Warning: Permanently added '10.128.0.194' (ED25519) to the list of known hosts.
2025/01/07 23:34:01 ignoring optional flag "sandboxArg"="0"
2025/01/07 23:34:02 parsed 1 programs
[ 52.284430][ T28] kauditd_printk_skb: 32 callbacks suppressed
[ 52.284446][ T28] audit: type=1400 audit(1736292843.136:108): avc: denied { unlink } for pid=408 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 52.340835][ T408] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 53.122407][ T28] audit: type=1401 audit(1736292843.966:109): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
[ 53.297828][ T458] bridge0: port 1(bridge_slave_0) entered blocking state
[ 53.304751][ T458] bridge0: port 1(bridge_slave_0) entered disabled state
[ 53.311972][ T458] device bridge_slave_0 entered promiscuous mode
[ 53.322005][ T458] bridge0: port 2(bridge_slave_1) entered blocking state
[ 53.328897][ T458] bridge0: port 2(bridge_slave_1) entered disabled state
[ 53.336531][ T458] device bridge_slave_1 entered promiscuous mode
[ 53.401353][ T458] bridge0: port 2(bridge_slave_1) entered blocking state
[ 53.408247][ T458] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 53.415436][ T458] bridge0: port 1(bridge_slave_0) entered blocking state
[ 53.422184][ T458] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 53.443942][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 53.451516][ T10] bridge0: port 1(bridge_slave_0) entered disabled state
[ 53.458885][ T10] bridge0: port 2(bridge_slave_1) entered disabled state
[ 53.474246][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 53.482324][ T10] bridge0: port 1(bridge_slave_0) entered blocking state
[ 53.489299][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 53.496681][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 53.505540][ T10] bridge0: port 2(bridge_slave_1) entered blocking state
[ 53.512399][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 53.522614][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 53.532472][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 53.547458][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 53.558861][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 53.566935][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 53.574290][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 53.582541][ T458] device veth0_vlan entered promiscuous mode
[ 53.593311][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
2025/01/07 23:34:04 executed programs: 0
[ 53.602918][ T458] device veth1_macvtap entered promiscuous mode
[ 53.612545][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 53.622606][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 53.786305][ T472] bridge0: port 1(bridge_slave_0) entered blocking state
[ 53.793426][ T472] bridge0: port 1(bridge_slave_0) entered disabled state
[ 53.800784][ T472] device bridge_slave_0 entered promiscuous mode
[ 53.824831][ T472] bridge0: port 2(bridge_slave_1) entered blocking state
[ 53.831686][ T472] bridge0: port 2(bridge_slave_1) entered disabled state
[ 53.839088][ T472] device bridge_slave_1 entered promiscuous mode
[ 53.940205][ T478] bridge0: port 1(bridge_slave_0) entered blocking state
[ 53.947283][ T478] bridge0: port 1(bridge_slave_0) entered disabled state
[ 53.954838][ T478] device bridge_slave_0 entered promiscuous mode
[ 53.961837][ T478] bridge0: port 2(bridge_slave_1) entered blocking state
[ 53.968904][ T478] bridge0: port 2(bridge_slave_1) entered disabled state
[ 53.976294][ T478] device bridge_slave_1 entered promiscuous mode
[ 54.036191][ T474] bridge0: port 1(bridge_slave_0) entered blocking state
[ 54.043063][ T474] bridge0: port 1(bridge_slave_0) entered disabled state
[ 54.050599][ T474] device bridge_slave_0 entered promiscuous mode
[ 54.070172][ T474] bridge0: port 2(bridge_slave_1) entered blocking state
