Warning: Permanently added '10.128.1.18' (ED25519) to the list of known hosts.
2026/05/04 07:17:52 parsed 1 programs
[ 23.725543][ T28] audit: type=1400 audit(1777879072.421:64): avc: denied { node_bind } for pid=295 comm="syz-execprog" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[ 23.747039][ T28] audit: type=1400 audit(1777879072.421:65): avc: denied { module_request } for pid=295 comm="syz-execprog" kmod="net-pf-2-proto-262-type-1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[ 24.462577][ T28] audit: type=1400 audit(1777879073.161:66): avc: denied { mounton } for pid=301 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2024 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[ 24.463671][ T301] cgroup: Unknown subsys name 'net'
[ 24.485531][ T28] audit: type=1400 audit(1777879073.161:67): avc: denied { mount } for pid=301 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 24.512794][ T28] audit: type=1400 audit(1777879073.201:68): avc: denied { unmount } for pid=301 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 24.512947][ T301] cgroup: Unknown subsys name 'devices'
[ 24.658384][ T301] cgroup: Unknown subsys name 'hugetlb'
[ 24.664569][ T301] cgroup: Unknown subsys name 'rlimit'
[ 24.801828][ T28] audit: type=1400 audit(1777879073.501:69): avc: denied { setattr } for pid=301 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 24.825212][ T28] audit: type=1400 audit(1777879073.501:70): avc: denied { create } for pid=301 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 24.845598][ T28] audit: type=1400 audit(1777879073.501:71): avc: denied { write } for pid=301 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 24.866079][ T28] audit: type=1400 audit(1777879073.501:72): avc: denied { read } for pid=301 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 24.869972][ T305] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped).
Setting up swapspace version 1, size = 127995904 bytes
[ 24.886751][ T28] audit: type=1400 audit(1777879073.501:73): avc: denied { mounton } for pid=301 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[ 24.926691][ T301] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 25.682736][ T313] request_module fs-gadgetfs succeeded, but still no fs?
[ 26.056090][ T329] bridge0: port 1(bridge_slave_0) entered blocking state
[ 26.086586][ T329] bridge0: port 1(bridge_slave_0) entered disabled state
[ 26.094126][ T329] device bridge_slave_0 entered promiscuous mode
[ 26.115393][ T329] bridge0: port 2(bridge_slave_1) entered blocking state
[ 26.122567][ T329] bridge0: port 2(bridge_slave_1) entered disabled state
[ 26.129915][ T329] device bridge_slave_1 entered promiscuous mode
[ 26.243674][ T329] bridge0: port 2(bridge_slave_1) entered blocking state
[ 26.250815][ T329] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 26.258336][ T329] bridge0: port 1(bridge_slave_0) entered blocking state
[ 26.265559][ T329] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 26.294381][ T8] bridge0: port 1(bridge_slave_0) entered disabled state
[ 26.302778][ T8] bridge0: port 2(bridge_slave_1) entered disabled state
[ 26.310327][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 26.318092][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 26.337383][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 26.345724][ T8] bridge0: port 1(bridge_slave_0) entered blocking state
[ 26.352806][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 26.361688][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 26.370466][ T8] bridge0: port 2(bridge_slave_1) entered blocking state
[ 26.377572][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 26.385278][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 26.394171][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 26.417169][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 26.440475][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 26.457152][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 26.467034][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 26.475608][ T329] device veth0_vlan entered promiscuous mode
[ 26.488575][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 26.501681][ T329] device veth1_macvtap entered promiscuous mode
[ 26.517359][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 26.527342][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
2026/05/04 07:17:55 executed programs: 0
[ 27.128347][ T329] syz-executor (329) used greatest stack depth: 20704 bytes left
[ 27.258812][ T371] bridge0: port 1(bridge_slave_0) entered blocking state
[ 27.265884][ T371] bridge0: port 1(bridge_slave_0) entered disabled state
[ 27.273420][ T371] device bridge_slave_0 entered promiscuous mode
[ 27.280917][ T371] bridge0: port 2(bridge_slave_1) entered blocking state
[ 27.288019][ T371] bridge0: port 2(bridge_slave_1) entered disabled state
