Warning: Permanently added '10.128.10.43' (ED25519) to the list of known hosts.
2025/03/21 06:57:21 ignoring optional flag "sandboxArg"="0"
2025/03/21 06:57:21 parsed 1 programs
[ 50.624681][ T28] kauditd_printk_skb: 32 callbacks suppressed
[ 50.624697][ T28] audit: type=1400 audit(1742540242.473:108): avc: denied { unlink } for pid=407 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 50.671768][ T407] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 51.178423][ T28] audit: type=1401 audit(1742540243.023:109): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
[ 51.465061][ T431] bridge0: port 1(bridge_slave_0) entered blocking state
[ 51.472109][ T431] bridge0: port 1(bridge_slave_0) entered disabled state
[ 51.499652][ T431] device bridge_slave_0 entered promiscuous mode
[ 51.508935][ T431] bridge0: port 2(bridge_slave_1) entered blocking state
[ 51.515891][ T431] bridge0: port 2(bridge_slave_1) entered disabled state
[ 51.523212][ T431] device bridge_slave_1 entered promiscuous mode
[ 51.704731][ T431] bridge0: port 2(bridge_slave_1) entered blocking state
[ 51.711662][ T431] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 51.719186][ T431] bridge0: port 1(bridge_slave_0) entered blocking state
[ 51.726433][ T431] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 51.750378][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 51.759077][ T8] bridge0: port 1(bridge_slave_0) entered disabled state
[ 51.767093][ T8] bridge0: port 2(bridge_slave_1) entered disabled state
[ 51.777130][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 51.785376][ T8] bridge0: port 1(bridge_slave_0) entered blocking state
[ 51.792226][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 51.801355][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 51.809552][ T8] bridge0: port 2(bridge_slave_1) entered blocking state
[ 51.816460][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 51.832200][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 51.841911][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 51.857052][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 51.869172][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 51.877467][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 51.885104][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 51.893667][ T431] device veth0_vlan entered promiscuous mode
2025/03/21 06:57:23 executed programs: 0
[ 51.906243][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 51.917342][ T431] device veth1_macvtap entered promiscuous mode
[ 51.928279][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 51.938688][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 52.178664][ T471] bridge0: port 1(bridge_slave_0) entered blocking state
[ 52.185772][ T471] bridge0: port 1(bridge_slave_0) entered disabled state
[ 52.193147][ T471] device bridge_slave_0 entered promiscuous mode
[ 52.201417][ T471] bridge0: port 2(bridge_slave_1) entered blocking state
[ 52.208485][ T471] bridge0: port 2(bridge_slave_1) entered disabled state
[ 52.215987][ T471] device bridge_slave_1 entered promiscuous mode
[ 52.289000][ T474] bridge0: port 1(bridge_slave_0) entered blocking state
[ 52.296656][ T474] bridge0: port 1(bridge_slave_0) entered disabled state
[ 52.304085][ T474] device bridge_slave_0 entered promiscuous mode
[ 52.313028][ T474] bridge0: port 2(bridge_slave_1) entered blocking state
[ 52.320380][ T474] bridge0: port 2(bridge_slave_1) entered disabled state
[ 52.327769][ T474] device bridge_slave_1 entered promiscuous mode
[ 52.401404][ T477] bridge0: port 1(bridge_slave_0) entered blocking state
[ 52.408345][ T477] bridge0: port 1(bridge_slave_0) entered disabled state
[ 52.416347][ T477] device bridge_slave_0 entered promiscuous mode
[ 52.423440][ T477] bridge0: port 2(bridge_slave_1) entered blocking state
[ 52.430794][ T477] bridge0: port 2(bridge_slave_1) entered disabled state
[ 52.438363][ T477] device bridge_slave_1 entered promiscuous mode
[ 52.548266][ T475] bridge0: port 1(bridge_slave_0) entered blocking state
[ 52.555432][ T475] bridge0: port 1(bridge_slave_0) entered disabled state
[ 52.564082][ T475] device bridge_slave_0 entered promiscuous mode
[ 52.585299][ T475] bridge0: port 2(bridge_slave_1) entered blocking state
[ 52.592180][ T475] bridge0: port 2(bridge_slave_1) entered disabled state
[ 52.599898][ T475] device bridge_slave_1 entered promiscuous mode
[ 52.611904][ T478] bridge0: port 1(bridge_slave_0) entered blocking state
[ 52.619322][ T478] bridge0: port 1(bridge_slave_0) entered disabled state
[ 52.626696][ T478] device bridge_slave_0 entered promiscuous mode
[ 52.649652][ T478] bridge0: port 2(bridge_slave_1) entered blocking state
[ 52.656627][ T478] bridge0: port 2(bridge_slave_1) entered disabled state
[ 52.664283][ T478] device bridge_slave_1 entered promiscuous mode
[ 52.803475][ T477] bridge0: port 2(bridge_slave_1) entered blocking state