[ 54.077154][ T474] bridge0: port 2(bridge_slave_1) entered disabled state
[ 54.084509][ T474] device bridge_slave_1 entered promiscuous mode
[ 54.111912][ T479] bridge0: port 1(bridge_slave_0) entered blocking state
[ 54.118788][ T479] bridge0: port 1(bridge_slave_0) entered disabled state
[ 54.126454][ T479] device bridge_slave_0 entered promiscuous mode
[ 54.133263][ T479] bridge0: port 2(bridge_slave_1) entered blocking state
[ 54.140324][ T479] bridge0: port 2(bridge_slave_1) entered disabled state
[ 54.147609][ T479] device bridge_slave_1 entered promiscuous mode
[ 54.188477][ T476] bridge0: port 1(bridge_slave_0) entered blocking state
[ 54.195421][ T476] bridge0: port 1(bridge_slave_0) entered disabled state
[ 54.204838][ T476] device bridge_slave_0 entered promiscuous mode
[ 54.228258][ T476] bridge0: port 2(bridge_slave_1) entered blocking state
[ 54.235250][ T476] bridge0: port 2(bridge_slave_1) entered disabled state
[ 54.242664][ T476] device bridge_slave_1 entered promiscuous mode
[ 54.452511][ T474] bridge0: port 2(bridge_slave_1) entered blocking state
[ 54.459774][ T474] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 54.467464][ T474] bridge0: port 1(bridge_slave_0) entered blocking state
[ 54.474420][ T474] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 54.482636][ T43] bridge0: port 1(bridge_slave_0) entered disabled state
[ 54.490992][ T43] bridge0: port 2(bridge_slave_1) entered disabled state
[ 54.499970][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 54.507324][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 54.543094][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 54.551922][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 54.560457][ T43] bridge0: port 1(bridge_slave_0) entered blocking state
[ 54.567371][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 54.575686][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 54.584545][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 54.592805][ T43] bridge0: port 2(bridge_slave_1) entered blocking state
[ 54.599674][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 54.608615][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 54.649565][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 54.657405][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 54.665393][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 54.672680][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 54.681070][ T43] bridge0: port 1(bridge_slave_0) entered blocking state
[ 54.687944][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 54.695802][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 54.704126][ T43] bridge0: port 2(bridge_slave_1) entered blocking state
[ 54.711144][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 54.718526][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 54.727823][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 54.755224][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 54.763582][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 54.771930][ T43] bridge0: port 1(bridge_slave_0) entered blocking state
[ 54.778915][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 54.804702][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 54.813015][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 54.821162][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 54.829475][ T43] bridge0: port 2(bridge_slave_1) entered blocking state
[ 54.836354][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 54.844083][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 54.851884][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 54.859328][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 54.867538][ T43] bridge0: port 1(bridge_slave_0) entered blocking state