[ 27.295609][ T371] device bridge_slave_1 entered promiscuous mode
[ 27.337473][ T377] bridge0: port 1(bridge_slave_0) entered blocking state
[ 27.344511][ T377] bridge0: port 1(bridge_slave_0) entered disabled state
[ 27.352120][ T377] device bridge_slave_0 entered promiscuous mode
[ 27.362430][ T377] bridge0: port 2(bridge_slave_1) entered blocking state
[ 27.369700][ T377] bridge0: port 2(bridge_slave_1) entered disabled state
[ 27.377050][ T377] device bridge_slave_1 entered promiscuous mode
[ 27.455670][ T375] bridge0: port 1(bridge_slave_0) entered blocking state
[ 27.462758][ T375] bridge0: port 1(bridge_slave_0) entered disabled state
[ 27.470266][ T375] device bridge_slave_0 entered promiscuous mode
[ 27.479935][ T375] bridge0: port 2(bridge_slave_1) entered blocking state
[ 27.487037][ T375] bridge0: port 2(bridge_slave_1) entered disabled state
[ 27.494498][ T375] device bridge_slave_1 entered promiscuous mode
[ 27.501401][ T379] bridge0: port 1(bridge_slave_0) entered blocking state
[ 27.508626][ T379] bridge0: port 1(bridge_slave_0) entered disabled state
[ 27.515955][ T379] device bridge_slave_0 entered promiscuous mode
[ 27.542142][ T379] bridge0: port 2(bridge_slave_1) entered blocking state
[ 27.549272][ T379] bridge0: port 2(bridge_slave_1) entered disabled state
[ 27.556900][ T379] device bridge_slave_1 entered promiscuous mode
[ 27.568400][ T378] bridge0: port 1(bridge_slave_0) entered blocking state
[ 27.575454][ T378] bridge0: port 1(bridge_slave_0) entered disabled state
[ 27.583217][ T378] device bridge_slave_0 entered promiscuous mode
[ 27.593408][ T378] bridge0: port 2(bridge_slave_1) entered blocking state
[ 27.600697][ T378] bridge0: port 2(bridge_slave_1) entered disabled state
[ 27.608259][ T378] device bridge_slave_1 entered promiscuous mode
[ 27.692730][ T377] bridge0: port 2(bridge_slave_1) entered blocking state
[ 27.699830][ T377] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 27.707136][ T377] bridge0: port 1(bridge_slave_0) entered blocking state
[ 27.714166][ T377] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 27.747280][ T371] bridge0: port 2(bridge_slave_1) entered blocking state
[ 27.754434][ T371] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 27.761807][ T371] bridge0: port 1(bridge_slave_0) entered blocking state
[ 27.768873][ T371] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 27.829795][ T379] bridge0: port 2(bridge_slave_1) entered blocking state
[ 27.836871][ T379] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 27.844227][ T379] bridge0: port 1(bridge_slave_0) entered blocking state
[ 27.851382][ T379] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 27.880265][ T378] bridge0: port 2(bridge_slave_1) entered blocking state
[ 27.887504][ T378] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 27.894791][ T378] bridge0: port 1(bridge_slave_0) entered blocking state
[ 27.901851][ T378] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 27.910377][ T8] bridge0: port 1(bridge_slave_0) entered disabled state
[ 27.918035][ T8] bridge0: port 2(bridge_slave_1) entered disabled state
[ 27.925209][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 27.933151][ T8] bridge0: port 1(bridge_slave_0) entered disabled state
[ 27.940790][ T8] bridge0: port 2(bridge_slave_1) entered disabled state
[ 27.948119][ T8] bridge0: port 1(bridge_slave_0) entered disabled state
[ 27.955592][ T8] bridge0: port 2(bridge_slave_1) entered disabled state
[ 27.963409][ T8] bridge0: port 1(bridge_slave_0) entered disabled state
[ 27.970707][ T8] bridge0: port 2(bridge_slave_1) entered disabled state
[ 27.998498][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 28.006863][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 28.014973][ T8] bridge0: port 1(bridge_slave_0) entered blocking state
[ 28.022019][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 28.029831][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 28.038432][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 28.046992][ T8] bridge0: port 2(bridge_slave_1) entered blocking state
[ 28.054122][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 28.080069][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 28.088705][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 28.098826][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 28.106396][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 28.122311][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 28.130093][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 28.147951][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 28.155809][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 28.163600][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 28.172534][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 28.180591][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 28.189185][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 28.197586][ T8] bridge0: port 1(bridge_slave_0) entered blocking state
