Warning: Permanently added '10.128.10.5' (ED25519) to the list of known hosts.
[  918.467520][ T6143] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  918.471056][ T6143] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  918.473438][ T6143] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  918.476053][ T6143] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  918.478478][ T6143] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  918.480849][ T6143] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  918.545094][  T405] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  918.547279][  T405] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  918.563143][  T306] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  918.565275][  T306] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  920.530379][ T5664] Bluetooth: hci0: command 0x0409 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  922.610185][ T6143] Bluetooth: hci0: command 0x041b tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  924.690403][ T2210] ieee802154 phy0 wpan0: encryption failed: -22
[  924.691715][ T6143] Bluetooth: hci0: command 0x040f tx timeout
[  924.692217][ T2210] ieee802154 phy1 wpan1: encryption failed: -22
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  926.769830][ T5664] Bluetooth: hci0: command 0x0419 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  928.849854][ T5664] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
[  930.929815][ T6143] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  933.010150][ T6143] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  935.099871][ T6143] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  937.169846][ T6143] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  939.249821][ T6143] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  941.329845][ T6143] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  943.409846][ T6143] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  945.490021][ T6143] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  947.569867][ T6143] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  949.650066][ T6143] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  951.729876][ T6143] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  953.809843][ T6271] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  955.899804][ T6143] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  957.969945][ T6143] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  960.049826][ T6143] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  962.129908][ T6271] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  964.209862][ T6271] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  966.289858][ T6271] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  968.369868][ T6271] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  970.459910][ T6271] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  972.529876][ T6271] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  974.609826][ T6271] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  976.689902][ T6271] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  978.769984][ T6271] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  980.849831][ T6271] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  982.929887][ T6271] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  985.009915][ T6271] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
[  986.140727][ T2210] ieee802154 phy0 wpan0: encryption failed: -22
[  986.142581][ T2210] ieee802154 phy1 wpan1: encryption failed: -22
executing program
executing program
executing program
[  987.089853][ T6143] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  989.169875][ T6143] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  991.249860][ T6143] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
[  993.339855][ T6271] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  995.409821][ T6143] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  997.489911][ T6271] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  999.569871][ T6271] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1001.659837][ T6143] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1003.729820][ T6143] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1005.809840][ T6271] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1007.889899][ T6271] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1009.969840][ T6271] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1012.059870][ T6143] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1014.129850][ T6143] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1016.209823][ T6143] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1018.289854][ T6143] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1020.379840][ T6271] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1022.459851][ T6143] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1024.539852][ T6143] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1026.609855][   T50] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1028.689892][   T50] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1030.769842][ T6271] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1032.849852][ T6271] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1034.929896][   T50] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1037.009866][   T50] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1039.089888][ T6271] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1041.170000][ T6271] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1043.249896][ T6271] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1045.329805][ T6271] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1047.409835][ T6271] Bluetooth: hci0: command 0x0405 tx timeout
executing program
[ 1047.570370][ T2210] ieee802154 phy0 wpan0: encryption failed: -22
[ 1047.572026][ T2210] ieee802154 phy1 wpan1: encryption failed: -22