[ 54.874647][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 54.882434][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 54.891153][ T43] bridge0: port 2(bridge_slave_1) entered blocking state
[ 54.898043][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 54.905341][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 54.934859][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 54.943184][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 54.951470][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 54.958920][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 54.967606][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 54.976095][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 54.984186][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 54.991513][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 54.999218][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 55.007291][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 55.015130][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 55.022618][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 55.031296][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 55.039646][ T43] bridge0: port 1(bridge_slave_0) entered blocking state
[ 55.046521][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 55.053792][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 55.062102][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 55.070319][ T43] bridge0: port 2(bridge_slave_1) entered blocking state
[ 55.077205][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 55.085586][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 55.094614][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 55.102579][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 55.110894][ T472] device veth0_vlan entered promiscuous mode
[ 55.134468][ T474] device veth0_vlan entered promiscuous mode
[ 55.149806][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 55.158312][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 55.167270][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 55.175529][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 55.183427][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 55.192035][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 55.200496][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 55.208610][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 55.223773][ T479] device veth0_vlan entered promiscuous mode
[ 55.230211][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 55.238033][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 55.246227][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 55.254760][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 55.268427][ T472] device veth1_macvtap entered promiscuous mode
[ 55.280287][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 55.287871][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 55.295331][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 55.302836][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 55.312102][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 55.325203][ T478] device veth0_vlan entered promiscuous mode
[ 55.342851][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 55.350816][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 55.358974][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 55.367433][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 55.375808][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 55.384144][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 55.392382][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 55.400732][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 55.408778][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 55.416428][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 55.424244][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 55.431539][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 55.440351][ T479] device veth1_macvtap entered promiscuous mode