[ 52.810627][ T477] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 52.817976][ T477] bridge0: port 1(bridge_slave_0) entered blocking state
[ 52.824945][ T477] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 52.869107][ T475] bridge0: port 2(bridge_slave_1) entered blocking state
[ 52.876071][ T475] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 52.883195][ T475] bridge0: port 1(bridge_slave_0) entered blocking state
[ 52.889992][ T475] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 52.932404][ T478] bridge0: port 2(bridge_slave_1) entered blocking state
[ 52.939401][ T478] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 52.947232][ T478] bridge0: port 1(bridge_slave_0) entered blocking state
[ 52.954384][ T478] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 52.999468][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 53.006989][ T10] bridge0: port 1(bridge_slave_0) entered disabled state
[ 53.014519][ T10] bridge0: port 2(bridge_slave_1) entered disabled state
[ 53.022648][ T10] bridge0: port 1(bridge_slave_0) entered disabled state
[ 53.031031][ T10] bridge0: port 2(bridge_slave_1) entered disabled state
[ 53.039688][ T10] bridge0: port 1(bridge_slave_0) entered disabled state
[ 53.047167][ T10] bridge0: port 2(bridge_slave_1) entered disabled state
[ 53.056210][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 53.063952][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 53.090151][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 53.098674][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 53.106938][ T10] bridge0: port 1(bridge_slave_0) entered blocking state
[ 53.114191][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 53.121832][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 53.130953][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 53.139647][ T10] bridge0: port 2(bridge_slave_1) entered blocking state
[ 53.146516][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 53.154897][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 53.163173][ T10] bridge0: port 1(bridge_slave_0) entered blocking state
[ 53.170160][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 53.178103][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 53.186649][ T10] bridge0: port 2(bridge_slave_1) entered blocking state
[ 53.193595][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 53.201674][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 53.209325][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 53.217170][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 53.226295][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 53.234895][ T10] bridge0: port 1(bridge_slave_0) entered blocking state
[ 53.242028][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 53.253209][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 53.261007][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 53.304309][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 53.312861][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 53.323278][ T10] bridge0: port 1(bridge_slave_0) entered blocking state
[ 53.330286][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 53.337841][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 53.346214][ T10] bridge0: port 2(bridge_slave_1) entered blocking state
[ 53.353354][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 53.360755][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 53.386428][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 53.405378][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 53.413792][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 53.423205][ T10] bridge0: port 2(bridge_slave_1) entered blocking state
[ 53.430192][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 53.438452][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 53.447085][ T10] bridge0: port 1(bridge_slave_0) entered blocking state
[ 53.454482][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 53.461999][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 53.470949][ T10] bridge0: port 2(bridge_slave_1) entered blocking state
[ 53.477844][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 53.485971][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 53.494073][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 53.502426][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 53.510359][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 53.518616][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 53.526743][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 53.534862][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 53.542844][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 53.551036][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 53.579150][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 53.587221][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 53.596520][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 53.605239][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 53.613133][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 53.621552][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 53.629626][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 53.637693][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 53.649422][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 53.657851][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 53.670124][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 53.678668][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 53.694880][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 53.703208][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 53.720702][ T478] device veth0_vlan entered promiscuous mode
