[ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Load/Save RF Kill Switch Status. [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.124' (ECDSA) to the list of known hosts. 2021/10/08 05:39:46 parsed 1 programs 2021/10/08 05:39:46 executed programs: 0 syzkaller login: [ 1580.133482][ T25] audit: type=1400 audit(1633671586.866:8): avc: denied { execmem } for pid=6573 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 1581.515878][ T6574] chnl_net:caif_netlink_parms(): no params data found [ 1581.619147][ T6574] bridge0: port 1(bridge_slave_0) entered blocking state [ 1581.626952][ T6574] bridge0: port 1(bridge_slave_0) entered disabled state [ 1581.636413][ T6574] device bridge_slave_0 entered promiscuous mode [ 1581.647168][ T6574] bridge0: port 2(bridge_slave_1) entered blocking state [ 1581.654678][ T6574] bridge0: port 2(bridge_slave_1) entered disabled state [ 1581.662676][ T6574] device bridge_slave_1 entered promiscuous mode [ 1581.697049][ T6574] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1581.709111][ T6574] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1581.746701][ T6574] team0: Port device team_slave_0 added [ 1581.755857][ T6574] team0: Port device team_slave_1 added [ 1581.786878][ T6574] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1581.793893][ T6574] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1581.821294][ T6574] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1581.836382][ T6574] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1581.843509][ T6574] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1581.869943][ T6574] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1581.907944][ T6574] device hsr_slave_0 entered promiscuous mode [ 1581.916093][ T6574] device hsr_slave_1 entered promiscuous mode [ 1582.054274][ T6574] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1582.064970][ T6574] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1582.078024][ T6574] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1582.089313][ T6574] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1582.114845][ T6574] bridge0: port 2(bridge_slave_1) entered blocking state [ 1582.122280][ T6574] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1582.129940][ T6574] bridge0: port 1(bridge_slave_0) entered blocking state [ 1582.137079][ T6574] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1582.190487][ T6574] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1582.204712][ T6549] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1582.216011][ T6549] bridge0: port 1(bridge_slave_0) entered disabled state [ 1582.225826][ T6549] bridge0: port 2(bridge_slave_1) entered disabled state [ 1582.234304][ T6549] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 1582.248180][ T6574] 8021q: adding VLAN 0 to HW filter on device team0 [ 1582.261785][ T6740] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1582.270147][ T6740] bridge0: port 1(bridge_slave_0) entered blocking state [ 1582.277266][ T6740] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1582.288826][ T6549] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1582.298393][ T6549] bridge0: port 2(bridge_slave_1) entered blocking state [ 1582.305500][ T6549] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1582.326972][ T6739] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1582.336503][ T6739] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1582.357751][ T6574] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1582.369086][ T6574] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1582.383777][ T6740] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1582.393060][ T6740] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1582.403309][ T6740] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1582.412233][ T6740] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1582.431426][ T6740] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1582.438868][ T6740] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1582.455243][ T6574] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1582.473867][ T6740] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1582.493912][ T6739] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1582.503046][ T6739] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1582.515585][ T6574] device veth0_vlan entered promiscuous mode [ 1582.523430][ T6549] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1582.531837][ T6549] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1582.546620][ T6574] device veth1_vlan entered promiscuous mode [ 1582.568578][ T6549] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 1582.577928][ T6549] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 1582.586634][ T6549] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1582.595646][ T6549] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1582.609961][ T6574] device veth0_macvtap entered promiscuous mode [ 1582.620020][ T6574] device veth1_macvtap entered promiscuous mode [ 1582.638789][ T6574] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1582.647282][ T6740] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1582.655826][ T6740] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1582.665075][ T6740] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1582.675554][ T6740] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1582.689047][ T6574] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1582.696638][ T6549] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1582.705488][ T6549] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1582.717958][ T6574] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1582.727028][ T6574] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1582.735933][ T6574] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1582.745433][ T6574] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1582.853363][ T158] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1582.862844][ T158] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1582.877842][ T6739] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1582.920168][ T6632] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1582.928443][ T6632] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1582.942255][ T6739] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1583.292588][ T6739] Bluetooth: hci0: command 0x0409 tx timeout 2021/10/08 05:39:51 executed programs: 52 [ 1585.373335][ T6739] Bluetooth: hci0: command 0x041b tx timeout [ 1587.451594][ T6549] Bluetooth: hci0: command 0x040f tx timeout [ 1589.530523][ T6739] Bluetooth: hci0: command 0x0419 tx timeout 2021/10/08 05:39:56 executed programs: 192 2021/10/08 05:40:01 executed programs: 328 2021/10/08 05:40:06 executed programs: 469 2021/10/08 05:40:11 executed programs: 610 [ 1606.970907][ T1359] ieee802154 phy0 wpan0: encryption failed: -22 [ 1606.977577][ T1359] ieee802154 phy1 wpan1: encryption failed: -22 2021/10/08 05:40:16 executed programs: 750 2021/10/08 05:40:21 executed programs: 878 2021/10/08 05:40:27 executed programs: 1015 2021/10/08 05:40:32 executed programs: 1153 2021/10/08 05:40:37 executed programs: 1287 2021/10/08 05:40:42 executed programs: 1423 2021/10/08 05:40:47 executed programs: 1557 2021/10/08 05:40:52 executed programs: 1683 2021/10/08 05:40:57 executed programs: 1824 2021/10/08 05:41:02 executed programs: 1956 2021/10/08 05:41:07 executed programs: 2093 2021/10/08 05:41:12 executed programs: 2228 [ 1668.407147][ T1359] ieee802154 phy0 wpan0: encryption failed: -22 [ 1668.413516][ T1359] ieee802154 phy1 wpan1: encryption failed: -22 2021/10/08 05:41:17 executed programs: 2368 2021/10/08 05:41:22 executed programs: 2506 [ 1678.966756][ T6574] ================================================================== [ 1678.974856][ T6574] BUG: KASAN: use-after-free in __lock_acquire+0x3d86/0x54a0 [ 1678.982325][ T6574] Read