[ 55.451621][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 55.459585][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 55.467821][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 55.476221][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 55.484609][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 55.493495][ T476] device veth0_vlan entered promiscuous mode
[ 55.511216][ T474] device veth1_macvtap entered promiscuous mode
[ 55.521655][ T478] device veth1_macvtap entered promiscuous mode
[ 55.529359][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 55.537779][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 55.546564][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 55.555579][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 55.563568][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 55.571272][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 55.579888][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 55.588329][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 55.596741][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 55.605201][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 55.628885][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 55.637350][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 55.668995][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 55.677755][ T28] audit: type=1400 audit(1736292846.526:110): avc: denied { ioctl } for pid=498 comm="syz.5.15" path="socket:[17903]" dev="sockfs" ino=17903 ioctlcmd=0x48e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 55.678265][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 55.712209][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 55.722711][ T497] Bluetooth: hci0: Frame reassembly failed (-84)
[ 55.727306][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 55.732240][ T497] Bluetooth: hci1: Frame reassembly failed (-84)
[ 55.738646][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 55.751905][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 55.760373][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 55.768723][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 55.777723][ T476] device veth1_macvtap entered promiscuous mode
[ 55.816057][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 55.825777][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 55.834111][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 55.834901][ T10] Bluetooth: hci2: Frame reassembly failed (-84)
[ 55.845745][ T497] Bluetooth: hci3: Frame reassembly failed (-84)
[ 55.860589][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 55.869456][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 55.898561][ T497] Bluetooth: hci4: Frame reassembly failed (-84)
[ 55.985263][ T8] device bridge_slave_1 left promiscuous mode
[ 55.991385][ T8] bridge0: port 2(bridge_slave_1) entered disabled state
[ 55.999089][ T8] device bridge_slave_0 left promiscuous mode
[ 56.005454][ T8] bridge0: port 1(bridge_slave_0) entered disabled state
[ 56.013624][ T8] device veth1_macvtap left promiscuous mode
[ 56.019679][ T8] device veth0_vlan left promiscuous mode
[ 57.763962][ T514] Bluetooth: hci1: command 0x1003 tx timeout
[ 57.763958][ T501] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 57.764847][ T500] Bluetooth: hci0: command 0x1003 tx timeout
[ 57.774264][ T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 57.788296][ T499] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 57.794410][ T503] Bluetooth: hci0: Opcode 0x080f failed: -4