[ 53.731648][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 53.739707][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 53.747934][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 53.756106][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 53.763973][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 53.772095][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 53.780522][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 53.788250][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 53.795622][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 53.803027][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 53.810709][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 53.818529][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 53.826546][ T477] device veth0_vlan entered promiscuous mode
[ 53.832797][ T474] device veth0_vlan entered promiscuous mode
[ 53.861072][ T475] device veth0_vlan entered promiscuous mode
[ 53.869485][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 53.878254][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 53.886947][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 53.895440][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 53.903702][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 53.912079][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 53.920395][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 53.928838][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 53.936908][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 53.945243][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 53.953243][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 53.960892][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 53.968487][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 53.976096][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 53.984949][ T471] device veth0_vlan entered promiscuous mode
[ 53.992634][ T478] device veth1_macvtap entered promiscuous mode
[ 54.002234][ T474] device veth1_macvtap entered promiscuous mode
[ 54.014396][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 54.021910][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 54.038330][ T477] device veth1_macvtap entered promiscuous mode
[ 54.048218][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 54.056778][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 54.066485][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 54.074944][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 54.083212][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 54.092403][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 54.101183][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 54.118831][ T475] device veth1_macvtap entered promiscuous mode
[ 54.133324][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 54.141907][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 54.150699][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 54.159356][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 54.167999][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 54.176942][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 54.185617][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 54.194789][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 54.209476][ T471] device veth1_macvtap entered promiscuous mode
[ 54.224903][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 54.233201][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 54.241830][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 54.249800][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 54.258836][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 54.268525][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 54.277153][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 54.306959][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 54.315526][ T28] audit: type=1400 audit(1742540246.163:110): avc: denied { ioctl } for pid=497 comm="syz.6.19" path="socket:[17143]" dev="sockfs" ino=17143 ioctlcmd=0x48e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 54.315989][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 54.350110][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 54.358578][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 54.376619][ T350] device bridge_slave_1 left promiscuous mode
