Warning: Permanently added '10.128.1.165' (ED25519) to the list of known hosts.
2025/03/08 12:34:26 ignoring optional flag "sandboxArg"="0"
2025/03/08 12:34:26 ignoring optional flag "type"="gce"
2025/03/08 12:34:26 parsed 1 programs
[ 100.813286][ T6263] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 103.833807][ T5150] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 103.846251][ T5150] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 103.854668][ T5150] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 103.863692][ T5150] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 103.871521][ T5150] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 103.879947][ T5150] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 104.661464][ T6323] chnl_net:caif_netlink_parms(): no params data found
[ 104.738002][ T6323] bridge0: port 1(bridge_slave_0) entered blocking state
[ 104.745277][ T6323] bridge0: port 1(bridge_slave_0) entered disabled state
[ 104.752763][ T6323] bridge_slave_0: entered allmulticast mode
[ 104.759884][ T6323] bridge_slave_0: entered promiscuous mode
[ 104.767293][ T6323] bridge0: port 2(bridge_slave_1) entered blocking state
[ 104.775093][ T6323] bridge0: port 2(bridge_slave_1) entered disabled state
[ 104.782445][ T6323] bridge_slave_1: entered allmulticast mode
[ 104.789324][ T6323] bridge_slave_1: entered promiscuous mode
[ 104.813417][ T6323] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 104.824765][ T6323] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 104.856003][ T6323] team0: Port device team_slave_0 added
[ 104.864537][ T6323] team0: Port device team_slave_1 added
[ 104.883488][ T6323] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 104.891011][ T6323] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 104.917254][ T6323] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 104.930531][ T6323] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 104.937537][ T6323] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 104.964975][ T6323] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 104.994236][ T6323] hsr_slave_0: entered promiscuous mode
[ 105.000485][ T6323] hsr_slave_1: entered promiscuous mode
[ 105.475440][ T6323] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 105.494093][ T6323] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 105.504384][ T6323] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 105.515045][ T6323] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 105.544264][ T6323] bridge0: port 2(bridge_slave_1) entered blocking state
[ 105.551475][ T6323] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 105.559054][ T6323] bridge0: port 1(bridge_slave_0) entered blocking state
[ 105.566287][ T6323] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 105.619834][ T6323] 8021q: adding VLAN 0 to HW filter on device bond0
[ 105.638489][ T13] bridge0: port 1(bridge_slave_0) entered disabled state
[ 105.647343][ T13] bridge0: port 2(bridge_slave_1) entered disabled state
[ 105.668556][ T6323] 8021q: adding VLAN 0 to HW filter on device team0
[ 105.683140][ T36] bridge0: port 1(bridge_slave_0) entered blocking state
[ 105.690309][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 105.712457][ T36] bridge0: port 2(bridge_slave_1) entered blocking state
[ 105.719627][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 105.888239][ T6323] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 105.935841][ T6323] veth0_vlan: entered promiscuous mode
[ 105.952456][ T6323] veth1_vlan: entered promiscuous mode
[ 105.981285][ T6323] veth0_macvtap: entered promiscuous mode
[ 105.992128][ T6323] veth1_macvtap: entered promiscuous mode
[ 106.013800][ T6323] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 106.026424][ T6323] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 106.038295][ T6323] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 106.048353][ T6323] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 106.057578][ T6323] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 106.067785][ T6323] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 106.234591][ T53] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 106.331222][ T53] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 106.355282][ T1150] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 106.374782][ T1150] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 106.405455][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 106.414417][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 106.446552][ T53] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 106.547968][ T53] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/03/08 12:34:37 executed programs: 0
[ 107.590627][ T5908] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 107.601652][ T5908] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 107.610648][ T5908] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 107.619369][ T5908] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 107.627793][ T5908] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 107.635419][ T5908] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 107.813362][ T6464] chnl_net:caif_netlink_parms(): no params data found