[ 28.204702][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 28.213133][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 28.221588][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 28.230416][ T8] bridge0: port 2(bridge_slave_1) entered blocking state
[ 28.237645][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 28.247119][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 28.256340][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 28.264738][ T8] bridge0: port 1(bridge_slave_0) entered blocking state
[ 28.272151][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 28.294958][ T379] device veth0_vlan entered promiscuous mode
[ 28.307190][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 28.315985][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 28.324288][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 28.332350][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 28.340512][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 28.349267][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 28.357703][ T8] bridge0: port 1(bridge_slave_0) entered blocking state
[ 28.364738][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 28.372666][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 28.382087][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 28.390442][ T8] bridge0: port 2(bridge_slave_1) entered blocking state
[ 28.397490][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 28.404913][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 28.413184][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 28.421828][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 28.430370][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 28.438728][ T8] bridge0: port 2(bridge_slave_1) entered blocking state
[ 28.446212][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 28.459770][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 28.468275][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 28.476639][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 28.484787][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 28.504001][ T377] device veth0_vlan entered promiscuous mode
[ 28.517556][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 28.525969][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 28.533831][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 28.541601][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 28.550308][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 28.558846][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 28.567817][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 28.576173][ T8] bridge0: port 1(bridge_slave_0) entered blocking state
[ 28.583224][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 28.590695][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 28.599269][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 28.607625][ T8] bridge0: port 2(bridge_slave_1) entered blocking state
[ 28.614652][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 28.622154][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 28.630310][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 28.638341][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 28.646276][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 28.654696][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 28.662518][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 28.670300][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 28.686999][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 28.695194][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 28.705364][ T379] device veth1_macvtap entered promiscuous mode
[ 28.724682][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 28.733805][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 28.742543][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 28.750896][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 28.759186][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 28.766892][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 28.780606][ T377] device veth1_macvtap entered promiscuous mode
[ 28.789335][ T371] device veth0_vlan entered promiscuous mode
[ 28.799586][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 28.808096][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 28.816385][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 28.824419][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 28.832871][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 28.842046][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 28.859594][ T375] device veth0_vlan entered promiscuous mode