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1049.499822][   T50] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1051.569873][   T50] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1053.649842][   T50] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1055.729830][   T50] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1057.809827][   T50] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1059.889816][   T50] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1061.969854][   T50] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1064.059846][   T50] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1066.139852][   T50] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1068.209819][   T50] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1070.289886][   T50] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1072.369878][   T50] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1074.449859][   T50] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1076.529885][ T6271] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1078.609863][ T6271] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1080.689834][   T50] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1082.769866][   T50] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1084.859834][   T50] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1086.929817][   T50] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1089.009839][   T50] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1091.099854][   T50] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1093.169872][   T50] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
[ 1094.247077][ T6271] ==================================================================
[ 1094.249279][ T6271] BUG: KASAN: slab-use-after-free in __lock_acquire+0x114/0x75e8
[ 1094.251394][ T6271] Read of size 8 at addr ffff0000d553e0b0 by task kworker/u5:3/6271
executing program
[ 1094.253629][ T6271] 
[ 1094.254236][ T6271] CPU: 1 PID: 6271 Comm: kworker/u5:3 Not tainted 6.6.0-rc7-syzkaller-g8de1e7afcc1c #0
[ 1094.256854][ T6271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023
[ 1094.259501][ T6271] Workqueue: hci0 hci_cmd_sync_work
[ 1094.260943][ T6271] Call trace:
[ 1094.261812][ T6271]  dump_backtrace+0x1b8/0x1e4
[ 1094.263072][ T6271]  show_stack+0x2c/0x44
[ 1094.264256][ T6271]  dump_stack_lvl+0xd0/0x124
[ 1094.265613][ T6271]  print_report+0x174/0x514
[ 1094.266789][ T6271]  kasan_report+0xd8/0x138
[ 1094.267947][ T6271]  __asan_report_load8_noabort+0x20/0x2c
[ 1094.269547][ T6271]  __lock_acquire+0x114/0x75e8
[ 1094.270821][ T6271]  lock_acquire+0x23c/0x71c
[ 1094.272141][ T6271]  _raw_spin_lock_bh+0x48/0x60
[ 1094.273419][ T6271]  __lock_sock+0x170/0x2d4
[ 1094.274581][ T6271]  lock_sock_nested+0xa4/0x11c
[ 1094.275896][ T6271]  sco_connect_cfm+0x140/0x948
[ 1094.277115][ T6271]  hci_conn_failed+0x17c/0x2c0
[ 1094.278352][ T6271]  hci_abort_conn_sync+0x688/0xe38
[ 1094.279690][ T6271]  abort_conn_sync+0x5c/0x8c
[ 1094.280922][ T6271]  hci_cmd_sync_work+0x1cc/0x34c
[ 1094.282234][ T6271]  process_one_work+0x694/0x1204
[ 1094.283535][ T6271]  worker_thread+0x938/0xef4
[ 1094.284816][ T6271]  kthread+0x288/0x310
[ 1094.285874][ T6271]  ret_from_fork+0x10/0x20
[ 1094.287021][ T6271] 
[ 1094.287665][ T6271] Allocated by task 8151:
[ 1094.288862][ T6271]  kasan_set_track+0x4c/0x7c
[ 1094.290109][ T6271]  kasan_save_alloc_info+0x24/0x30
[ 1094.291538][ T6271]  __kasan_kmalloc+0xac/0xc4
[ 1094.292760][ T6271]  __kmalloc+0xcc/0x1b8
[ 1094.293833][ T6271]  sk_prot_alloc+0xc4/0x1f0
[ 1094.295098][ T6271]  sk_alloc+0x44/0x3f4
[ 1094.296208][ T6271]  bt_sock_alloc+0x4c/0x32c
[ 1094.297383][ T6271]  sco_sock_create+0xbc/0x31c
[ 1094.298649][ T6271]  bt_sock_create+0x14c/0x248
[ 1094.299885][ T6271]  __sock_create+0x43c/0x884
[ 1094.301078][ T6271]  __sys_socket+0x134/0x340
[ 1094.302280][ T6271]  __arm64_sys_socket+0x7c/0x94
[ 1094.303576][ T6271]  invoke_syscall+0x98/0x2b8
[ 1094.304748][ T6271]  el0_svc_common+0x130/0x23c
[ 1094.306032][ T6271]  do_el0_svc+0x48/0x58
[ 1094.307110][ T6271]  el0_svc+0x54/0x158
[ 1094.308216][ T6271]  el0t_64_sync_handler+0x84/0xfc
[ 1094.309520][ T6271]  el0t_64_sync+0x190/0x194
[ 1094.310703][ T6271] 
[ 1094.311289][ T6271] Freed by task 8151:
[ 1094.312320][ T6271]  kasan_set_track+0x4c/0x7c
[ 1094.313553][ T6271]  kasan_save_free_info+0x38/0x5c
[ 1094.314896][ T6271]  ____kasan_slab_free+0x144/0x1c0
[ 1094.316243][ T6271]  __kasan_slab_free+0x18/0x28
[ 1094.317550][ T6271]  __kmem_cache_free+0x2ac/0x480
[ 1094.318836][ T6271]  kfree+0xb8/0x19c
[ 1094.319805][ T6271]  __sk_destruct+0x4c0/0x770
[ 1094.320991][ T6271]  __sk_free+0x37c/0x4e8
[ 1094.322134][ T6271]  sk_free+0x60/0xc8
[ 1094.323111][ T6271]  sco_sock_kill+0xfc/0x1b4
[ 1094.324373][ T6271]  sco_sock_release+0x1fc/0x2c0
[ 1094.325670][ T6271]  sock_close+0xa4/0x1e8
[ 1094.326823][ T6271]  __fput+0x324/0x7f8
[ 1094.327876][ T6271]  ____fput+0x20/0x30
[ 1094.328907][ T6271]  task_work_run+0x230/0x2e0
[ 1094.330173][ T6271]  get_signal+0x13f4/0x15ec
[ 1094.331404][ T6271]  do_notify_resume+0x3bc/0x393c
[ 1094.332767][ T6271]  el0_svc+0x9c/0x158
[ 1094.333868][ T6271]  el0t_64_sync_handler+0x84/0xfc
[ 1094.335248][ T6271]  el0t_64_sync+0x190/0x194
[ 1094.336417][ T6271] 
[ 1094.336987][ T6271] The buggy address belongs to the object at ffff0000d553e000
[ 1094.336987][ T6271]  which belongs to the cache kmalloc-2k of size 2048
[ 1094.340711][ T6271] The buggy address is located 176 bytes inside of
[ 1094.340711][ T6271]  freed 2048-byte region [ffff0000d553e000, ffff0000d553e800)
[ 1094.344411][ T6271] 
[ 1094.345059][ T6271] The buggy address belongs to the physical page:
[ 1094.346752][ T6271] page:0000000014f21d98 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x115538
[ 1094.349466][ T6271] head:0000000014f21d98 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1094.351775][ T6271] flags: 0x5ffc00000000840(slab|head|node=0|zone=2|lastcpupid=0x7ff)
[ 1094.353881][ T6271] page_type: 0xffffffff()
[ 1094.355009][ T6271] raw: 05ffc00000000840 ffff0000c0002000 dead000000000122 0000000000000000
[ 1094.357335][ T6271] raw: 0000000000000000 0000000080080008 00000001ffffffff 0000000000000000
[ 1094.359590][ T6271] page dumped because: kasan: bad access detected
[ 1094.361271][ T6271] 
[ 1094.361854][ T6271] Memory state around the buggy address:
[ 1094.363325][ T6271]  ffff0000d553df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1094.365456][ T6271]  ffff0000d553e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1094.367546][ T6271] >ffff0000d553e080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1094.369655][ T6271]                                      ^
[ 1094.371093][ T6271]  ffff0000d553e100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1094.373208][ T6271]  ffff0000d553e180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1094.375280][ T6271] ==================================================================
[ 1094.377383][ T6271] Disabling lock debugging due to kernel taint
executing program
executing program
executing program
[ 1095.249834][   T50] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1097.329815][   T50] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1099.409897][   T50] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1101.489801][   T50] Bluetooth: hci0: command 0x0405 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1103.569825][   T50] Bluetooth: hci0: command 0x0407 tx timeout
executing program
executing program