[ 57.800310][ T507] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 57.806468][ T510] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 57.814075][ T513] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 57.822928][ T45] ==================================================================
[ 57.823339][ T8] Bluetooth: hci0: Frame reassembly failed (-84)
[ 57.830820][ T45] BUG: KASAN: use-after-free in enqueue_timer+0xa6/0x480
[ 57.830874][ T45] Write of size 8 at addr ffff88810b68ca00 by task kworker/u5:0/45
[ 57.830891][ T45]
[ 57.830897][ T45] CPU: 0 PID: 45 Comm: kworker/u5:0 Not tainted 6.1.118-syzkaller-1166353-g616d7c64fd84 #0
[ 57.830917][ T45] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 57.843932][ T518] Bluetooth: hci2: command 0x1003 tx timeout
[ 57.843981][ T45] Workqueue: hci0 hci_power_on
[ 57.851764][ T504] Bluetooth: hci2: Opcode 0x1003 failed: -110
[ 57.853867][ T45]
[ 57.853874][ T45] Call Trace:
[ 57.853890][ T45]
[ 57.853898][ T45] dump_stack_lvl+0x151/0x1b7
[ 57.902786][ T45] ? nf_tcp_handle_invalid+0x3f1/0x3f1
[ 57.908069][ T45] ? _printk+0xd1/0x111
[ 57.912103][ T45] ? __virt_addr_valid+0x242/0x2f0
[ 57.917005][ T45] print_report+0x158/0x4e0
[ 57.921339][ T45] ? __virt_addr_valid+0x242/0x2f0
[ 57.926285][ T45] ? kasan_complete_mode_report_info+0x90/0x1b0
[ 57.932365][ T45] ? enqueue_timer+0xa6/0x480
[ 57.936914][ T45] kasan_report+0x13c/0x170
[ 57.941311][ T45] ? enqueue_timer+0xa6/0x480
[ 57.945814][ T45] __asan_report_store8_noabort+0x17/0x20
[ 57.951567][ T45] enqueue_timer+0xa6/0x480
[ 57.955907][ T45] __mod_timer+0x8d3/0xcf0
[ 57.960160][ T45] ? mod_timer_pending+0x30/0x30
[ 57.964944][ T45] ? insert_work+0x283/0x310
[ 57.969360][ T45] ? __kasan_check_write+0x14/0x20
[ 57.974309][ T45] ? _raw_spin_lock_irqsave+0xf9/0x210
[ 57.979705][ T45] schedule_timeout+0x187/0x380
[ 57.984498][ T45] ? console_conditional_schedule+0x10/0x10
[ 57.990219][ T45] ? queue_work_on+0x135/0x170
[ 57.994816][ T45] ? update_process_times+0x1b0/0x1b0
[ 58.000026][ T45] ? prepare_to_wait_event+0x3e6/0x420
[ 58.005499][ T45] __hci_cmd_sync_sk+0x2ad/0xf70
[ 58.010377][ T45] ? eir_get_service_data+0x2e0/0x2e0
[ 58.015709][ T45] ? wake_bit_function+0x230/0x230
[ 58.020706][ T45] ? __kasan_check_read+0x11/0x20
[ 58.025652][ T45] hci_dev_open_sync+0x1314/0x30a0
[ 58.030602][ T45] ? update_load_avg+0x513/0x1530
[ 58.035460][ T45] ? hci_reset_sync+0x100/0x100
[ 58.040157][ T45] ? __switch_to+0x62c/0x1190
[ 58.045071][ T45] ? __kasan_check_write+0x14/0x20
[ 58.050135][ T45] ? mutex_lock+0xb1/0x1e0
[ 58.054468][ T45] ? bit_wait_io_timeout+0x120/0x120
[ 58.059699][ T45] ? kthread_data+0x53/0xc0
[ 58.064074][ T45] hci_power_on+0x1a7/0x5e0
[ 58.068489][ T45] ? hci_tx_work+0x3790/0x3790
[ 58.073107][ T45] ? __schedule+0xcbd/0x1560
[ 58.077512][ T45] process_one_work+0x73d/0xcb0
[ 58.082297][ T45] worker_thread+0xa60/0x1260
[ 58.086815][ T45] kthread+0x26d/0x300
[ 58.090699][ T45] ? worker_clr_flags+0x1a0/0x1a0
[ 58.095560][ T45] ? kthread_blkcg+0xd0/0xd0
[ 58.100071][ T45] ret_from_fork+0x1f/0x30
[ 58.104330][ T45]
[ 58.107205][ T45]
[ 58.109357][ T45] Allocated by task 499:
[ 58.113444][ T45] kasan_set_track+0x4b/0x70
[ 58.117864][ T45] kasan_save_alloc_info+0x1f/0x30
[ 58.123024][ T45] __kasan_kmalloc+0x9c/0xb0
[ 58.127707][ T45] __kmalloc+0xb4/0x1e0
[ 58.131703][ T45] hci_alloc_dev_priv+0x27/0x1c00
[ 58.136904][ T45] hci_uart_tty_ioctl+0x401/0xa70
[ 58.141774][ T45] tty_ioctl+0x903/0xc50
[ 58.145843][ T45] __se_sys_ioctl+0x114/0x190
[ 58.150358][ T45] __x64_sys_ioctl+0x7b/0x90
[ 58.154869][ T45] x64_sys_call+0x98/0x9a0
[ 58.159122][ T45] do_syscall_64+0x3b/0xb0
[ 58.163371][ T45] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 58.169189][ T45]
[ 58.171357][ T45] Freed by task 513:
[ 58.175091][ T45] kasan_set_track+0x4b/0x70
[ 58.179514][ T45] kasan_save_free_info+0x2b/0x40
[ 58.184376][ T45] ____kasan_slab_free+0x131/0x180
[ 58.189326][ T45] __kasan_slab_free+0x11/0x20