[ 28.874741][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 28.883254][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 28.891517][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 28.899265][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 28.907211][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 28.915452][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 28.923847][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 28.932192][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 28.940787][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 28.949200][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 28.976658][ T375] device veth1_macvtap entered promiscuous mode
[ 28.985341][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 28.988677][ T28] kauditd_printk_skb: 32 callbacks suppressed
[ 28.988691][ T28] audit: type=1400 audit(1777879077.691:106): avc: denied { ioctl } for pid=397 comm="syz.4.21" path="socket:[16104]" dev="sockfs" ino=16104 ioctlcmd=0x48e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 28.995465][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 29.032048][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 29.039903][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 29.048318][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 29.056679][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 29.065606][ T378] device veth0_vlan entered promiscuous mode
[ 29.079993][ T371] device veth1_macvtap entered promiscuous mode
[ 29.096228][ T396] Bluetooth: hci1: Frame reassembly failed (-84)
[ 29.104068][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 29.112721][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 29.121659][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 29.130299][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 29.138910][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 29.147340][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 29.155638][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 29.164128][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 29.178481][ T43] device bridge_slave_1 left promiscuous mode
[ 29.184670][ T43] bridge0: port 2(bridge_slave_1) entered disabled state
[ 29.192337][ T43] device bridge_slave_0 left promiscuous mode
[ 29.198613][ T43] bridge0: port 1(bridge_slave_0) entered disabled state
[ 29.206498][ T43] device veth1_macvtap left promiscuous mode
[ 29.212859][ T43] device veth0_vlan left promiscuous mode
[ 29.313286][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 29.323204][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 29.334392][ T378] device veth1_macvtap entered promiscuous mode
[ 29.341423][ T8] Bluetooth: hci2: Frame reassembly failed (-84)
[ 29.348568][ T8] Bluetooth: hci3: Frame reassembly failed (-84)
[ 29.355470][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 29.363439][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 29.371764][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 29.381051][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 29.389707][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 29.412780][ T8] Bluetooth: hci4: Frame reassembly failed (-84)
[ 31.026768][ T397] Bluetooth: hci0: Opcode 0x080f failed: -110
[ 31.106704][ T407] Bluetooth: hci1: command 0x1003 tx timeout
[ 31.106826][ T399] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 31.346661][ T401] Bluetooth: hci2: Opcode 0x1003 failed: -110
[ 31.346661][ T398] Bluetooth: hci3: Opcode 0x1003 failed: -110
[ 31.426795][ T405] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 31.428006][ T398] Bluetooth: hci4: command 0x1003 tx timeout
[ 33.106661][ T405] Bluetooth: hci0: command 0x080f tx timeout
[ 33.106901][ T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 33.113560][ T405] Bluetooth: hci0: sending frame failed (-49)
[ 33.125908][ T400] Bluetooth: hci0: Opcode 0x080f failed: -4
[ 33.132280][ T402] Bluetooth: hci0: Opcode 0x080f failed: -4
[ 33.139486][ T404] Bluetooth: hci0: Opcode 0x080f failed: -4
[ 33.145489][ T406] Bluetooth: hci0: Opcode 0x080f failed: -4
2026/05/04 07:18:01 executed programs: 15
[ 33.159391][ T8] Bluetooth: hci0: Frame reassembly failed (-84)
[ 33.192756][ T8] Bluetooth: hci1: Frame reassembly failed (-84)
[ 33.224623][ T43] Bluetooth: hci2: Frame reassembly failed (-84)
[ 33.231314][ T10] Bluetooth: hci3: Frame reassembly failed (-84)
[ 33.231323][ T396] Bluetooth: hci4: Frame reassembly failed (-84)
[ 33.242477][ T43] Bluetooth: hci2: Frame reassembly failed (-84)
[ 35.186621][ T407] Bluetooth: hci0: command 0x1003 tx timeout
[ 35.186621][ T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 35.199144][ T410] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 35.205437][ T412] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 35.266715][ T405] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 35.266752][ T398] Bluetooth: hci3: Opcode 0x1003 failed: -110
