x220
[  108.052774][ T4455]  ? __pfx_worker_thread+0x10/0x10
[  108.057905][ T4455]  kthread+0x2c1/0x3a0
[  108.062010][ T4455]  ? _raw_spin_unlock_irq+0x23/0x50
[  108.067234][ T4455]  ? __pfx_kthread+0x10/0x10
[  108.071854][ T4455]  ret_from_fork+0x45/0x80
[  108.076297][ T4455]  ? __pfx_kthread+0x10/0x10
[  108.081171][ T4455]  ret_from_fork_asm+0x1a/0x30
[  108.085978][ T4455]  </TASK>
[  108.089012][ T4455] Modules linked in:
[  108.093056][ T4455] ---[ end trace 0000000000000000 ]---
[  108.098593][ T4455] RIP: 0010:btintel_read_version+0x65/0x1e0
[  108.104545][ T4455] Code: 08 c5 f9 48 81 fb 00 f0 ff ff 0f 87 9e 00 00 00 e8 c0 0d c5 f9 48 8d 7b 70 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e de 00 00 00 8b 6b 70 bf 0a 00
[  108.124284][ T4455] RSP: 0018:ffffc9000e057958 EFLAGS: 00010202
[  108.130408][ T4455] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff87c7146e
[  108.138471][ T4455] RDX: 000000000000000e RSI: ffffffff87c71480 RDI: 0000000000000070
[  108.146502][ T4455] RBP: ffffc9000e057a10 R08: 0000000000000007 R09: fffffffffffff000
[  108.154526][ T4455] R10: 0000000000000000 R11: 0000000000000003 R12: ffff888030f74000
[  108.162548][ T4455] R13: ffffc9000e0579f0 R14: ffff888030f74000 R15: 0000000000000000
[  108.170557][ T4455] FS:  0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[  108.179585][ T4455] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  108.186181][ T4455] CR2: 00007f27722fa1d0 CR3: 000000007ff6a000 CR4: 00000000003506f0
[  108.194241][ T4455] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  108.202262][ T4455] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  108.210284][ T4455] Kernel panic - not syncing: Fatal exception
[  108.216591][ T4455] Kernel Offset: disabled
[  108.220916][ T4455] Rebooting in 86400 seconds..