[ 58.193922][ T45] __kmem_cache_free+0x21d/0x410
[ 58.198698][ T45] kfree+0x7a/0xf0
[ 58.202255][ T45] hci_release_dev+0x14d3/0x1640
[ 58.207118][ T45] bt_host_release+0x83/0xa0
[ 58.211543][ T45] device_release+0x95/0x1c0
[ 58.215988][ T45] kobject_put+0x178/0x260
[ 58.220225][ T45] put_device+0x1f/0x30
[ 58.224313][ T45] hci_dev_cmd+0x2be/0x9b0
[ 58.228655][ T45] hci_sock_ioctl+0x415/0x7f0
[ 58.233165][ T45] sock_do_ioctl+0x152/0x450
[ 58.237584][ T45] sock_ioctl+0x455/0x740
[ 58.241754][ T45] __se_sys_ioctl+0x114/0x190
[ 58.246372][ T45] __x64_sys_ioctl+0x7b/0x90
[ 58.250806][ T45] x64_sys_call+0x98/0x9a0
[ 58.255050][ T45] do_syscall_64+0x3b/0xb0
[ 58.259391][ T45] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 58.265210][ T45]
[ 58.267385][ T45] Last potentially related work creation:
[ 58.272930][ T45] kasan_save_stack+0x3b/0x60
[ 58.277445][ T45] __kasan_record_aux_stack+0xb4/0xc0
[ 58.282652][ T45] kasan_record_aux_stack_noalloc+0xb/0x10
[ 58.288312][ T45] insert_work+0x56/0x310
[ 58.292460][ T45] __queue_work+0x9b6/0xd70
[ 58.296803][ T45] queue_work_on+0x105/0x170
[ 58.301232][ T45] __hci_cmd_sync_sk+0xc2a/0xf70
[ 58.305997][ T45] hci_cmd_sync_status+0x52/0x130
[ 58.310858][ T45] hci_dev_cmd+0x771/0x9b0
[ 58.315113][ T45] hci_sock_ioctl+0x415/0x7f0
[ 58.319635][ T45] sock_do_ioctl+0x152/0x450
[ 58.324180][ T45] sock_ioctl+0x455/0x740
[ 58.328338][ T45] __se_sys_ioctl+0x114/0x190
[ 58.333024][ T45] __x64_sys_ioctl+0x7b/0x90
[ 58.337449][ T45] x64_sys_call+0x98/0x9a0
[ 58.341718][ T45] do_syscall_64+0x3b/0xb0
[ 58.345958][ T45] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 58.351689][ T45]
[ 58.353853][ T45] Second to last potentially related work creation:
[ 58.360291][ T45] kasan_save_stack+0x3b/0x60
[ 58.364914][ T45] __kasan_record_aux_stack+0xb4/0xc0
[ 58.370116][ T45] kasan_record_aux_stack_noalloc+0xb/0x10
[ 58.375754][ T45] insert_work+0x56/0x310
[ 58.379922][ T45] __queue_work+0x9b6/0xd70
[ 58.384259][ T45] queue_work_on+0x105/0x170
[ 58.388689][ T45] __hci_cmd_sync_sk+0xc2a/0xf70
[ 58.393459][ T45] hci_cmd_sync_status+0x52/0x130
[ 58.398324][ T45] hci_dev_cmd+0x771/0x9b0
[ 58.402573][ T45] hci_sock_ioctl+0x415/0x7f0
[ 58.407089][ T45] sock_do_ioctl+0x152/0x450
[ 58.411520][ T45] sock_ioctl+0x455/0x740
[ 58.415681][ T45] __se_sys_ioctl+0x114/0x190
[ 58.420226][ T45] __x64_sys_ioctl+0x7b/0x90
[ 58.424624][ T45] x64_sys_call+0x98/0x9a0
[ 58.428871][ T45] do_syscall_64+0x3b/0xb0
[ 58.433124][ T45] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 58.438868][ T45]
[ 58.441025][ T45] The buggy address belongs to the object at ffff88810b68c000
[ 58.441025][ T45] which belongs to the cache kmalloc-8k of size 8192
[ 58.455263][ T45] The buggy address is located 2560 bytes inside of
[ 58.455263][ T45] 8192-byte region [ffff88810b68c000, ffff88810b68e000)
[ 58.468540][ T45]
[ 58.470707][ T45] The buggy address belongs to the physical page:
[ 58.477046][ T45] page:ffffea00042da200 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88810b688000 pfn:0x10b688
[ 58.488709][ T45] head:ffffea00042da200 order:3 compound_mapcount:0 compound_pincount:0
[ 58.496862][ T45] flags: 0x4000000000010200(slab|head|zone=1)
[ 58.502980][ T45] raw: 4000000000010200 0000000000000000 dead000000000001 ffff888100043500
[ 58.511562][ T45] raw: ffff88810b688000 0000000080020001 00000001ffffffff 0000000000000000
[ 58.520061][ T45] page dumped because: kasan: bad access detected
[ 58.526398][ T45] page_owner tracks the page as allocated
[ 58.531972][ T45] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 2218262529, free_ts 0
[ 58.551571][ T45] post_alloc_hook+0x213/0x220
[ 58.556190][ T45] prep_new_page+0x1b/0x110
[ 58.560612][ T45] get_page_from_freelist+0x2f41/0x2fc0
[ 58.566073][ T45] __alloc_pages+0x234/0x610
[ 58.570611][ T45] alloc_slab_page+0x6c/0xf0