[ 107.917235][ T6464] bridge0: port 1(bridge_slave_0) entered blocking state
[ 107.927470][ T6464] bridge0: port 1(bridge_slave_0) entered disabled state
[ 107.935228][ T6464] bridge_slave_0: entered allmulticast mode
[ 107.942950][ T6464] bridge_slave_0: entered promiscuous mode
[ 107.953276][ T6464] bridge0: port 2(bridge_slave_1) entered blocking state
[ 107.961029][ T6464] bridge0: port 2(bridge_slave_1) entered disabled state
[ 107.968293][ T6464] bridge_slave_1: entered allmulticast mode
[ 107.975591][ T6464] bridge_slave_1: entered promiscuous mode
[ 108.016021][ T6464] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 108.034033][ T6464] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 108.072204][ T6464] team0: Port device team_slave_0 added
[ 108.083782][ T6464] team0: Port device team_slave_1 added
[ 108.113747][ T6464] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 108.123654][ T6464] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 108.152935][ T6464] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 108.167195][ T6464] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 108.177235][ T6464] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 108.206462][ T6464] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 108.254943][ T6464] hsr_slave_0: entered promiscuous mode
[ 108.264038][ T6464] hsr_slave_1: entered promiscuous mode
[ 108.271664][ T6464] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 108.282083][ T6464] Cannot create hsr debugfs directory
[ 109.059381][ T53] bridge_slave_1: left allmulticast mode
[ 109.065117][ T53] bridge_slave_1: left promiscuous mode
[ 109.073649][ T53] bridge0: port 2(bridge_slave_1) entered disabled state
[ 109.083562][ T53] bridge_slave_0: left allmulticast mode
[ 109.093590][ T53] bridge_slave_0: left promiscuous mode
[ 109.099834][ T53] bridge0: port 1(bridge_slave_0) entered disabled state
[ 109.451418][ T53] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 109.463924][ T53] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 109.474383][ T53] bond0 (unregistering): Released all slaves
[ 109.582718][ T53] hsr_slave_0: left promiscuous mode
[ 109.589304][ T53] hsr_slave_1: left promiscuous mode
[ 109.595265][ T53] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 109.605017][ T53] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 109.620467][ T53] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 109.627913][ T53] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 109.647825][ T53] veth1_macvtap: left promiscuous mode
[ 109.653927][ T53] veth0_macvtap: left promiscuous mode
[ 109.660212][ T53] veth1_vlan: left promiscuous mode
[ 109.665559][ T53] veth0_vlan: left promiscuous mode
[ 109.679194][ T5908] Bluetooth: hci0: command tx timeout
[ 110.126619][ T53] team0 (unregistering): Port device team_slave_1 removed
[ 110.163757][ T53] team0 (unregistering): Port device team_slave_0 removed
[ 110.725701][ T6464] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 110.742273][ T6464] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 110.765095][ T6464] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 110.776197][ T6464] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 110.867328][ T6464] 8021q: adding VLAN 0 to HW filter on device bond0
[ 110.892170][ T6464] 8021q: adding VLAN 0 to HW filter on device team0
[ 110.915676][ T62] bridge0: port 1(bridge_slave_0) entered blocking state
[ 110.922861][ T62] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 110.933297][ T62] bridge0: port 2(bridge_slave_1) entered blocking state
[ 110.940465][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 111.506736][ T6464] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 111.549757][ T6464] veth0_vlan: entered promiscuous mode
[ 111.582315][ T6464] veth1_vlan: entered promiscuous mode
[ 111.639638][ T6464] veth0_macvtap: entered promiscuous mode
[ 111.661681][ T6464] veth1_macvtap: entered promiscuous mode
[ 111.690281][ T6464] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 111.721233][ T6464] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 111.742789][ T6464] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 111.759442][ T5908] Bluetooth: hci0: command tx timeout
[ 111.759615][ T6464] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 111.775140][ T6464] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 111.784987][ T6464] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 111.863797][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 111.877405][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 111.901964][ T4893] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 111.911683][ T4893] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 112.230353][ T5982] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 112.398769][ T5982] usb 1-1: Using ep0 maxpacket: 16
[ 112.413461][ T5982] usb 1-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[ 112.424493][ T5982] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 112.433221][ T5982] usb 1-1: Product: syz
[ 112.437510][ T5982] usb 1-1: Manufacturer: syz
[ 112.442640][ T5982] usb 1-1: SerialNumber: syz
[ 112.459621][ T5982] usb 1-1: config 0 descriptor??