[ 35.273029][ T405] Bluetooth: hci4: command 0x1003 tx timeout
[ 35.279023][ T399] Bluetooth: hci2: Opcode 0x1003 failed: -110
[ 35.284995][ T401] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 35.291111][ T399] Bluetooth: hci3: command 0x1003 tx timeout
[ 36.225149][ T413] Bluetooth: hci0: Opcode 0x080f failed: -4
[ 36.231201][ T414] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 36.237457][ T415] Bluetooth: hci0: Opcode 0x080f failed: -4
[ 36.253442][ T10] Bluetooth: hci0: Frame reassembly failed (-84)
[ 36.292519][ T43] Bluetooth: hci2: Frame reassembly failed (-84)
[ 36.302036][ T43] Bluetooth: hci3: Frame reassembly failed (-84)
[ 36.302803][ T335] Bluetooth: hci4: Frame reassembly failed (-84)
[ 36.315292][ T335] Bluetooth: hci4: Frame reassembly failed (-84)
[ 37.346748][ T417] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 37.359911][ T10] Bluetooth: hci1: Frame reassembly failed (-84)
[ 38.306659][ T405] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 38.306678][ T417] Bluetooth: hci4: command 0x1003 tx timeout
[ 38.306696][ T417] Bluetooth: hci3: command 0x1003 tx timeout
[ 38.313185][ T45] Bluetooth: hci2: command 0x1003 tx timeout
[ 38.319297][ T401] Bluetooth: hci3: Opcode 0x1003 failed: -110
[ 38.325452][ T45] Bluetooth: hci0: command 0x1003 tx timeout
[ 38.331554][ T398] Bluetooth: hci2: Opcode 0x1003 failed: -110
[ 38.351228][ T399] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 38.357720][ T419] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 38.363899][ T421] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 38.370072][ T420] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 38.376215][ T422] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 38.382468][ T423] Bluetooth: hci0: Opcode 0x080f failed: -22
2026/05/04 07:18:07 executed programs: 26
[ 38.412259][ T10] Bluetooth: hci0: Frame reassembly failed (-84)
[ 38.436473][ T43] Bluetooth: hci2: Frame reassembly failed (-84)
[ 38.450290][ T10] Bluetooth: hci3: Frame reassembly failed (-84)
[ 38.451932][ T8] Bluetooth: hci4: Frame reassembly failed (-84)
[ 39.436624][ T407] Bluetooth: hci1: command 0x1003 tx timeout
[ 39.436669][ T403] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 39.454730][ T43] Bluetooth: hci1: Frame reassembly failed (-84)
[ 40.466695][ T424] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 40.466684][ T407] Bluetooth: hci4: command 0x1003 tx timeout
[ 40.466736][ T401] Bluetooth: hci3: Opcode 0x1003 failed: -110
[ 40.472836][ T407] Bluetooth: hci3: command 0x1003 tx timeout
[ 40.478854][ T424] Bluetooth: hci2: command 0x1003 tx timeout
[ 40.484984][ T399] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 40.491046][ T398] Bluetooth: hci2: Opcode 0x1003 failed: -110
[ 40.497025][ T407] Bluetooth: hci0: command 0x1003 tx timeout
[ 40.516437][ T425] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 40.522663][ T426] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 40.528874][ T427] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 40.534966][ T428] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 40.541325][ T429] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 40.581850][ T43] Bluetooth: hci0: Frame reassembly failed (-84)
[ 40.626608][ T335] Bluetooth: hci3: Frame reassembly failed (-84)
[ 40.634364][ T416] Bluetooth: hci4: Frame reassembly failed (-84)
[ 40.634585][ T43] Bluetooth: hci2: Frame reassembly failed (-84)
[ 41.506636][ T403] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 41.506676][ T424] Bluetooth: hci1: command 0x1003 tx timeout
[ 41.525182][ T335] Bluetooth: hci1: Frame reassembly failed (-84)
[ 42.626627][ T45] Bluetooth: hci0: command 0x1003 tx timeout
[ 42.626632][ T398] Bluetooth: hci3: Opcode 0x1003 failed: -110
[ 42.626680][ T399] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 42.645536][ T430] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 42.651798][ T431] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 42.658189][ T432] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 42.664392][ T433] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 42.670685][ T434] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 42.706674][ T399] Bluetooth: hci4: command 0x1003 tx timeout
[ 42.706661][ T407] Bluetooth: hci2: Opcode 0x1003 failed: -110
[ 42.706695][ T399] Bluetooth: hci2: command 0x1003 tx timeout
[ 42.712893][ T401] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 42.732904][ T43] Bluetooth: hci0: Frame reassembly failed (-84)
[ 42.741406][ T8] Bluetooth: hci2: Frame reassembly failed (-84)
[ 42.755841][ T8] Bluetooth: hci4: Frame reassembly failed (-84)
[ 42.762436][ T43] Bluetooth: hci3: Frame reassembly failed (-84)
2026/05/04 07:18:12 executed programs: 40
[ 43.587414][ T45] Bluetooth: hci1: command 0x1003 tx timeout