[ 54.382692][ T350] bridge0: port 2(bridge_slave_1) entered disabled state
[ 54.390392][ T350] device bridge_slave_0 left promiscuous mode
[ 54.400495][ T350] bridge0: port 1(bridge_slave_0) entered disabled state
[ 54.405760][ T28] audit: type=1400 audit(1742540246.243:111): avc: denied { create } for pid=501 comm="syz.3.18" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 54.412013][ T8] Bluetooth: hci1: Frame reassembly failed (-84)
[ 54.427350][ T28] audit: type=1400 audit(1742540246.253:112): avc: denied { ioctl } for pid=501 comm="syz.3.18" path="socket:[17157]" dev="sockfs" ino=17157 ioctlcmd=0x48e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 54.459345][ T350] device veth1_macvtap left promiscuous mode
[ 54.465693][ T350] device veth0_vlan left promiscuous mode
[ 54.577727][ T495] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 54.586357][ T495] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 54.622740][ T43] Bluetooth: hci2: Frame reassembly failed (-84)
[ 54.629438][ T43] Bluetooth: hci2: Frame reassembly failed (-84)
[ 54.637406][ T508] Bluetooth: hci3: Frame reassembly failed (-84)
[ 54.641675][ T495] Bluetooth: hci4: Frame reassembly failed (-84)
[ 55.497740][ T28] audit: type=1400 audit(1742540247.343:113): avc: denied { append } for pid=84 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 55.519991][ T28] audit: type=1400 audit(1742540247.343:114): avc: denied { open } for pid=84 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 55.542713][ T28] audit: type=1400 audit(1742540247.343:115): avc: denied { getattr } for pid=84 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 56.364336][ T498] Bluetooth: hci0: Opcode 0x080f failed: -110
[ 56.380834][ T350] Bluetooth: hci5: Frame reassembly failed (-84)
[ 56.454274][ T514] Bluetooth: hci1: command 0x1003 tx timeout
[ 56.454274][ T500] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 56.467019][ T502] Bluetooth: hci0: Opcode 0x080f failed: -4
[ 56.480879][ T43] Bluetooth: hci1: Frame reassembly failed (-84)
[ 56.684483][ T499] Bluetooth: hci3: Opcode 0x1003 failed: -110
[ 56.684555][ T503] Bluetooth: hci2: Opcode 0x1003 failed: -110
[ 56.690513][ T499] Bluetooth: hci2: command 0x1003 tx timeout
[ 56.702478][ T512] Bluetooth: hci4: command 0x1003 tx timeout
[ 56.704013][ T509] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 56.709656][ T507] Bluetooth: hci0: Opcode 0x080f failed: -4
[ 56.720250][ T506] Bluetooth: hci0: Opcode 0x080f failed: -4
[ 56.726098][ T511] Bluetooth: hci0: Opcode 0x080f failed: -4
[ 56.745342][ T43] Bluetooth: hci3: Frame reassembly failed (-84)
[ 56.751573][ T43] Bluetooth: hci0: Frame reassembly failed (-84)
2025/03/21 06:57:30 executed programs: 20
[ 58.444378][ T512] Bluetooth: hci5: command 0x1003 tx timeout
[ 58.444474][ T45] Bluetooth: hci5: Opcode 0x1003 failed: -110
[ 58.465226][ T350] Bluetooth: hci4: Frame reassembly failed (-84)
[ 58.524483][ T500] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 58.524540][ T514] Bluetooth: hci1: command 0x1003 tx timeout
[ 58.546942][ T495] Bluetooth: hci1: Frame reassembly failed (-84)
[ 58.764487][ T509] Bluetooth: hci2: Opcode 0x1003 failed: -110
[ 58.764486][ T499] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 58.764566][ T499] Bluetooth: hci3: command 0x1003 tx timeout
[ 58.775467][ T503] Bluetooth: hci3: Opcode 0x1003 failed: -110
[ 58.800079][ T350] Bluetooth: hci3: Frame reassembly failed (-84)
[ 59.745109][ T524] Bluetooth: hci0: Opcode 0x080f failed: -4
[ 59.758730][ T43] Bluetooth: hci0: Frame reassembly failed (-84)
[ 59.765042][ T43] Bluetooth: hci0: Frame reassembly failed (-84)
[ 60.524341][ T509] Bluetooth: hci4: command 0x1003 tx timeout
[ 60.524532][ T45] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 60.547045][ T495] Bluetooth: hci4: Frame reassembly failed (-84)
[ 60.604208][ T500] Bluetooth: hci1: command 0x1003 tx timeout
[ 60.604242][ T531] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 60.625750][ T350] Bluetooth: hci1: Frame reassembly failed (-84)
[ 60.844238][ T509] Bluetooth: hci3: command 0x1003 tx timeout
[ 60.844238][ T512] Bluetooth: hci3: Opcode 0x1003 failed: -110
[ 60.854213][ T503] Bluetooth: hci2: Opcode 0x1003 failed: -110
[ 60.856134][ T512] Bluetooth: hci2: command 0x1003 tx timeout
[ 60.874724][ T495] Bluetooth: hci2: Frame reassembly failed (-84)
[ 60.881007][ T500] Bluetooth: hci3: sending frame failed (-49)
[ 60.881094][ T495] Bluetooth: hci2: Frame reassembly failed (-84)
[ 60.893390][ T512] Bluetooth: hci3: Opcode 0x1003 failed: -49
[ 61.804243][ T499] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 62.604290][ T499] Bluetooth: hci4: command 0x1003 tx timeout
[ 62.604373][ T45] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 62.684228][ T531] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 62.684296][ T45] Bluetooth: hci1: command 0x1003 tx timeout