[ 112.477972][ T5982] as10x_usb: device has been detected
[ 112.485685][ T5982] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[ 112.509643][ T5982] usb 1-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[ 112.534774][ T5982] as10x_usb: error during firmware upload part1
[ 112.542757][ T5982] Registered device Sky IT Digital Key (green led)
[ 112.671557][ T6657] random: crng reseeded on system resumption
[ 112.694172][ T6657] FAULT_INJECTION: forcing a failure.
[ 112.694172][ T6657] name failslab, interval 1, probability 0, space 0, times 1
[ 112.707574][ T6657] CPU: 1 UID: 0 PID: 6657 Comm: syz.0.15 Not tainted 6.14.0-rc5-syzkaller-00218-g2a520073e74f #0
[ 112.707594][ T6657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 112.707609][ T6657] Call Trace:
[ 112.707615][ T6657] <TASK>
[ 112.707623][ T6657] dump_stack_lvl+0x241/0x360
[ 112.707664][ T6657] ? __pfx_dump_stack_lvl+0x10/0x10
[ 112.707681][ T6657] ? __pfx__printk+0x10/0x10
[ 112.707699][ T6657] ? do_raw_spin_lock+0x14f/0x370
[ 112.707732][ T6657] should_fail_ex+0x40a/0x550
[ 112.707759][ T6657] should_failslab+0xac/0x100
[ 112.707782][ T6657] __kmalloc_cache_noprof+0x70/0x390
[ 112.707802][ T6657] ? dev_create_fw_entry+0x74/0x190
[ 112.707826][ T6657] ? __pfx_fw_name_devm_release+0x10/0x10
[ 112.707843][ T6657] dev_create_fw_entry+0x74/0x190
[ 112.707865][ T6657] ? __pfx_fw_name_devm_release+0x10/0x10
[ 112.707881][ T6657] devres_for_each_res+0x129/0x190
[ 112.707900][ T6657] ? __pfx_dev_create_fw_entry+0x10/0x10
[ 112.707919][ T6657] ? __pfx_devm_name_match+0x10/0x10
[ 112.707942][ T6657] dev_cache_fw_image+0xda/0x3e0
[ 112.707968][ T6657] ? __pfx_dev_cache_fw_image+0x10/0x10
[ 112.707985][ T6657] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 112.708018][ T6657] ? __pfx_dev_cache_fw_image+0x10/0x10
[ 112.708037][ T6657] dpm_for_each_dev+0x58/0xc0
[ 112.708059][ T6657] fw_pm_notify+0x24a/0x2f0
[ 112.708078][ T6657] ? __pfx_fw_pm_notify+0x10/0x10
[ 112.708096][ T6657] ? rcu_is_watching+0x15/0xb0
[ 112.708114][ T6657] ? __pfx_autoremove_wake_function+0x10/0x10
[ 112.708139][ T6657] ? __mutex_lock+0x397/0x1010
[ 112.708161][ T6657] ? rcu_is_watching+0x15/0xb0
[ 112.708185][ T6657] notifier_call_chain+0x1a5/0x3f0
[ 112.708215][ T6657] blocking_notifier_call_chain_robust+0xe8/0x1e0
[ 112.708242][ T6657] ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10
[ 112.708266][ T6657] ? chrdev_open+0x36e/0x600
[ 112.708294][ T6657] pm_notifier_call_chain_robust+0x2c/0x60
[ 112.708318][ T6657] snapshot_open+0x132/0x280
[ 112.708340][ T6657] ? __pfx_snapshot_open+0x10/0x10
[ 112.708385][ T6657] misc_open+0x2cc/0x340
[ 112.708412][ T6657] chrdev_open+0x521/0x600
[ 112.708438][ T6657] ? __pfx_chrdev_open+0x10/0x10
[ 112.708462][ T6657] ? file_set_fsnotify_mode_from_watchers+0x123/0x640
[ 112.708489][ T6657] ? __pfx_chrdev_open+0x10/0x10