[ 43.587407][ T403] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 43.608042][ T43] Bluetooth: hci1: Frame reassembly failed (-84)
[ 44.706569][ C1] ==================================================================
[ 44.714668][ C1] BUG: KASAN: use-after-free in __run_timers+0x340/0x9f0
[ 44.721713][ C1] Write of size 8 at addr ffff88811b024a00 by task swapper/1/0
[ 44.729249][ C1]
[ 44.731574][ C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted syzkaller #0
[ 44.738582][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 44.748636][ C1] Call Trace:
[ 44.751931][ C1]
[ 44.754757][ C1] __dump_stack+0x21/0x24
[ 44.759101][ C1] dump_stack_lvl+0x110/0x170
[ 44.763780][ C1] ? __cfi_dump_stack_lvl+0x8/0x8
[ 44.768784][ C1] ? update_rq_clock+0x536/0x5c0
[ 44.773723][ C1] ? __run_timers+0x340/0x9f0
[ 44.778383][ C1] print_address_description+0x71/0x200
[ 44.783910][ C1] print_report+0x4a/0x60
[ 44.786599][ T424] Bluetooth: hci3: command 0x1003 tx timeout
[ 44.788220][ C1] kasan_report+0x122/0x150
[ 44.794246][ T401] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 44.798676][ C1] ? __run_timers+0x340/0x9f0
[ 44.798702][ C1] __asan_report_store8_noabort+0x17/0x20
[ 44.815202][ C1] __run_timers+0x340/0x9f0
[ 44.819708][ C1] ? sched_clock+0x9/0x10
[ 44.824111][ C1] ? sched_clock_cpu+0x6e/0x260
[ 44.828943][ C1] ? calc_index+0x200/0x200
[ 44.833425][ C1] ? kvm_sched_clock_read+0x18/0x40
[ 44.838606][ C1] run_timer_softirq+0x6a/0xf0
[ 44.843348][ C1] handle_softirqs+0x1d7/0x600
[ 44.848156][ C1] ? irqtime_account_irq+0xc4/0x240
[ 44.853354][ C1] __irq_exit_rcu+0x52/0xf0
[ 44.857846][ C1] irq_exit_rcu+0x9/0x10
[ 44.862067][ C1] sysvec_apic_timer_interrupt+0xa9/0xc0
[ 44.867692][ C1]
[ 44.870599][ C1]
[ 44.873539][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 44.879511][ C1] RIP: 0010:default_idle+0xf/0x20
[ 44.884537][ C1] Code: 27 35 b5 fc e9 3d ff ff ff 00 00 90 90 90 90 90 90 90 90 90 90 90 b8 0c 67 40 a5 55 48 89 e5 66 90 0f 00 2d 53 55 64 00 fb f4 <5d> c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 90 90 90 90 90
[ 44.904298][ C1] RSP: 0018:ffffc90000147dd8 EFLAGS: 00000257
[ 44.910618][ C1] RAX: ffff8881f6f00000 RBX: ffff888100330000 RCX: 67a285de54fba400
[ 44.918598][ C1] RDX: 0000000000000001 RSI: ffffffff85ca8e80 RDI: ffffffff85ca8e40
[ 44.926552][ C1] RBP: ffffc90000147dd8 R08: ffff8881f6f348b3 R09: 1ffff1103ede6916
[ 44.934501][ C1] R10: 0000000000000000 R11: ffffffff8501dc20 R12: dffffc0000000000
[ 44.942498][ C1] R13: 0000000000000001 R14: ffff888100330000 R15: dffffc0000000000
[ 44.950461][ C1] ? __cfi_default_idle+0x10/0x10
[ 44.955488][ C1] arch_cpu_idle+0x1c/0x20
[ 44.959899][ C1] default_idle_call+0x71/0x1d0
[ 44.964728][ C1] do_idle+0x354/0x640
[ 44.968779][ C1] ? idle_inject_timer_fn+0x60/0x60
[ 44.973971][ C1] ? _raw_spin_unlock_irqrestore+0x5a/0x80
[ 44.979765][ C1] ? complete+0x167/0x1c0
[ 44.984078][ C1] cpu_startup_entry+0x43/0x60
[ 44.988819][ C1] start_secondary+0x119/0x120
[ 44.993569][ C1] secondary_startup_64_no_verify+0xce/0xdb
[ 44.999493][ C1]
[ 45.002535][ C1]
[ 45.004839][ C1] Allocated by task 430:
[ 45.009073][ C1] kasan_set_track+0x4b/0x70
[ 45.013644][ C1] kasan_save_alloc_info+0x25/0x30
[ 45.018729][ C1] __kasan_kmalloc+0x95/0xb0
[ 45.023315][ C1] __kmalloc+0xb1/0x1e0
[ 45.027454][ C1] hci_alloc_dev_priv+0x27/0x1bd0
[ 45.032469][ C1] hci_uart_tty_ioctl+0x3c8/0xa20
[ 45.037494][ C1] tty_ioctl+0x8ef/0xc60
[ 45.041727][ C1] __se_sys_ioctl+0x12f/0x1b0
[ 45.046381][ C1] __x64_sys_ioctl+0x7b/0x90
[ 45.050951][ C1] x64_sys_call+0x58b/0x9a0
[ 45.055441][ C1] do_syscall_64+0x4c/0xa0
[ 45.059839][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 45.065724][ C1]
[ 45.068035][ C1] Freed by task 434:
[ 45.071905][ C1] kasan_set_track+0x4b/0x70
[ 45.076479][ C1] kasan_save_free_info+0x31/0x50
[ 45.081479][ C1] ____kasan_slab_free+0x132/0x180
[ 45.086582][ C1] __kasan_slab_free+0x11/0x20
[ 45.091341][ C1] slab_free_freelist_hook+0xc2/0x190
[ 45.096701][ C1] __kmem_cache_free+0xb7/0x1b0
[ 45.101532][ C1] kfree+0x6f/0xf0
[ 45.105228][ C1] hci_release_dev+0x12a3/0x13b0
[ 45.110143][ C1] bt_host_release+0x82/0x90
[ 45.114714][ C1] device_release+0xa4/0x1d0
[ 45.119281][ C1] kobject_put+0x19d/0x280
[ 45.123683][ C1] put_device+0x1f/0x30
[ 45.127831][ C1] hci_dev_cmd+0x279/0x740
[ 45.132238][ C1] hci_sock_ioctl+0x41e/0x7f0
[ 45.136897][ C1] sock_do_ioctl+0x114/0x330
[ 45.141504][ C1] sock_ioctl+0x4bd/0x710
[ 45.145829][ C1] __se_sys_ioctl+0x12f/0x1b0
[ 45.150494][ C1] __x64_sys_ioctl+0x7b/0x90
[ 45.155073][ C1] x64_sys_call+0x58b/0x9a0
[ 45.159577][ C1] do_syscall_64+0x4c/0xa0
[ 45.164088][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 45.170062][ C1]
[ 45.172465][ C1] Last potentially related work creation:
[ 45.178153][ C1] kasan_save_stack+0x3a/0x60
[ 45.182805][ C1] __kasan_record_aux_stack+0xb6/0xc0
[ 45.188150][ C1] kasan_record_aux_stack_noalloc+0xb/0x10