[ 62.706012][ T43] Bluetooth: hci1: Frame reassembly failed (-84)
[ 62.757452][ T540] Bluetooth: hci0: Opcode 0x080f failed: -4
[ 62.763300][ T543] Bluetooth: hci0: Opcode 0x080f failed: -4
[ 62.781060][ T350] Bluetooth: hci0: Frame reassembly failed (-84)
[ 62.784505][ T495] Bluetooth: hci4: Frame reassembly failed (-84)
[ 62.924192][ T500] Bluetooth: hci3: command 0x1003 tx timeout
[ 62.924193][ T503] Bluetooth: hci2: Opcode 0x1003 failed: -110
[ 62.924230][ T500] Bluetooth: hci2: command 0x1003 tx timeout
[ 62.930103][ T512] Bluetooth: hci3: Opcode 0x1003 failed: -110
[ 62.960185][ T43] Bluetooth: hci2: Frame reassembly failed (-84)
[ 62.960223][ T350] Bluetooth: hci3: Frame reassembly failed (-84)
2025/03/21 06:57:36 executed programs: 35
[ 64.764252][ T45] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 64.764250][ T503] Bluetooth: hci1: command 0x1003 tx timeout
[ 64.784550][ T350] Bluetooth: hci1: Frame reassembly failed (-84)
[ 64.844270][ T509] Bluetooth: hci4: command 0x1003 tx timeout
[ 64.844269][ T499] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 64.844308][ T509] Bluetooth: hci0: command 0x1003 tx timeout
[ 64.850149][ T531] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 64.868325][ T557] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 64.874464][ T559] Bluetooth: hci0: Opcode 0x080f failed: -4
[ 64.880318][ T561] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 64.886531][ T563] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 64.894720][ T43] Bluetooth: hci4: Frame reassembly failed (-84)
[ 64.904308][ T43] Bluetooth: hci0: Frame reassembly failed (-84)
[ 65.004369][ T500] Bluetooth: hci3: Opcode 0x1003 failed: -110
[ 65.004414][ T509] Bluetooth: hci3: command 0x1003 tx timeout
[ 65.011866][ T512] Bluetooth: hci2: Opcode 0x1003 failed: -110
[ 65.016260][ T499] Bluetooth: hci2: command 0x1003 tx timeout
[ 65.037147][ T43] Bluetooth: hci2: Frame reassembly failed (-84)
[ 65.045117][ T350] Bluetooth: hci3: Frame reassembly failed (-84)
[ 66.844242][ T45] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 66.844276][ T514] Bluetooth: hci1: command 0x1003 tx timeout
[ 66.864428][ T43] Bluetooth: hci1: Frame reassembly failed (-84)
[ 66.925156][ T509] Bluetooth: hci0: command 0x1003 tx timeout
[ 66.925166][ T531] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 66.938990][ T503] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 66.946067][ T571] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 66.952520][ T573] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 66.958595][ T575] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 66.973391][ T43] Bluetooth: hci0: Frame reassembly failed (-84)
[ 66.980600][ T43] Bluetooth: hci0: Frame reassembly failed (-84)
[ 67.084254][ T509] Bluetooth: hci3: command 0x1003 tx timeout
[ 67.084291][ T499] Bluetooth: hci3: Opcode 0x1003 failed: -110
[ 67.090242][ T509] Bluetooth: hci2: command 0x1003 tx timeout
[ 67.096314][ T512] Bluetooth: hci2: Opcode 0x1003 failed: -110
[ 67.117539][ T43] Bluetooth: hci3: Frame reassembly failed (-84)
[ 67.130367][ T350] Bluetooth: hci2: Frame reassembly failed (-84)
[ 68.924187][ T509] Bluetooth: hci1: command 0x1003 tx timeout
[ 68.924189][ T45] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 68.944440][ T508] Bluetooth: hci1: Frame reassembly failed (-84)
[ 69.004224][ T514] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 69.004267][ T531] Bluetooth: hci0: command 0x1003 tx timeout
[ 69.014180][ T503] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 69.024023][ T583] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 69.030206][ T585] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 69.036466][ T587] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 69.045947][ T509] ==================================================================
[ 69.054445][ T509] BUG: KASAN: use-after-free in enqueue_timer+0xa6/0x480
[ 69.061293][ T509] Write of size 8 at addr ffff88810e6d0a00 by task kworker/u5:4/509
[ 69.069123][ T509]
[ 69.071281][ T509] CPU: 0 PID: 509 Comm: kworker/u5:4 Not tainted 6.1.128-syzkaller-1167827-g5145d157731f #0
[ 69.081340][ T509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 69.091538][ T509] Workqueue: hci0 hci_power_on
[ 69.096106][ T509] Call Trace:
[ 69.099281][ T509]
[ 69.101997][ T509] dump_stack_lvl+0x151/0x1b7
[ 69.106701][ T509] ? nf_tcp_handle_invalid+0x3f1/0x3f1
[ 69.112609][ T509] ? _printk+0xd1/0x111
[ 69.116599][ T509] ? __virt_addr_valid+0x242/0x2f0
[ 69.122103][ T509] print_report+0x158/0x4e0
[ 69.126701][ T509] ? __virt_addr_valid+0x242/0x2f0
[ 69.131648][ T509] ? kasan_complete_mode_report_info+0x90/0x1b0
[ 69.137728][ T509] ? enqueue_timer+0xa6/0x480
[ 69.142466][ T509] kasan_report+0x13c/0x170
[ 69.146884][ T509] ? enqueue_timer+0xa6/0x480
[ 69.151621][ T509] __asan_report_store8_noabort+0x17/0x20
[ 69.157316][ T509] enqueue_timer+0xa6/0x480
[ 69.161659][ T509] __mod_timer+0x8d3/0xcf0