[ 112.708507][ T6657] do_dentry_open+0xdec/0x1960
[ 112.708535][ T6657] ? vfs_open+0x31/0x370
[ 112.708558][ T6657] vfs_open+0x3b/0x370
[ 112.708580][ T6657] path_openat+0x2c81/0x3590
[ 112.708622][ T6657] ? __pfx_path_openat+0x10/0x10
[ 112.708659][ T6657] do_filp_open+0x27f/0x4e0
[ 112.708677][ T6657] ? __pfx_do_filp_open+0x10/0x10
[ 112.708689][ T6657] ? do_raw_spin_lock+0x14f/0x370
[ 112.708741][ T6657] do_sys_openat2+0x13e/0x1d0
[ 112.708765][ T6657] ? __pfx_do_sys_openat2+0x10/0x10
[ 112.708784][ T6657] ? __fget_files+0x2a/0x410
[ 112.708808][ T6657] ? __fget_files+0x2a/0x410
[ 112.708834][ T6657] __x64_sys_openat+0x247/0x2a0
[ 112.708857][ T6657] ? __pfx___x64_sys_openat+0x10/0x10
[ 112.708882][ T6657] ? do_syscall_64+0x100/0x230
[ 112.708907][ T6657] ? do_syscall_64+0xb6/0x230
[ 112.708929][ T6657] do_syscall_64+0xf3/0x230
[ 112.708950][ T6657] ? clear_bhb_loop+0x35/0x90
[ 112.708974][ T6657] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 112.709002][ T6657] RIP: 0033:0x7f6d68b79ef9
[ 112.709021][ T6657] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 112.709033][ T6657] RSP: 002b:00007f6d69959038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 112.709051][ T6657] RAX: ffffffffffffffda RBX: 00007f6d68d15f80 RCX: 00007f6d68b79ef9
[ 112.709063][ T6657] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: ffffffffffffff9c
[ 112.709072][ T6657] RBP: 00007f6d69959090 R08: 0000000000000000 R09: 0000000000000000
[ 112.709082][ T6657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 112.709091][ T6657] R13: 0000000000000000 R14: 00007f6d68d15f80 R15: 00007ffde4509b28
[ 112.709120][ T6657] </TASK>
[ 113.317356][ T26] usb 1-1: USB disconnect, device number 2
[ 113.338931][ T26] Unregistered device Sky IT Digital Key (green led)
[ 113.347150][ T26] as10x_usb: device has been disconnected
2025/03/08 12:34:43 executed programs: 3
[ 113.839711][ T5908] Bluetooth: hci0: command tx timeout
[ 114.089880][ T5982] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[ 114.248829][ T5982] usb 1-1: Using ep0 maxpacket: 16
[ 114.258342][ T5982] usb 1-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[ 114.267546][ T5982] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 114.275631][ T5982] usb 1-1: Product: syz
[ 114.279828][ T5982] usb 1-1: Manufacturer: syz
[ 114.284427][ T5982] usb 1-1: SerialNumber: syz
[ 114.290829][ T5982] usb 1-1: config 0 descriptor??
[ 114.299618][ T5982] as10x_usb: device has been detected
[ 114.305262][ T5982] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[ 114.321100][ T5982] usb 1-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[ 114.333456][ T5982] as10x_usb: error during firmware upload part1
[ 114.340362][ T5982] Registered device Sky IT Digital Key (green led)
[ 114.498543][ T6728] random: crng reseeded on system resumption
[ 114.514869][ T6728] FAULT_INJECTION: forcing a failure.