of size 8 at addr ffff888020a33120 by task syz-executor.0/6574 [ 1678.990492][ T6574] [ 1678.992971][ T6574] CPU: 0 PID: 6574 Comm: syz-executor.0 Not tainted 5.15.0-rc4-syzkaller #0 [ 1679.001638][ T6574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1679.011678][ T6574] Call Trace: [ 1679.014948][ T6574] dump_stack_lvl+0xcd/0x134 [ 1679.019602][ T6574] print_address_description.constprop.0.cold+0x6c/0x2d6 [ 1679.026634][ T6574] ? __lock_acquire+0x3d86/0x54a0 [ 1679.031645][ T6574] ? __lock_acquire+0x3d86/0x54a0 [ 1679.036654][ T6574] kasan_report.cold+0x83/0xdf [ 1679.041422][ T6574] ? __lock_acquire+0x3d86/0x54a0 [ 1679.046442][ T6574] __lock_acquire+0x3d86/0x54a0 [ 1679.051290][ T6574] ? mark_lock+0xef/0x17b0 [ 1679.055795][ T6574] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 1679.061688][ T6574] ? debug_object_assert_init+0x246/0x2e0 [ 1679.067474][ T6574] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1679.073456][ T6574] lock_acquire+0x1ab/0x510 [ 1679.078047][ T6574] ? l2cap_sock_teardown_cb+0xa1/0x660 [ 1679.083570][ T6574] ? lock_release+0x720/0x720 [ 1679.088250][ T6574] ? mark_held_locks+0x9f/0xe0 [ 1679.093015][ T6574] ? cancel_delayed_work+0x2bd/0x340 [ 1679.098341][ T6574] lock_sock_nested+0x2f/0xf0 [ 1679.103049][ T6574] ? l2cap_sock_teardown_cb+0xa1/0x660 [ 1679.108509][ T6574] l2cap_sock_teardown_cb+0xa1/0x660 [ 1679.113800][ T6574] ? lockdep_hardirqs_on+0x79/0x100 [ 1679.119018][ T6574] l2cap_chan_del+0xbc/0xa80 [ 1679.123607][ T6574] l2cap_conn_del+0x3c0/0x7b0 [ 1679.128285][ T6574] ? l2cap_conn_del+0x7b0/0x7b0 [ 1679.133612][ T6574] l2cap_disconn_cfm+0x95/0xd0 [ 1679.138376][ T6574] hci_conn_hash_flush+0x127/0x260 [ 1679.143530][ T6574] hci_dev_do_close+0x57d/0x1130 [ 1679.148667][ T6574] ? hci_dev_open+0x300/0x300 [ 1679.153358][ T6574] ? up_write+0x148/0x470 [ 1679.157721][ T6574] hci_unregister_dev+0x1c0/0x5a0 [ 1679.162746][ T6574] vhci_release+0x70/0xe0 [ 1679.167133][ T6574] __fput+0x288/0x9f0 [ 1679.171154][ T6574] ? vhci_close_dev+0x50/0x50 [ 1679.175834][ T6574] task_work_run+0xdd/0x1a0 [ 1679.180335][ T6574] do_exit+0xbae/0x2a30 [ 1679.184559][ T6574] ? __context_tracking_exit+0xb8/0xe0 [ 1679.190028][ T6574] ? lock_downgrade+0x6e0/0x6e0 [ 1679.194893][ T6574] ? lock_downgrade+0x6e0/0x6e0 [ 1679.199754][ T6574] ? mm_update_next_owner+0x7a0/0x7a0 [ 1679.205139][ T6574] do_group_exit+0x125/0x310 [ 1679.209733][ T6574] __x64_sys_exit_group+0x3a/0x50 [ 1679.214757][ T6574] do_syscall_64+0x35/0xb0 [ 1679.219176][ T6574] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1679.225069][ T6574] RIP: 0033:0x7f9ab92c58d9 [ 1679.229479][ T6574] Code: Unable to access opcode bytes at RIP 0x7f9ab92c58af. [ 1679.236831][ T6574] RSP: 002b:00007ffdb6d5f608 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 1679.245251][ T6574] RAX: ffffffffffffffda RBX: 0000000000001f65 RCX: 00007f9ab92c58d9 [ 1679.253218][ T6574] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000043 [ 1679.261184][ T6574] RBP: 0000000000000000 R08: 0000000000000014 R09: 0000000000001f65 [ 1679.269153][ T6574] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9ab931fdff [ 1679.277135][ T6574] R13: 0000000000000000 R14: 0000000000000004 R15: 00007ffdb6d5f7f0 [ 1679.285111][ T6574] [ 1679.287518][ T6574] Allocated by task 16326: [ 1679.291930][ T6574] kasan_save_stack+0x1b/0x40 [ 1679.296707][ T6574] __kasan_kmalloc+0xa1/0xd0 [ 1679.301470][ T6574] __kmalloc+0x214/0x4d0 [ 1679.305709][ T6574] sk_prot_alloc+0x110/0x290 [ 1679.310360][ T6574] sk_alloc+0x30/0xa60 [ 1679.314439][ T6574] l2cap_sock_alloc.constprop.0+0x31/0x230 [ 1679.320271][ T6574] l2cap_sock_create+0x123/0x1f0 [ 1679.325220][ T6574] bt_sock_create+0x17c/0x340 [ 1679.329907][ T6574] __sock_create+0x353/0x790 [ 1679.334513][ T6574] __sys_socket+0xef/0x200 [ 1679.338938][ T6574] __x64_sys_socket+0x6f/0xb0 [ 1679.343612][ T6574] do_syscall_64+0x35/0xb0 [ 1679.348023][ T6574] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1679.353916][ T6574] [ 1679.356229][ T6574] Freed by task 16325: [ 1679.360286][ T6574] kasan_save_stack+0x1b/0x40 [ 1679.364964][ T6574] kasan_set_track+0x1c/0x30 [ 1679.369549][ T6574] kasan_set_free_info+0x20/0x30 [ 1679.374500][ T6574] __kasan_slab_free+0xd1/0x110 [ 1679.379361][ T6574] kfree+0x10a/0x2c0 [ 1679.383287][ T6574] __sk_destruct+0x6a8/0x900 [ 1679.387881][ T6574] sk_destruct+0xbd/0xe0 [ 1679.392127][ T6574] __sk_free+0xef/0x3d0 [ 1679.396290][ T6574] sk_free+0x78/0xa0 [ 1679.400182][ T6574] l2cap_sock_kill+0x203/0x240 [ 1679.404949][ T6574] l2cap_sock_release+0x184/0x200 [ 1679.409969][ T6574] __sock_release+0xcd/0x280 [ 1679.414554][ T6574] sock_close+0x18/0x20 [ 1679.418708][ T6574] __fput+0x288/0x9f0 [ 1679.422688][ T6574] task_work_run+0xdd/0x1a0 [ 1679.427190][ T6574] exit_to_user_mode_prepare+0x27e/0x290 [ 1679.432887][ T6574] syscall_exit_to_user_mode+0x19/0x60 [ 1679.438345][ T6574] do_syscall_64+0x42/0xb0 [ 1679.442842][ T6574] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1679.448753][ T6574] [ 1679.451077][ T6574] The buggy address belongs to the object at ffff888020a33000 [ 1679.451077][ T6574] which belongs to the cache kmalloc-2k of size 2048 [ 1679.465122][ T6574] The buggy address is located 288 bytes inside of [ 1679.465122][ T6574] 2048-byte region [ffff888020a33000, ffff888020a33800) [ 1679.478479][ T6574] The buggy address belongs to the page: [ 1679.484093][ T6574] page:ffffea0000828cc0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x20a33 [ 1679.494242][ T6574] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff) [ 1679.501811][ T6574] raw: 00fff00000000200 ffffea000083a248 ffffea00007cb8c8 ffff888010c40800 [ 1679.510393][ T6574] raw: 0000000000000000 ffff888020a33000 0000000100000001 0000000000000000 [ 1679.518963][ T6574] page dumped because: kasan: bad access detected [ 1679.525362][ T6574] page_owner tracks the page as allocated [ 1679.531063][ T6574] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x242220(__GFP_HIGH|__GFP_ATOMIC|__GFP_NOWARN|__GFP_COMP|__GFP_THISNODE), pid 16326, ts 1678614170686, free_ts 1678598695124 [ 1679.549830][ T6574] get_page_from_freelist+0xa72/0x2f80 [ 1679.555371][ T6574] __alloc_pages+0x1b2/0x500 [ 1679.559957][ T6574] cache_grow_begin+0x75/0x460 [ 1679.564717][ T6574] cache_alloc_refill+0x27f/0x380 [ 1679.569742][ T6574] __kmalloc+0x3d5/0x4d0 [ 1679.573980][ T6574] sk_prot_alloc+0x110/0x290 [ 1679.578572][ T6574] sk_alloc+0x30/0xa60 [ 1679.582644][ T6574] l2cap_sock_alloc.constprop.0+0x31/0x230 [ 1679.588455][ T6574] l2cap_sock_create+0x123/0x1f0 [ 1679.593392][ T6574] bt_sock_create+0x17c/0x340 [ 1679.598063][ T6574] __sock_create+0x353/0x790 [ 1679.602649][ T6574] __sys_socket+0xef/0x200 [ 1679.607061][ T6574] __x64_sys_socket+0x6f/0xb0 [ 1679.611742][ T6574] do_syscall_64+0x35/0xb0 [ 1679.616152][ T6574] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1679.622048][ T6574] page last free stack trace: [ 1679.626709][ T6574] free_pcp_prepare+0x2c5/0x780 [ 1679.631563][ T6574] free_unref_page_list+0x1a9/0xfa0 [ 1679.636757][ T6574] release_pages+0x830/0x20b0 [ 1679.641501][ T6574] tlb_finish_mmu+0x165/0x8c0 [ 1679.646175][ T6574] exit_mmap+0x1ea/0x630 [ 1679.650426][ T6574] __mmput+0x122/0x4b0 [ 1679.654496][ T6574] mmput+0x58/0x60 [ 1679.658227][ T6574] do_exit+0xabc/0x2a30 [ 1679.662379][ T6574] do_group_exit+0x125/0x310 [ 1679.666971][ T6574] get_signal+0x47f/0x2160 [ 1679.671427][ T6574] arch_do_signal_or_restart+0x2a9/0x1c40 [ 1679.677177][ T6574] exit_to_user_mode_prepare+0x17d/0x290 [ 1679.682810][ T6574] syscall_exit_to_user_mode+0x19/0x60 [ 1679.688352][ T6574] do_syscall_64+0x42/0xb0 [ 1679.692762][ T6574] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1679.698659][ T6574] [ 1679.700987][ T6574] Memory state around the buggy address: [ 1679.706604][ T6574] ffff888020a33000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1679.714660][ T6574] ffff888020a33080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1679.722897][ T6574] >ffff888020a33100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1679.730947][ T6574] ^ [ 1679.736043][ T6574] ffff888020a33180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1679.744180][ T6574] ffff888020a33200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1679.752238][ T6574] ================================================================== [ 1679.760296][ T6574] Disabling lock debugging due to kernel taint [ 1679.766448][ T6574] Kernel panic - not syncing: panic_on_warn set ... [ 1679.773021][ T6574] CPU: 0 PID: 6574 Comm: syz-executor.0 Tainted: G B 5.15.0-rc4-syzkaller #0 [ 1679.783078][ T6574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1679.793124][ T6574] Call Trace: [ 1679.796393][ T6574] dump_stack_lvl+0xcd/0x134 [ 1679.800983][ T6574] panic+0x2b0/0x6dd [ 1679.804902][ T6574] ? __warn_printk+0xf3/0xf3 [ 1679.809487][ T6574] ? __lock_acquire+0x3d86/0x54a0 [ 1679.814508][ T6574] ? __lock_acquire+0x3d86/0x54a0 [ 1679.819526][ T6574] ? __lock_acquire+0x3d86/0x54a0 [ 1679.824548][ T6574] end_report.cold+0x63/0x6f [ 1679.829142][ T6574] kasan_report.cold+0x71/0xdf [ 1679.833921][ T6574] ? __lock_acquire+0x3d86/0x54a0 [ 1679.838943][ T6574] __lock_acquire+0x3d86/0x54a0 [ 1679.843800][ T6574] ? mark_lock+0xef/0x17b0 [ 1679.848214][ T6574] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 1679.854019][ T6574] ? debug_object_assert_init+0x246/0x2e0 [ 1679.859742][ T6574] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1679.865721][ T6574] lock_acquire+0x1ab/0x510 [ 1679.870429][ T6574] ? l2cap_sock_teardown_cb+0xa1/0x660 [ 1679.875889][ T6574] ? lock_release+0x720/0x720 [ 1679.880565][ T6574] ? mark_held_locks+0x9f/0xe0 [ 1679.885319][ T6574] ? cancel_delayed_work+0x2bd/0x340 [ 1679.890594][ T6574] lock_sock_nested+0x2f/0xf0 [ 1679.895270][ T6574] ? l2cap_sock_teardown_cb+0xa1/0x660 [ 1679.900727][ T6574] l2cap_sock_teardown_cb+0xa1/0x660 [ 1679.906010][ T6574] ? lockdep_hardirqs_on+0x79/0x100 [ 1679.911218][ T6574] l2cap_chan_del+0xbc/0xa80 [ 1679.915806][ T6574] l2cap_conn_del+0x3c0/0x7b0 [ 1679.920489][ T6574] ? l2cap_conn_del+0x7b0/0x7b0 [ 1679.925334][ T6574] l2cap_disconn_cfm+0x95/0xd0 [ 1679.930110][ T6574] hci_conn_hash_flush+0x127/0x260 [ 1679.935285][ T6574] hci_dev_do_close+0x57d/0x1130 [ 1679.940256][ T6574] ? hci_dev_open+0x300/0x300 [ 1679.944948][ T6574] ? up_write+0x148/0x470 [ 1679.949290][ T6574] hci_unregister_dev+0x1c0/0x5a0 [ 1679.954333][ T6574] vhci_release+0x70/0xe0 [ 1679.958753][ T6574] __fput+0x288/0x9f0 [ 1679.962736][ T6574] ? vhci_close_dev+0x50/0x50 [ 1679.967424][ T6574] task_work_run+0xdd/0x1a0 [ 1679.971922][ T6574] do_exit+0xbae/0x2a30 [ 1679.976160][ T6574] ? __context_tracking_exit+0xb8/0xe0 [ 1679.981629][ T6574] ? lock_downgrade+0x6e0/0x6e0 [ 1679.988397][ T6574] ? lock_downgrade+0x6e0/0x6e0 [ 1679.993329][ T6574] ? mm_update_next_owner+0x7a0/0x7a0 [ 1679.998700][ T6574] do_group_exit+0x125/0x310 [ 1680.003288][ T6574] __x64_sys_exit_group+0x3a/0x50 [ 1680.008322][ T6574] do_syscall_64+0x35/0xb0 [ 1680.012736][ T6574] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1680.018715][ T6574] RIP: 0033:0x7f9ab92c58d9 [ 1680.023151][ T6574] Code: Unable to access opcode bytes at RIP 0x7f9ab92c58af. [ 1680.030511][ T6574] RSP: 002b:00007ffdb6d5f608 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 1680.039026][ T6574] RAX: ffffffffffffffda RBX: 0000000000001f65 RCX: 00007f9ab92c58d9 [ 1680.047014][ T6574] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000043 [ 1680.055038][ T6574] RBP: 0000000000000000 R08: 0000000000000014 R09: 0000000000001f65 [ 1680.062998][ T6574] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9ab931fdff [ 1680.070968][ T6574] R13: 0000000000000000 R14: 0000000000000004 R15: 00007ffdb6d5f7f0 [ 1680.079173][ T6574] Kernel Offset: disabled [ 1680.083483][ T6574] Rebooting in 86400 seconds..