Warning: Permanently added '10.128.0.33' (ED25519) to the list of known hosts. 1970/01/01 00:01:00 ignoring optional flag "sandboxArg"="0" 1970/01/01 00:01:01 parsed 1 programs [ 61.321773][ T6437] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SS 1970/01/01 00:01:01 executed programs: 0 [ 61.360050][ T5661] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 61.362746][ T5661] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 61.365384][ T5661] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 61.368214][ T5661] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 61.370504][ T5661] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 61.372591][ T5661] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 61.440498][ T6445] chnl_net:caif_netlink_parms(): no params data found [ 61.469413][ T6445] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.471327][ T6445] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.473791][ T6445] bridge_slave_0: entered allmulticast mode [ 61.475788][ T6445] bridge_slave_0: entered promiscuous mode [ 61.479056][ T6445] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.481004][ T6445] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.482863][ T6445] bridge_slave_1: entered allmulticast mode [ 61.485167][ T6445] bridge_slave_1: entered promiscuous mode [ 61.498638][ T6445] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.503731][ T6445] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.516858][ T6445] team0: Port device team_slave_0 added [ 61.520701][ T6445] team0: Port device team_slave_1 added [ 61.532386][ T6445] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.534570][ T6445] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.541253][ T6445] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.545417][ T6445] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.547264][ T6445] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.554383][ T6445] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.625031][ T6445] hsr_slave_0: entered promiscuous mode [ 61.664696][ T6445] hsr_slave_1: entered promiscuous mode [ 62.464815][ T6445] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 62.519091][ T6445] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 62.556309][ T6445] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 62.595372][ T6445] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 62.691483][ T6445] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.699899][ T6445] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.705455][ T5890] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.707322][ T5890] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.722789][ T5890] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.724840][ T5890] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.809409][ T6445] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 62.831467][ T6445] veth0_vlan: entered promiscuous mode [ 62.837332][ T6445] veth1_vlan: entered promiscuous mode [ 62.855953][ T6445] veth0_macvtap: entered promiscuous mode [ 62.863297][ T6445] veth1_macvtap: entered promiscuous mode [ 62.876124][ T6445] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.881549][ T6445] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.887641][ T6445] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.889967][ T6445] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.892190][ T6445] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.895129][ T6445] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.938827][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.943629][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.958219][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.960228][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.454081][ T5661] Bluetooth: hci0: command 0x0409 tx