[ 114.514869][ T6728] name failslab, interval 1, probability 0, space 0, times 0
[ 114.527912][ T6728] CPU: 1 UID: 0 PID: 6728 Comm: syz.0.16 Not tainted 6.14.0-rc5-syzkaller-00218-g2a520073e74f #0
[ 114.527932][ T6728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 114.527940][ T6728] Call Trace:
[ 114.527946][ T6728] <TASK>
[ 114.527951][ T6728] dump_stack_lvl+0x241/0x360
[ 114.527973][ T6728] ? __pfx_dump_stack_lvl+0x10/0x10
[ 114.527989][ T6728] ? __pfx__printk+0x10/0x10
[ 114.528014][ T6728] should_fail_ex+0x40a/0x550
[ 114.528038][ T6728] ? __pfx___async_dev_cache_fw_image+0x10/0x10
[ 114.528060][ T6728] should_failslab+0xac/0x100
[ 114.528084][ T6728] __kmalloc_cache_noprof+0x70/0x390
[ 114.528105][ T6728] ? async_schedule_node_domain+0x5c/0x110
[ 114.528125][ T6728] ? __pfx___async_dev_cache_fw_image+0x10/0x10
[ 114.528146][ T6728] async_schedule_node_domain+0x5c/0x110
[ 114.528171][ T6728] dev_cache_fw_image+0x36d/0x3e0
[ 114.528213][ T6728] ? __pfx_dev_cache_fw_image+0x10/0x10
[ 114.528227][ T6728] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 114.528251][ T6728] ? __pfx_dev_cache_fw_image+0x10/0x10
[ 114.528265][ T6728] dpm_for_each_dev+0x58/0xc0
[ 114.528287][ T6728] fw_pm_notify+0x24a/0x2f0
[ 114.528307][ T6728] ? __pfx_fw_pm_notify+0x10/0x10
[ 114.528324][ T6728] ? rcu_is_watching+0x15/0xb0
[ 114.528342][ T6728] ? __pfx_autoremove_wake_function+0x10/0x10
[ 114.528368][ T6728] ? __mutex_lock+0x397/0x1010
[ 114.528390][ T6728] ? rcu_is_watching+0x15/0xb0
[ 114.528414][ T6728] notifier_call_chain+0x1a5/0x3f0
[ 114.528443][ T6728] blocking_notifier_call_chain_robust+0xe8/0x1e0
[ 114.528481][ T6728] ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10
[ 114.528504][ T6728] ? chrdev_open+0xfb/0x600
[ 114.528531][ T6728] pm_notifier_call_chain_robust+0x2c/0x60
[ 114.528557][ T6728] snapshot_open+0x132/0x280
[ 114.528579][ T6728] ? __pfx_snapshot_open+0x10/0x10
[ 114.528602][ T6728] misc_open+0x2cc/0x340
[ 114.528631][ T6728] chrdev_open+0x521/0x600
[ 114.528671][ T6728] ? __pfx_chrdev_open+0x10/0x10
[ 114.528693][ T6728] ? file_set_fsnotify_mode_from_watchers+0x123/0x640
[ 114.528718][ T6728] ? __pfx_chrdev_open+0x10/0x10
[ 114.528735][ T6728] do_dentry_open+0xdec/0x1960
[ 114.528764][ T6728] ? vfs_open+0x31/0x370
[ 114.528786][ T6728] vfs_open+0x3b/0x370
[ 114.528807][ T6728] path_openat+0x2c81/0x3590
[ 114.528850][ T6728] ? __pfx_path_openat+0x10/0x10
[ 114.528881][ T6728] do_filp_open+0x27f/0x4e0
[ 114.528901][ T6728] ? __pfx_do_filp_open+0x10/0x10
[ 114.528915][ T6728] ? do_raw_spin_lock+0x14f/0x370
[ 114.528976][ T6728] do_sys_openat2+0x13e/0x1d0
[ 114.529001][ T6728] ? __pfx_do_sys_openat2+0x10/0x10
[ 114.529021][ T6728] ? __fget_files+0x2a/0x410
[ 114.529045][ T6728] ? __fget_files+0x2a/0x410
[ 114.529074][ T6728] __x64_sys_openat+0x247/0x2a0
[ 114.529099][ T6728] ? __pfx___x64_sys_openat+0x10/0x10