[ 45.193934][ C1] insert_work+0x51/0x300
[ 45.198237][ C1] __queue_work+0x9b1/0xd30
[ 45.202715][ C1] queue_work_on+0xde/0x150
[ 45.207193][ C1] __hci_cmd_sync_sk+0xa7f/0xd30
[ 45.212123][ C1] hci_cmd_sync_status+0x53/0x120
[ 45.217134][ C1] hci_dev_cmd+0x648/0x740
[ 45.221529][ C1] hci_sock_ioctl+0x41e/0x7f0
[ 45.226211][ C1] sock_do_ioctl+0x114/0x330
[ 45.230796][ C1] sock_ioctl+0x4bd/0x710
[ 45.235109][ C1] __se_sys_ioctl+0x12f/0x1b0
[ 45.239761][ C1] __x64_sys_ioctl+0x7b/0x90
[ 45.244336][ C1] x64_sys_call+0x58b/0x9a0
[ 45.249039][ C1] do_syscall_64+0x4c/0xa0
[ 45.253611][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 45.259488][ C1]
[ 45.261793][ C1] Second to last potentially related work creation:
[ 45.268349][ C1] kasan_save_stack+0x3a/0x60
[ 45.273007][ C1] __kasan_record_aux_stack+0xb6/0xc0
[ 45.278352][ C1] kasan_record_aux_stack_noalloc+0xb/0x10
[ 45.284133][ C1] insert_work+0x51/0x300
[ 45.288435][ C1] __queue_work+0x9b1/0xd30
[ 45.292920][ C1] queue_work_on+0xde/0x150
[ 45.297402][ C1] __hci_cmd_sync_sk+0xa7f/0xd30
[ 45.302315][ C1] hci_cmd_sync_status+0x53/0x120
[ 45.307317][ C1] hci_dev_cmd+0x648/0x740
[ 45.311711][ C1] hci_sock_ioctl+0x41e/0x7f0
[ 45.316364][ C1] sock_do_ioctl+0x114/0x330
[ 45.320942][ C1] sock_ioctl+0x4bd/0x710
[ 45.325248][ C1] __se_sys_ioctl+0x12f/0x1b0
[ 45.329903][ C1] __x64_sys_ioctl+0x7b/0x90
[ 45.334468][ C1] x64_sys_call+0x58b/0x9a0
[ 45.338967][ C1] do_syscall_64+0x4c/0xa0
[ 45.343365][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 45.349240][ C1]
[ 45.351540][ C1] The buggy address belongs to the object at ffff88811b024000
[ 45.351540][ C1] which belongs to the cache kmalloc-8k of size 8192
[ 45.365565][ C1] The buggy address is located 2560 bytes inside of
[ 45.365565][ C1] 8192-byte region [ffff88811b024000, ffff88811b026000)
[ 45.379070][ C1]
[ 45.381376][ C1] The buggy address belongs to the physical page:
[ 45.387771][ C1] page:ffffea00046c0800 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11b020
[ 45.397984][ C1] head:ffffea00046c0800 order:3 compound_mapcount:0 compound_pincount:0
[ 45.406287][ C1] flags: 0x4000000000010200(slab|head|zone=1)
[ 45.412377][ C1] raw: 4000000000010200 0000000000000000 dead000000000122 ffff888100043500
[ 45.420935][ C1] raw: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000
[ 45.429576][ C1] page dumped because: kasan: bad access detected
[ 45.435990][ C1] page_owner tracks the page as allocated
[ 45.441677][ C1] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 427, tgid 427 (syz.4.35), ts 38435788058, free_ts 38428217448
[ 45.463883][ C1] post_alloc_hook+0x1f5/0x210
[ 45.468640][ C1] prep_new_page+0x1c/0x110
[ 45.473160][ C1] get_page_from_freelist+0x2d12/0x2d80
[ 45.478702][ C1] __alloc_pages+0x1fa/0x610
[ 45.483284][ C1] alloc_slab_page+0x6e/0xf0
[ 45.487853][ C1] new_slab+0x98/0x3d0
[ 45.491894][ C1] ___slab_alloc+0x6bd/0xb20
[ 45.496460][ C1] __slab_alloc+0x5e/0xa0
[ 45.500769][ C1] __kmem_cache_alloc_node+0x203/0x2c0
[ 45.506212][ C1] __kmalloc+0xa1/0x1e0
[ 45.510347][ C1] hci_alloc_dev_priv+0x27/0x1bd0
[ 45.515372][ C1] hci_uart_tty_ioctl+0x3c8/0xa20
[ 45.520379][ C1] tty_ioctl+0x8ef/0xc60
[ 45.524597][ C1] __se_sys_ioctl+0x12f/0x1b0
[ 45.529252][ C1] __x64_sys_ioctl+0x7b/0x90
[ 45.533819][ C1] x64_sys_call+0x58b/0x9a0
[ 45.538305][ C1] page last free stack trace:
[ 45.542957][ C1] free_unref_page_prepare+0x7f8/0x800
[ 45.548392][ C1] free_unref_page+0x95/0x540
[ 45.553048][ C1] __free_pages+0x67/0x100
[ 45.557436][ C1] __free_slab+0xca/0x1a0
[ 45.561741][ C1] __unfreeze_partials+0x160/0x190
[ 45.566826][ C1] put_cpu_partial+0xa9/0x100
[ 45.571486][ C1] __slab_free+0x1c4/0x280
[ 45.575883][ C1] ___cache_free+0xbf/0xd0
[ 45.580274][ C1] qlist_free_all+0xc6/0x140
[ 45.584839][ C1] kasan_quarantine_reduce+0x14a/0x170
[ 45.590273][ C1] __kasan_slab_alloc+0x24/0x80
[ 45.595101][ C1] slab_post_alloc_hook+0x4f/0x2d0
[ 45.600363][ C1] kmem_cache_alloc+0x16e/0x330
[ 45.605191][ C1] getname_flags+0xb9/0x500
[ 45.609669][ C1] user_path_at_empty+0x30/0x1c0
[ 45.614580][ C1] __x64_sys_umount+0xf9/0x170
[ 45.619319][ C1]
[ 45.621622][ C1] Memory state around the buggy address:
[ 45.627223][ C1] ffff88811b024900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 45.635263][ C1] ffff88811b024980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 45.643300][ C1] >ffff88811b024a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 45.651330][ C1] ^
[ 45.655369][ C1] ffff88811b024a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 45.663401][ C1] ffff88811b024b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 45.671436][ C1] ==================================================================
[ 45.679470][ C1] Disabling lock debugging due to kernel taint