[ 69.165902][ T509] ? mod_timer_pending+0x30/0x30
[ 69.170670][ T509] ? insert_work+0x283/0x310
[ 69.175104][ T509] ? __kasan_check_write+0x14/0x20
[ 69.180097][ T509] ? _raw_spin_lock_irqsave+0xf9/0x210
[ 69.185361][ T509] schedule_timeout+0x187/0x380
[ 69.190111][ T509] ? console_conditional_schedule+0x10/0x10
[ 69.196060][ T509] ? queue_work_on+0x135/0x170
[ 69.200613][ T509] ? update_process_times+0x1b0/0x1b0
[ 69.205822][ T509] ? prepare_to_wait_event+0x3e6/0x420
[ 69.211127][ T509] __hci_cmd_sync_sk+0x2ad/0xf70
[ 69.215891][ T509] ? eir_get_service_data+0x2e0/0x2e0
[ 69.221185][ T509] ? wake_bit_function+0x230/0x230
[ 69.226217][ T509] ? __kasan_check_read+0x11/0x20
[ 69.231083][ T509] hci_dev_open_sync+0x1314/0x30a0
[ 69.236025][ T509] ? update_load_avg+0x513/0x1530
[ 69.240911][ T509] ? hci_reset_sync+0x100/0x100
[ 69.245656][ T509] ? __switch_to+0x62c/0x1190
[ 69.250289][ T509] ? __kasan_check_write+0x14/0x20
[ 69.255325][ T509] ? mutex_lock+0xb1/0x1e0
[ 69.259668][ T509] ? bit_wait_io_timeout+0x120/0x120
[ 69.264882][ T509] ? kthread_data+0x53/0xc0
[ 69.269248][ T509] hci_power_on+0x1a7/0x5e0
[ 69.273719][ T509] ? hci_tx_work+0x3790/0x3790
[ 69.278429][ T509] ? __schedule+0xcbd/0x1560
[ 69.283110][ T509] process_one_work+0x73d/0xcb0
[ 69.287829][ T509] worker_thread+0xa60/0x1260
[ 69.292314][ T509] kthread+0x26d/0x300
[ 69.296425][ T509] ? worker_clr_flags+0x1a0/0x1a0
[ 69.301375][ T509] ? kthread_blkcg+0xd0/0xd0
[ 69.305905][ T509] ret_from_fork+0x1f/0x30
[ 69.310225][ T509]
[ 69.313144][ T509]
[ 69.315403][ T509] Allocated by task 583:
[ 69.319785][ T509] kasan_set_track+0x4b/0x70
[ 69.324365][ T509] kasan_save_alloc_info+0x1f/0x30
[ 69.329283][ T509] __kasan_kmalloc+0x9c/0xb0
[ 69.334108][ T509] __kmalloc+0xb4/0x1e0
[ 69.338214][ T509] hci_alloc_dev_priv+0x27/0x1c00
[ 69.343161][ T509] hci_uart_tty_ioctl+0x401/0xa70
[ 69.348371][ T509] tty_ioctl+0x903/0xc50
[ 69.352598][ T509] __se_sys_ioctl+0x114/0x190
[ 69.357315][ T509] __x64_sys_ioctl+0x7b/0x90
[ 69.361884][ T509] x64_sys_call+0x98/0x9a0
[ 69.366173][ T509] do_syscall_64+0x3b/0xb0
[ 69.370432][ T509] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 69.376273][ T509]
[ 69.378613][ T509] Freed by task 585:
[ 69.382356][ T509] kasan_set_track+0x4b/0x70
[ 69.386851][ T509] kasan_save_free_info+0x2b/0x40
[ 69.391707][ T509] ____kasan_slab_free+0x131/0x180
[ 69.396658][ T509] __kasan_slab_free+0x11/0x20
[ 69.401351][ T509] __kmem_cache_free+0x21d/0x410
[ 69.406113][ T509] kfree+0x7a/0xf0
[ 69.409672][ T509] hci_release_dev+0x14d3/0x1640
[ 69.414445][ T509] bt_host_release+0x83/0xa0
[ 69.419051][ T509] device_release+0x95/0x1c0
[ 69.423801][ T509] kobject_put+0x178/0x260
[ 69.428030][ T509] put_device+0x1f/0x30
[ 69.432925][ T509] hci_dev_cmd+0x2be/0x9b0
[ 69.437180][ T509] hci_sock_ioctl+0x415/0x7f0
[ 69.441709][ T509] sock_do_ioctl+0x152/0x450
[ 69.446137][ T509] sock_ioctl+0x455/0x740
[ 69.450278][ T509] __se_sys_ioctl+0x114/0x190
[ 69.455056][ T509] __x64_sys_ioctl+0x7b/0x90
[ 69.459561][ T509] x64_sys_call+0x98/0x9a0
[ 69.463809][ T509] do_syscall_64+0x3b/0xb0
[ 69.468087][ T509] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 69.473895][ T509]
[ 69.476052][ T509] Last potentially related work creation:
[ 69.481886][ T509] kasan_save_stack+0x3b/0x60
[ 69.486492][ T509] __kasan_record_aux_stack+0xb4/0xc0
[ 69.491867][ T509] kasan_record_aux_stack_noalloc+0xb/0x10
[ 69.497594][ T509] insert_work+0x56/0x310
[ 69.502312][ T509] __queue_work+0x9b6/0xd70
[ 69.506672][ T509] queue_work_on+0x105/0x170
[ 69.511111][ T509] __hci_cmd_sync_sk+0xc2a/0xf70
[ 69.516040][ T509] hci_cmd_sync_status+0x52/0x130
[ 69.520857][ T509] hci_dev_cmd+0x771/0x9b0
[ 69.525121][ T509] hci_sock_ioctl+0x415/0x7f0
[ 69.529700][ T509] sock_do_ioctl+0x152/0x450
[ 69.534411][ T509] sock_ioctl+0x455/0x740
[ 69.538573][ T509] __se_sys_ioctl+0x114/0x190
[ 69.543171][ T509] __x64_sys_ioctl+0x7b/0x90
[ 69.547593][ T509] x64_sys_call+0x98/0x9a0
[ 69.552116][ T509] do_syscall_64+0x3b/0xb0
[ 69.556372][ T509] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 69.562363][ T509]
[ 69.564537][ T509] Second to last potentially related work creation:
[ 69.571315][ T509] kasan_save_stack+0x3b/0x60
[ 69.576037][ T509] __kasan_record_aux_stack+0xb4/0xc0
[ 69.581208][ T509] kasan_record_aux_stack_noalloc+0xb/0x10
[ 69.586846][ T509] insert_work+0x56/0x310
[ 69.591032][ T509] __queue_work+0x9b6/0xd70
[ 69.595456][ T509] queue_work_on+0x105/0x170
[ 69.599872][ T509] __hci_cmd_sync_sk+0xc2a/0xf70
[ 69.604858][ T509] hci_cmd_sync_status+0x52/0x130
[ 69.609705][ T509] hci_dev_cmd+0x771/0x9b0
[ 69.613951][ T509] hci_sock_ioctl+0x415/0x7f0
[ 69.618463][ T509] sock_do_ioctl+0x152/0x450
[ 69.623119][ T509] sock_ioctl+0x455/0x740
[ 69.627299][ T509] __se_sys_ioctl+0x114/0x190
[ 69.631791][ T509] __x64_sys_ioctl+0x7b/0x90
[ 69.636308][ T509] x64_sys_call+0x98/0x9a0
[ 69.640742][ T509] do_syscall_64+0x3b/0xb0
[ 69.645077][ T509] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 69.650822][ T509]