[ 114.529125][ T6728] ? do_syscall_64+0x100/0x230
[ 114.529151][ T6728] ? do_syscall_64+0xb6/0x230
[ 114.529176][ T6728] do_syscall_64+0xf3/0x230
[ 114.529198][ T6728] ? clear_bhb_loop+0x35/0x90
[ 114.529222][ T6728] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 114.529243][ T6728] RIP: 0033:0x7f6d68b79ef9
[ 114.529260][ T6728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 114.529272][ T6728] RSP: 002b:00007f6d69959038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 114.529290][ T6728] RAX: ffffffffffffffda RBX: 00007f6d68d15f80 RCX: 00007f6d68b79ef9
[ 114.529301][ T6728] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: ffffffffffffff9c
[ 114.529310][ T6728] RBP: 00007f6d69959090 R08: 0000000000000000 R09: 0000000000000000
[ 114.529319][ T6728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 114.529328][ T6728] R13: 0000000000000000 R14: 00007f6d68d15f80 R15: 00007ffde4509b28
[ 114.529357][ T6728] </TASK>
[ 114.900659][ T6728]
[ 114.903030][ T6728] ============================================
[ 114.909198][ T6728] WARNING: possible recursive locking detected
[ 114.915340][ T6728] 6.14.0-rc5-syzkaller-00218-g2a520073e74f #0 Not tainted
[ 114.922440][ T6728] --------------------------------------------
[ 114.928584][ T6728] syz.0.16/6728 is trying to acquire lock:
[ 114.934387][ T6728] ffffffff8f4e8548 (fw_lock){+.+.}-{4:4}, at: assign_fw+0x56/0x890
[ 114.942385][ T6728]
[ 114.942385][ T6728] but task is already holding lock:
[ 114.949758][ T6728] ffffffff8f4e8548 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x232/0x2f0
[ 114.958013][ T6728]
[ 114.958013][ T6728] other info that might help us debug this:
[ 114.966108][ T6728] Possible unsafe locking scenario:
[ 114.966108][ T6728]
[ 114.973546][ T6728] CPU0
[ 114.976815][ T6728] ----
[ 114.980080][ T6728] lock(fw_lock);
[ 114.983801][ T6728] lock(fw_lock);
[ 114.987582][ T6728]
[ 114.987582][ T6728] *** DEADLOCK ***
[ 114.987582][ T6728]
[ 114.995723][ T6728] May be due to missing lock nesting notation
[ 114.995723][ T6728]
[ 115.004044][ T6728] 5 locks held by syz.0.16/6728:
[ 115.009016][ T6728] #0: ffffffff8f39a4c8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[ 115.017457][ T6728] #1: ffffffff8e9ed2a8 (system_transition_mutex){+.+.}-{4:4}, at: lock_system_sleep+0x60/0xa0
[ 115.027809][ T6728] #2: ffffffff8ea0cb30 ((pm_chain_head).rwsem){++++}-{4:4}, at: blocking_notifier_call_chain_robust+0xac/0x1e0
[ 115.039638][ T6728] #3: ffffffff8f4e8548 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x232/0x2f0
[ 115.048337][ T6728] #4: ffffffff8f4e37c8 (dpm_list_mtx){+.+.}-{4:4}, at: dpm_for_each_dev+0x2b/0xc0
[ 115.057655][ T6728]
[ 115.057655][ T6728] stack backtrace:
[ 115.063545][ T6728] CPU: 1 UID: 0 PID: 6728 Comm: syz.0.16 Not tainted 6.14.0-rc5-syzkaller-00218-g2a520073e74f #0
[ 115.063561][ T6728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 115.063569][ T6728] Call Trace:
[ 115.063575][ T6728] <TASK>
[ 115.063581][ T6728] dump_stack_lvl+0x241/0x360
[ 115.063600][ T6728] ? __pfx_dump_stack_lvl+0x10/0x10
[ 115.063613][ T6728] ? __pfx__printk+0x10/0x10
[ 115.063624][ T6728] ? lockdep_unlock+0x16a/0x300
[ 115.063643][ T6728] print_deadlock_bug+0x483/0x620
[ 115.063657][ T6728] ? validate_chain+0x11e/0x5920
[ 115.063670][ T6728] validate_chain+0x15e2/0x5920
[ 115.063683][ T6728] ? mark_lock+0x9a/0x360
[ 115.063699][ T6728] ? __pfx_validate_chain+0x10/0x10
[ 115.063713][ T6728] ? __lock_acquire+0x1397/0x2100
[ 115.063739][ T6728] ? mark_lock+0x9a/0x360
[ 115.063750][ T6728] ? mark_lock+0x9a/0x360
[ 115.063762][ T6728] __lock_acquire+0x1397/0x2100
[ 115.063784][ T6728] lock_acquire+0x1ed/0x550
[ 115.063800][ T6728] ? assign_fw+0x56/0x890
[ 115.063816][ T6728] ? __pfx_lock_acquire+0x10/0x10
[ 115.063834][ T6728] ? __pfx___might_resched+0x10/0x10
[ 115.063849][ T6728] ? kasan_save_track+0x51/0x80
[ 115.063862][ T6728] ? kasan_save_track+0x3f/0x80
[ 115.063874][ T6728] ? kasan_save_free_info+0x40/0x50
[ 115.063891][ T6728] ? __kasan_slab_free+0x59/0x70
[ 115.063903][ T6728] ? kmem_cache_free+0x195/0x410
[ 115.063920][ T6728] ? __async_dev_cache_fw_image+0xe7/0x320
[ 115.063934][ T6728] ? async_schedule_node_domain+0xdc/0x110
[ 115.063949][ T6728] ? dev_cache_fw_image+0x36d/0x3e0
[ 115.063963][ T6728] ? fw_pm_notify+0x24a/0x2f0
[ 115.063978][ T6728] __mutex_lock+0x19c/0x1010
[ 115.063996][ T6728] ? assign_fw+0x56/0x890
[ 115.064008][ T6728] ? do_sys_openat2+0x13e/0x1d0
[ 115.064025][ T6728] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 115.064044][ T6728] ? assign_fw+0x56/0x890
[ 115.064057][ T6728] ? __pfx___mutex_lock+0x10/0x10
[ 115.064073][ T6728] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 115.064094][ T6728] ? kasan_quarantine_put+0xdc/0x230
[ 115.064107][ T6728] ? lockdep_hardirqs_on+0x99/0x150
[ 115.064124][ T6728] assign_fw+0x56/0x890
[ 115.064137][ T6728] ? kmem_cache_free+0x195/0x410
[ 115.064153][ T6728] ? _request_firmware+0xdac/0x1430
[ 115.064167][ T6728] _request_firmware+0xe75/0x1430
[ 115.064187][ T6728] ? __pfx__request_firmware+0x10/0x10
[ 115.064200][ T6728] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 115.064218][ T6728] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 115.064244][ T6728] __async_dev_cache_fw_image+0xe7/0x320
[ 115.064260][ T6728] ? __pfx___async_dev_cache_fw_image+0x10/0x10
[ 115.064275][ T6728] ? rcu_is_watching+0x15/0xb0
[ 115.064288][ T6728] ? async_schedule_node_domain+0xa3/0x110
[ 115.064303][ T6728] ? kfree+0x4e/0x430
[ 115.064316][ T6728] ? __kmalloc_cache_noprof+0x243/0x390
[ 115.064332][ T6728] ? async_schedule_node_domain+0x5c/0x110
[ 115.064347][ T6728] ? __pfx___async_dev_cache_fw_image+0x10/0x10
[ 115.064362][ T6728] async_schedule_node_domain+0xdc/0x110
[ 115.064378][ T6728] dev_cache_fw_image+0x36d/0x3e0
[ 115.064395][ T6728] ? __pfx_dev_cache_fw_image+0x10/0x10