[ 58.575039][ T45] new_slab+0x90/0x3e0
[ 58.578941][ T45] ___slab_alloc+0x6f9/0xb80
[ 58.583374][ T45] __slab_alloc+0x5d/0xa0
[ 58.587622][ T45] __kmem_cache_alloc_node+0x207/0x2a0
[ 58.593022][ T45] __kmalloc+0xa3/0x1e0
[ 58.597092][ T45] acpi_ut_initialize_buffer+0x1dd/0x2d0
[ 58.602680][ T45] acpi_rs_create_pci_routing_table+0x112/0xa40
[ 58.608724][ T45] acpi_rs_get_prt_method_data+0xe4/0x140
[ 58.614364][ T45] acpi_get_irq_routing_table+0xac/0xd0
[ 58.619746][ T45] acpi_pci_irq_find_prt_entry+0x167/0xc80
[ 58.625580][ T45] acpi_pci_irq_lookup+0xb1/0x5f0
[ 58.630558][ T45] page_owner free stack trace missing
[ 58.635769][ T45]
[ 58.637933][ T45] Memory state around the buggy address:
[ 58.643511][ T45] ffff88810b68c900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 58.651596][ T45] ffff88810b68c980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 58.659593][ T45] >ffff88810b68ca00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 58.667479][ T45] ^
[ 58.671387][ T45] ffff88810b68ca80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 58.679290][ T45] ffff88810b68cb00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 58.687181][ T45] ==================================================================
[ 58.695080][ T45] Disabling lock debugging due to kernel taint
[ 58.702824][ T511] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 58.708976][ T511] Bluetooth: hci3: command 0x1003 tx timeout
2025/01/07 23:34:09 executed programs: 15
[ 58.715074][ T508] Bluetooth: hci3: Opcode 0x1003 failed: -110
[ 58.729194][ T8] Bluetooth: hci3: Frame reassembly failed (-84)
[ 58.737437][ T497] Bluetooth: hci1: Frame reassembly failed (-84)
[ 58.747421][ T43] Bluetooth: hci2: Frame reassembly failed (-84)
[ 58.753907][ T505] Bluetooth: hci4: Frame reassembly failed (-84)
[ 58.760553][ T43] Bluetooth: hci2: Frame reassembly failed (-84)
[ 59.843926][ C0] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[ 59.844141][ T500] Bluetooth: hci0: command 0x1003 tx timeout
[ 59.855564][ C0] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[ 59.855587][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G B 6.1.118-syzkaller-1166353-g616d7c64fd84 #0
[ 59.855609][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 59.855620][ C0] RIP: 0010:__queue_work+0x4f1/0xd70
[ 59.855649][ C0] Code: 39 03 0f 84 40 01 00 00 e8 fc 6b 2a 00 4c 89 e7 e8 e4 d3 d6 03 49 bd 00 00 00 00 00 fc ff df 4c 8b 65 d0 4c 89 f0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 f7 e8 10 e0 71 00 49 8b 3e e8 98 cc d6
[ 59.855663][ C0] RSP: 0018:ffffc90000007c78 EFLAGS: 00010046
[ 59.855680][ C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffffffff8701d4c0
[ 59.855693][ C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[ 59.855707][ C0] RBP: ffffc90000007d00 R08: ffffffff814b186b R09: 0000000000000007
[ 59.855721][ C0] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff88810b68c9c8
[ 59.855737][ C0] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff88810b68c9e0
[ 59.855752][ C0] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 59.855770][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 59.855783][ C0] CR2: 0000562d75ddc0c8 CR3: 0000000121cc6000 CR4: 00000000003506b0
[ 59.855799][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 59.855813][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 59.861720][ T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 59.870146][ C0] Call Trace:
[ 59.870155][ C0]
[ 59.870163][ C0] ? __die_body+0x62/0xb0
[ 59.870194][ C0] ? die_addr+0x9f/0xd0
[ 59.882056][ T523] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 59.891109][ C0] ? exc_general_protection+0x317/0x4c0
[ 59.891149][ C0] ? ttwu_do_wakeup+0xe5/0x430
[ 60.036665][ C0] ? asm_exc_general_protection+0x27/0x30
[ 60.042304][ C0] ? __queue_work+0x28b/0xd70