[ 69.653002][ T509] The buggy address belongs to the object at ffff88810e6d0000
[ 69.653002][ T509] which belongs to the cache kmalloc-8k of size 8192
[ 69.667138][ T509] The buggy address is located 2560 bytes inside of
[ 69.667138][ T509] 8192-byte region [ffff88810e6d0000, ffff88810e6d2000)
[ 69.680378][ T509]
[ 69.682549][ T509] The buggy address belongs to the physical page:
[ 69.688826][ T509] page:ffffea000439b400 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10e6d0
[ 69.699315][ T509] head:ffffea000439b400 order:3 compound_mapcount:0 compound_pincount:0
[ 69.707601][ T509] flags: 0x4000000000010200(slab|head|zone=1)
[ 69.714382][ T509] raw: 4000000000010200 ffffea0004268200 dead000000000003 ffff888100043500
[ 69.722805][ T509] raw: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000
[ 69.731544][ T509] page dumped because: kasan: bad access detected
[ 69.737913][ T509] page_owner tracks the page as allocated
[ 69.743622][ T509] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 3713137684, free_ts 0
[ 69.763067][ T509] post_alloc_hook+0x213/0x220
[ 69.767664][ T509] prep_new_page+0x1b/0x110
[ 69.772014][ T509] get_page_from_freelist+0x3a98/0x3b10
[ 69.777601][ T509] __alloc_pages+0x234/0x610
[ 69.782431][ T509] alloc_slab_page+0x6c/0xf0
[ 69.786938][ T509] new_slab+0x90/0x3e0
[ 69.790940][ T509] ___slab_alloc+0x6f9/0xb80
[ 69.795377][ T509] __slab_alloc+0x5d/0xa0
[ 69.799704][ T509] __kmem_cache_alloc_node+0x207/0x2a0
[ 69.805373][ T509] __kmalloc_node+0xa3/0x1e0
[ 69.809949][ T509] kvmalloc_node+0x221/0x640
[ 69.814377][ T509] btf_check_all_metas+0x499/0xa50
[ 69.819321][ T509] btf_parse_vmlinux+0x426/0x8d0
[ 69.824095][ T509] bpf_get_btf_vmlinux+0x41/0x60
[ 69.828879][ T509] btf_get_module_btf+0x92/0x200
[ 69.833644][ T509] register_btf_kfunc_id_set+0x44/0x640
[ 69.839149][ T509] page_owner free stack trace missing
[ 69.844426][ T509]
[ 69.846806][ T509] Memory state around the buggy address:
[ 69.852449][ T509] ffff88810e6d0900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 69.860424][ T509] ffff88810e6d0980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 69.868408][ T509] >ffff88810e6d0a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 69.876490][ T509] ^
[ 69.880617][ T509] ffff88810e6d0a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 69.889232][ T509] ffff88810e6d0b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 69.897500][ T509] ==================================================================
2025/03/21 06:57:41 executed programs: 46
[ 69.905695][ T509] Disabling lock debugging due to kernel taint
[ 69.912205][ T514] Bluetooth: hci2: command 0x1003 tx timeout
[ 69.914525][ T499] Bluetooth: hci2: Opcode 0x1003 failed: -110
[ 69.919176][ T512] Bluetooth: hci3: Opcode 0x1003 failed: -110
[ 69.930754][ T514] Bluetooth: hci3: command 0x1003 tx timeout
[ 69.932533][ T495] Bluetooth: hci0: Frame reassembly failed (-84)
[ 69.962769][ T43] Bluetooth: hci2: Frame reassembly failed (-84)
[ 69.967203][ T8] Bluetooth: hci3: Frame reassembly failed (-84)
[ 69.969194][ T43] Bluetooth: hci2: Frame reassembly failed (-84)
[ 69.975531][ T8] Bluetooth: hci3: Frame reassembly failed (-84)
[ 71.004343][ T500] Bluetooth: hci1: command 0x1003 tx timeout
[ 71.006240][ T45] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 71.026151][ T350] Bluetooth: hci1: Frame reassembly failed (-84)
[ 71.084244][ T531] Bluetooth: hci0: command 0x1003 tx timeout
[ 71.084260][ C0] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[ 71.090090][ T531] Bluetooth: hci4: command 0x1003 tx timeout
[ 71.101837][ C0] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[ 71.101868][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G B 6.1.128-syzkaller-1167827-g5145d157731f #0
[ 71.101890][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 71.101901][ C0] RIP: 0010:__queue_work+0x4f1/0xd70
[ 71.101934][ C0] Code: 39 03 0f 84 40 01 00 00 e8 1c 6e 2a 00 4c 89 e7 e8 54 99 d7 03 49 bd 00 00 00 00 00 fc ff df 4c 8b 65 d0 4c 89 f0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 f7 e8 60 17 72 00 49 8b 3e e8 08 92 d7
[ 71.101966][ C0] RSP: 0018:ffffc90000007c78 EFLAGS: 00010046
[ 71.108008][ T503] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 71.116596][ C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffffffff8701d580
[ 71.116627][ C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[ 71.116639][ C0] RBP: ffffc90000007d00 R08: ffffffff814b262b R09: 0000000000000007
[ 71.116651][ C0] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff88810e6d09c8
[ 71.116666][ C0] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff88810e6d09e0
[ 71.116679][ C0] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 71.116695][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 71.116708][ C0] CR2: 0000000020000000 CR3: 0000000116b74000 CR4: 00000000003506b0
[ 71.116723][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 71.116733][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 71.116746][ C0] Call Trace:
[ 71.116751][ C0]
[ 71.116760][ C0] ? __die_body+0x62/0xb0
[ 71.135287][ T509] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 71.138032][ C0] ? die_addr+0x9f/0xd0
[ 71.157223][ T598] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 71.163400][ C0] ? exc_general_protection+0x317/0x4c0
[ 71.169747][ T601] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 71.175320][ C0] ? ttwu_do_wakeup+0xe5/0x430
[ 71.175350][ C0] ? asm_exc_general_protection+0x27/0x30
[ 71.175382][ C0] ? __queue_work+0x28b/0xd70
[ 71.186826][ T28] audit: type=1400 audit(1742540262.993:116): avc: denied { remove_name } for pid=84 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 71.191203][ C0] ? __queue_work+0x4f1/0xd70
[ 71.200468][ T28] audit: type=1400 audit(1742540262.993:117): avc: denied { rename } for pid=84 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 71.207005][ C0] ? __queue_work+0x29c/0xd70
[ 71.207046][ C0] delayed_work_timer_fn+0x61/0x80
[ 71.207069][ C0] ? queue_work_node+0x1d0/0x1d0
[ 71.207090][ C0] call_timer_fn+0x3b/0x2d0
[ 71.215822][ T28] audit: type=1400 audit(1742540262.993:118): avc: denied { create } for pid=84 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 71.223837][ C0] ? queue_work_node+0x1d0/0x1d0
[ 71.249966][ T602] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 71.254615][ C0] __run_timers+0x756/0xa10
[ 71.254656][ C0] ? calc_index+0x270/0x270
[ 71.254685][ C0] ? sched_clock+0x9/0x10
[ 71.271954][ T8] Bluetooth: hci0: Frame reassembly failed (-84)
[ 71.274807][ C0] ? sched_clock_cpu+0x71/0x2b0
[ 71.274844][ C0] run_timer_softirq+0x69/0xf0
[ 71.274872][ C0] handle_softirqs+0x1db/0x650
[ 71.443402][ C0] ? irqtime_account_irq+0xdc/0x260
[ 71.448435][ C0] __irq_exit_rcu+0x52/0xf0
[ 71.452852][ C0] irq_exit_rcu+0x9/0x10
[ 71.456938][ C0] sysvec_apic_timer_interrupt+0xa9/0xc0
[ 71.462398][ C0]
[ 71.465172][ C0]
[ 71.468047][ C0] asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 71.474185][ C0] RIP: 0010:acpi_idle_enter+0x416/0x760
[ 71.479794][ C0] Code: 89 de 48 83 e6 08 31 ff e8 b7 f8 52 fc 48 83 e3 08 0f 85 b1 00 00 00 0f 1f 44 00 00 e8 63 f4 52 fc 0f 00 2d 2c c9 cd 00 fb f4 e9 e3 00 00 00 49 83 c7 04 4c 89 f8 48 c1 e8 03 42 0f b6 04 30
[ 71.499270][ C0] RSP: 0018:ffffffff87007bd0 EFLAGS: 000002d3
[ 71.505168][ C0] RAX: ffffffff8522a22d RBX: 0000000000000000 RCX: ffffffff8701d580
[ 71.512940][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 71.520868][ C0] RBP: ffffffff87007c10 R08: ffffffff8522a219 R09: fffffbfff0e03ab1
[ 71.528678][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000001
[ 71.536475][ C0] R13: ffff88810a0ac804 R14: dffffc0000000000 R15: ffff88810973e064
[ 71.544763][ C0] ? acpi_idle_enter+0x3f9/0x760
[ 71.549596][ C0] ? acpi_idle_enter+0x40d/0x760
[ 71.554461][ C0] ? intel_idle_xstate+0xa0/0xa0
[ 71.559251][ C0] cpuidle_enter_state+0x5eb/0x17f0
[ 71.564367][ C0] ? cpuidle_enter_s2idle+0x600/0x600
[ 71.569663][ C0] ? menu_enable_device+0x380/0x380
[ 71.574708][ C0] ? __sched_text_start+0x8/0x8
[ 71.579391][ C0] cpuidle_enter+0x5f/0xa0
[ 71.583644][ C0] do_idle+0x3d1/0x580
[ 71.587722][ C0] ? idle_inject_timer_fn+0x60/0x60
[ 71.592831][ C0] ? schedule_idle+0x5b/0x90
[ 71.597359][ C0] cpu_startup_entry+0x44/0x60
[ 71.602045][ C0] rest_init+0x10b/0x130
[ 71.606212][ C0] ? time_init+0x38/0x38
[ 71.610465][ C0] arch_call_rest_init+0xe/0xe
[ 71.615053][ C0] start_kernel+0x46c/0x4d8
[ 71.619476][ C0] x86_64_start_reservations+0x2a/0x2c
[ 71.625311][ C0] x86_64_start_kernel+0x7c/0x81
[ 71.630193][ C0] secondary_startup_64_no_verify+0xce/0xdb
[ 71.635982][ C0]
[ 71.638878][ C0] Modules linked in:
[ 71.642583][ C0] ---[ end trace 0000000000000000 ]---
[ 71.647869][ C0] RIP: 0010:__queue_work+0x4f1/0xd70
[ 71.652993][ C0] Code: 39 03 0f 84 40 01 00 00 e8 1c 6e 2a 00 4c 89 e7 e8 54 99 d7 03 49 bd 00 00 00 00 00 fc ff df 4c 8b 65 d0 4c 89 f0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 f7 e8 60 17 72 00 49 8b 3e e8 08 92 d7
[ 71.672640][ C0] RSP: 0018:ffffc90000007c78 EFLAGS: 00010046
[ 71.678513][ C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffffffff8701d580
[ 71.686418][ C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[ 71.694243][ C0] RBP: ffffc90000007d00 R08: ffffffff814b262b R09: 0000000000000007
[ 71.702319][ C0] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff88810e6d09c8
[ 71.710584][ C0] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff88810e6d09e0
[ 71.718632][ C0] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 71.728115][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 71.735231][ C0] CR2: 0000000020000000 CR3: 0000000116b74000 CR4: 00000000003506b0
[ 71.743494][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 71.751301][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 71.759106][ C0] Kernel panic - not syncing: Fatal exception in interrupt
[ 71.766432][ C0] Kernel Offset: disabled
[ 71.770906][ C0] Rebooting in 86400 seconds..