[ 45.685660][ C1] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[ 45.686387][ T403] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 45.697362][ C1] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[ 45.697377][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G B syzkaller #0
[ 45.697393][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 45.697403][ C1] RIP: 0010:__queue_work+0x575/0xd30
[ 45.703741][ T424] Bluetooth: hci1: command 0x1003 tx timeout
[ 45.711844][ C1] Code: 39 2b 0f 84 b9 00 00 00 e8 28 4e 29 00 4c 89 ff e8 10 df b9 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 1c e8 6e 00 49 8b 7d 00 e8 a3 da
[ 45.711859][ C1] RSP: 0018:ffffc900001b0c70 EFLAGS: 00010046
[ 45.711874][ C1] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff888100330000
[ 45.711887][ C1] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[ 45.726220][ T28] audit: type=1400 audit(1777879094.421:107): avc: denied { read } for pid=85 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[ 45.730401][ C1] RBP: ffffc900001b0d08 R08: 0000000000000007 R09: fffffffffffffffb
[ 45.730416][ C1] R10: dffffc0000000000 R11: ffffed1023604939 R12: dffffc0000000000
[ 45.730427][ C1] R13: 0000000000000000 R14: ffff88811b0249c8 R15: 0000000000000008
[ 45.730437][ C1] FS: 0000000000000000(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 45.838152][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 45.844729][ C1] CR2: 00007fb4fc948060 CR3: 0000000113c59000 CR4: 00000000003506a0
[ 45.852687][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 45.860640][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 45.868773][ C1] Call Trace:
[ 45.872041][ C1]
[ 45.874888][ C1] delayed_work_timer_fn+0x61/0x80
[ 45.879990][ C1] ? __cfi_delayed_work_timer_fn+0x10/0x10
[ 45.885792][ C1] call_timer_fn+0x46/0x2a0
[ 45.890289][ C1] ? __cfi_delayed_work_timer_fn+0x10/0x10
[ 45.896090][ C1] __run_timers+0x689/0x9f0
[ 45.900585][ C1] ? calc_index+0x200/0x200
[ 45.905099][ C1] ? kvm_sched_clock_read+0x18/0x40
[ 45.910291][ C1] run_timer_softirq+0x6a/0xf0
[ 45.915055][ C1] handle_softirqs+0x1d7/0x600
[ 45.919807][ C1] ? irqtime_account_irq+0xc4/0x240
[ 45.924997][ C1] __irq_exit_rcu+0x52/0xf0
[ 45.929657][ C1] irq_exit_rcu+0x9/0x10
[ 45.933881][ C1] sysvec_apic_timer_interrupt+0xa9/0xc0
[ 45.939503][ C1]
[ 45.942415][ C1]
[ 45.945332][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 45.951303][ C1] RIP: 0010:default_idle+0xf/0x20
[ 45.956311][ C1] Code: 27 35 b5 fc e9 3d ff ff ff 00 00 90 90 90 90 90 90 90 90 90 90 90 b8 0c 67 40 a5 55 48 89 e5 66 90 0f 00 2d 53 55 64 00 fb f4 <5d> c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 90 90 90 90 90
[ 45.975896][ C1] RSP: 0018:ffffc90000147dd8 EFLAGS: 00000257
[ 45.981953][ C1] RAX: ffff8881f6f00000 RBX: ffff888100330000 RCX: 67a285de54fba400
[ 45.989910][ C1] RDX: 0000000000000001 RSI: ffffffff85ca8e80 RDI: ffffffff85ca8e40
[ 45.997871][ C1] RBP: ffffc90000147dd8 R08: ffff8881f6f348b3 R09: 1ffff1103ede6916
[ 46.005828][ C1] R10: 0000000000000000 R11: ffffffff8501dc20 R12: dffffc0000000000
[ 46.013788][ C1] R13: 0000000000000001 R14: ffff888100330000 R15: dffffc0000000000
[ 46.021758][ C1] ? __cfi_default_idle+0x10/0x10
[ 46.026803][ C1] arch_cpu_idle+0x1c/0x20
[ 46.031206][ C1] default_idle_call+0x71/0x1d0
[ 46.036161][ C1] do_idle+0x354/0x640
[ 46.040221][ C1] ? idle_inject_timer_fn+0x60/0x60
[ 46.045402][ C1] ? _raw_spin_unlock_irqrestore+0x5a/0x80
[ 46.051196][ C1] ? complete+0x167/0x1c0
[ 46.055522][ C1] cpu_startup_entry+0x43/0x60
[ 46.060268][ C1] start_secondary+0x119/0x120
[ 46.065040][ C1] secondary_startup_64_no_verify+0xce/0xdb
[ 46.070923][ C1]
[ 46.073924][ C1] Modules linked in:
[ 46.077812][ C1] ---[ end trace 0000000000000000 ]---
[ 46.083266][ C1] RIP: 0010:__queue_work+0x575/0xd30
[ 46.088577][ C1] Code: 39 2b 0f 84 b9 00 00 00 e8 28 4e 29 00 4c 89 ff e8 10 df b9 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 1c e8 6e 00 49 8b 7d 00 e8 a3 da
[ 46.108377][ C1] RSP: 0018:ffffc900001b0c70 EFLAGS: 00010046
[ 46.114443][ C1] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff888100330000
[ 46.122407][ C1] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[ 46.130361][ C1] RBP: ffffc900001b0d08 R08: 0000000000000007 R09: fffffffffffffffb
[ 46.138316][ C1] R10: dffffc0000000000 R11: ffffed1023604939 R12: dffffc0000000000
[ 46.146274][ C1] R13: 0000000000000000 R14: ffff88811b0249c8 R15: 0000000000000008
[ 46.154227][ C1] FS: 0000000000000000(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 46.163141][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 46.169714][ C1] CR2: 00007fb4fc948060 CR3: 0000000113c59000 CR4: 00000000003506a0
[ 46.177671][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 46.185624][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 46.193583][ C1] Kernel panic - not syncing: Fatal exception in interrupt
[ 46.201132][ C1] Kernel Offset: disabled
[ 46.205438][ C1] Rebooting in 86400 seconds..