[ 60.046932][ C0] ? __queue_work+0x4f1/0xd70
[ 60.051540][ C0] ? __queue_work+0x29c/0xd70
[ 60.056052][ C0] delayed_work_timer_fn+0x61/0x80
[ 60.061100][ C0] ? queue_work_node+0x1d0/0x1d0
[ 60.065971][ C0] call_timer_fn+0x3b/0x2d0
[ 60.070340][ C0] ? queue_work_node+0x1d0/0x1d0
[ 60.075084][ C0] __run_timers+0x756/0xa10
[ 60.079441][ C0] ? calc_index+0x270/0x270
[ 60.083769][ C0] ? sched_clock+0x9/0x10
[ 60.088201][ C0] ? sched_clock_cpu+0x71/0x2b0
[ 60.092879][ C0] run_timer_softirq+0x69/0xf0
[ 60.097485][ C0] handle_softirqs+0x1db/0x650
[ 60.102094][ C0] ? irqtime_account_irq+0xdc/0x260
[ 60.107112][ C0] __irq_exit_rcu+0x52/0xf0
[ 60.111476][ C0] irq_exit_rcu+0x9/0x10
[ 60.115616][ C0] sysvec_apic_timer_interrupt+0xa9/0xc0
[ 60.121207][ C0]
[ 60.123967][ C0]
[ 60.126744][ C0] asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 60.132681][ C0] RIP: 0010:acpi_idle_enter+0x416/0x760
[ 60.138063][ C0] Code: 89 de 48 83 e6 08 31 ff e8 07 bc 53 fc 48 83 e3 08 0f 85 b1 00 00 00 0f 1f 44 00 00 e8 b3 b7 53 fc 0f 00 2d 5c 8e ce 00 fb f4 e9 e3 00 00 00 49 83 c7 04 4c 89 f8 48 c1 e8 03 42 0f b6 04 30
[ 60.157511][ C0] RSP: 0018:ffffffff87007bd0 EFLAGS: 000002d3
[ 60.163401][ C0] RAX: ffffffff8521cefd RBX: 0000000000000000 RCX: ffffffff8701d4c0
[ 60.171209][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 60.179028][ C0] RBP: ffffffff87007c10 R08: ffffffff8521cee9 R09: fffffbfff0e03a99
[ 60.186935][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000001
[ 60.194817][ C0] R13: ffff888109c47004 R14: dffffc0000000000 R15: ffff8881096d0064
[ 60.202631][ C0] ? acpi_idle_enter+0x3f9/0x760
[ 60.207615][ C0] ? acpi_idle_enter+0x40d/0x760
[ 60.212373][ C0] ? intel_idle_xstate+0xa0/0xa0
[ 60.217142][ C0] cpuidle_enter_state+0x5eb/0x17f0
[ 60.222297][ C0] ? cpuidle_enter_s2idle+0x600/0x600
[ 60.227558][ C0] ? menu_enable_device+0x380/0x380
[ 60.232678][ C0] ? __sched_text_start+0x8/0x8
[ 60.237366][ C0] cpuidle_enter+0x5f/0xa0
[ 60.241620][ C0] do_idle+0x3d1/0x580
[ 60.245534][ C0] ? ct_irq_exit+0x9/0x10
[ 60.249690][ C0] ? idle_inject_timer_fn+0x60/0x60
[ 60.254732][ C0] cpu_startup_entry+0x44/0x60
[ 60.259943][ C0] rest_init+0x10b/0x130
[ 60.264102][ C0] ? time_init+0x38/0x38
[ 60.268187][ C0] arch_call_rest_init+0xe/0xe
[ 60.272777][ C0] start_kernel+0x46c/0x4d8
[ 60.277383][ C0] x86_64_start_reservations+0x2a/0x2c
[ 60.282761][ C0] x86_64_start_kernel+0x7c/0x81
[ 60.287532][ C0] secondary_startup_64_no_verify+0xce/0xdb
[ 60.293381][ C0]
[ 60.296247][ C0] Modules linked in:
[ 60.299975][ C0] ---[ end trace 0000000000000000 ]---
[ 60.305268][ C0] RIP: 0010:__queue_work+0x4f1/0xd70
[ 60.310394][ C0] Code: 39 03 0f 84 40 01 00 00 e8 fc 6b 2a 00 4c 89 e7 e8 e4 d3 d6 03 49 bd 00 00 00 00 00 fc ff df 4c 8b 65 d0 4c 89 f0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 f7 e8 10 e0 71 00 49 8b 3e e8 98 cc d6
[ 60.329915][ C0] RSP: 0018:ffffc90000007c78 EFLAGS: 00010046
[ 60.335818][ C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffffffff8701d4c0
[ 60.343717][ C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[ 60.351527][ C0] RBP: ffffc90000007d00 R08: ffffffff814b186b R09: 0000000000000007
[ 60.359611][ C0] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff88810b68c9c8
[ 60.367422][ C0] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff88810b68c9e0
[ 60.375238][ C0] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 60.384063][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 60.390698][ C0] CR2: 0000562d75ddc0c8 CR3: 0000000121cc6000 CR4: 00000000003506b0
[ 60.398704][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 60.406717][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 60.414529][ C0] Kernel panic - not syncing: Fatal exception in interrupt
[ 60.421874][ C0] Kernel Offset: disabled
[ 60.426169][ C0] Rebooting in 86400 seconds..