[ 115.064409][ T6728] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 115.064427][ T6728] ? __pfx_dev_cache_fw_image+0x10/0x10
[ 115.064441][ T6728] dpm_for_each_dev+0x58/0xc0
[ 115.064457][ T6728] fw_pm_notify+0x24a/0x2f0
[ 115.064470][ T6728] ? __pfx_fw_pm_notify+0x10/0x10
[ 115.064485][ T6728] ? rcu_is_watching+0x15/0xb0
[ 115.064497][ T6728] ? __pfx_autoremove_wake_function+0x10/0x10
[ 115.064516][ T6728] ? __mutex_lock+0x397/0x1010
[ 115.064532][ T6728] ? rcu_is_watching+0x15/0xb0
[ 115.064547][ T6728] notifier_call_chain+0x1a5/0x3f0
[ 115.064565][ T6728] blocking_notifier_call_chain_robust+0xe8/0x1e0
[ 115.064584][ T6728] ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10
[ 115.064602][ T6728] ? chrdev_open+0xfb/0x600
[ 115.064619][ T6728] pm_notifier_call_chain_robust+0x2c/0x60
[ 115.064637][ T6728] snapshot_open+0x132/0x280
[ 115.064655][ T6728] ? __pfx_snapshot_open+0x10/0x10
[ 115.064673][ T6728] misc_open+0x2cc/0x340
[ 115.064691][ T6728] chrdev_open+0x521/0x600
[ 115.064708][ T6728] ? __pfx_chrdev_open+0x10/0x10
[ 115.064723][ T6728] ? file_set_fsnotify_mode_from_watchers+0x123/0x640
[ 115.064741][ T6728] ? __pfx_chrdev_open+0x10/0x10
[ 115.064755][ T6728] do_dentry_open+0xdec/0x1960
[ 115.064772][ T6728] ? vfs_open+0x31/0x370
[ 115.064788][ T6728] vfs_open+0x3b/0x370
[ 115.064804][ T6728] path_openat+0x2c81/0x3590
[ 115.064826][ T6728] ? __pfx_path_openat+0x10/0x10
[ 115.064843][ T6728] do_filp_open+0x27f/0x4e0
[ 115.064856][ T6728] ? __pfx_do_filp_open+0x10/0x10
[ 115.064867][ T6728] ? do_raw_spin_lock+0x14f/0x370
[ 115.064892][ T6728] do_sys_openat2+0x13e/0x1d0
[ 115.064909][ T6728] ? __pfx_do_sys_openat2+0x10/0x10
[ 115.064924][ T6728] ? __fget_files+0x2a/0x410
[ 115.064941][ T6728] ? __fget_files+0x2a/0x410
[ 115.064959][ T6728] __x64_sys_openat+0x247/0x2a0
[ 115.064976][ T6728] ? __pfx___x64_sys_openat+0x10/0x10
[ 115.064993][ T6728] ? do_syscall_64+0x100/0x230
[ 115.065011][ T6728] ? do_syscall_64+0xb6/0x230
[ 115.065028][ T6728] do_syscall_64+0xf3/0x230
[ 115.065044][ T6728] ? clear_bhb_loop+0x35/0x90
[ 115.065061][ T6728] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 115.065078][ T6728] RIP: 0033:0x7f6d68b79ef9
[ 115.065090][ T6728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 115.065100][ T6728] RSP: 002b:00007f6d69959038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 115.065114][ T6728] RAX: ffffffffffffffda RBX: 00007f6d68d15f80 RCX: 00007f6d68b79ef9
[ 115.065123][ T6728] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: ffffffffffffff9c
[ 115.065131][ T6728] RBP: 00007f6d69959090 R08: 0000000000000000 R09: 0000000000000000
[ 115.065139][ T6728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 115.065146][ T6728] R13: 0000000000000000 R14: 00007f6d68d15f80 R15: 00007ffde4509b28
[ 115.065159][ T6728] </TASK>
[ 115.918730][ T5908] Bluetooth: hci0: command tx timeout