timeout [ 64.495901][ T2211] ieee802154 phy0 wpan0: encryption failed: -22 [ 64.497837][ T2211] ieee802154 phy1 wpan1: encryption failed: -22 [ 64.683089][ T6604] ------------[ cut here ]------------ [ 64.684967][ T6604] ODEBUG: free active (active state 0) object: 00000000bd9772ee object type: work_struct hint: hci_conn_timeout+0x0/0x1e8 [ 64.688483][ T6604] WARNING: CPU: 0 PID: 6604 at lib/debugobjects.c:517 debug_check_no_obj_freed+0x41c/0x534 [ 64.691003][ T6604] Modules linked in: [ 64.692066][ T6604] CPU: 0 PID: 6604 Comm: syz-executor.0 Not tainted 6.6.0-rc7-syzkaller-00089-g8de1e7afcc1c-dirty #0 [ 64.694884][ T6604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 64.697496][ T6604] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 64.699502][ T6604] pc : debug_check_no_obj_freed+0x41c/0x534 [ 64.701079][ T6604] lr : debug_check_no_obj_freed+0x41c/0x534 [ 64.702530][ T6604] sp : ffff800097087960 [ 64.703590][ T6604] x29: ffff8000970879b0 x28: ffff80008a8710a0 x27: dfff800000000000 [ 64.705727][ T6604] x26: ffff0000dc530348 x25: 0000000000000000 x24: ffff800092a6dc78 [ 64.707862][ T6604] x23: ffff80008a8710a0 x22: ffff0000dc530348 x21: ffff800092a6dc70 [ 64.709939][ T6604] x20: ffff80008ad65078 x19: ffff0000dc530000 x18: ffff800097086e60 [ 64.711907][ T6604] x17: 626f206565323737 x16: ffff80008a71b27c x15: 0000000000000001 [ 64.713589][ T6604] x14: 1fffe0003682f032 x13: 0000000000000000 x12: 0000000000000000 [ 64.715728][ T6604] x11: 0000000000000001 x10: 0000000000000000 x9 : 267892341ff5f000 [ 64.717848][ T6604] x8 : 267892341ff5f000 x7 : 0000000000000001 x6 : 0000000000000001 [ 64.719911][ T6604] x5 : ffff800097087258 x4 : ffff80008e4210a0 x3 : ffff8000805a359c [ 64.721943][ T6604] x2 : 0000000000000001 x1 : 0000000000000001 x0 : 0000000000000000 [ 64.724015][ T6604] Call trace: [ 64.724838][ T6604] debug_check_no_obj_freed+0x41c/0x534 [ 64.726271][ T6604] __kmem_cache_free+0x250/0x480 [ 64.727538][ T6604] kfree+0xb8/0x19c [ 64.728602][ T6604] bt_link_release+0x20/0x30 [ 64.729835][ T6604] device_release+0x8c/0x1ac [ 64.730996][ T6604] kobject_put+0x1c4/0x3c4 [ 64.732095][ T6604] put_device+0x28/0x40 [ 64.733206][ T6604] __sco_sock_close+0x3dc/0x7e4 [ 64.734492][ T6604] sco_sock_release+0xb4/0x2c0 [ 64.735732][ T6604] sock_close+0xa4/0x1e8 [ 64.736881][ T6604] __fput+0x324/0x7f8 [ 64.737997][ T6604] __fput_sync+0x60/0x9c [ 64.739072][ T6604] __arm64_sys_close+0x150/0x1e0 [ 64.740405][ T6604] invoke_syscall+0x98/0x2b8 [ 64.741621][ T6604] el0_svc_common+0x130/0x23c [ 64.742842][ T6604] do_el0_svc+0x48/0x58 [ 64.743947][ T6604] el0_svc+0x54/0x158 [ 64.744996][ T6604] el0t_64_sync_handler+0x84/0xfc [ 64.746332][ T6604] el0t_64_sync+0x190/0x194 [ 64.747510][ T6604] irq event stamp: 16004 [ 64.748614][ T6604] hardirqs last enabled at (16003): [] console_unlock+0x17c/0x3d4 [ 64.751082][ T6604] hardirqs last disabled at (16004): [] el1_dbg+0x24/0x80 [ 64.753403][ T6604] softirqs last enabled at (15988): [] __do_softirq+0xac0/0xd54 [ 64.755789][ T6604] softirqs last disabled at (15963): [] ____do_softirq+0x14/0x20 [ 64.758223][ T6604] ---[ end trace 0000000000000000 ]--- [ 64.760099][ T6604] BUG: sleeping function called from invalid context at kernel/workqueue.c:3344 [ 64.762422][ T6604] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 6604, name: syz-executor.0 [ 64.765110][ T6604] preempt_count: 1, expected: 0 [ 64.766430][ T6604] RCU nest depth: 0, expected: 0 [ 64.767640][ T6604] 3 locks held by syz-executor.0/6604: [ 64.768995][ T6604] #0: ffff0000dcb18810 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: sock_close+0x80/0x1e8 [ 64.771593][ T6604] #1: ffff0000c1fbe130 (sk_lock-AF_BLUETOOTH-BTPROTO_SCO){+.+.}-{0:0}, at: sco_sock_release+0x60/0x2c0 [ 64.774502][ T6604] #2: ffff0000d9e40e20 (&conn->lock#2){+.+.}-{2:2}, at: __sco_sock_close+0x378/0x7e4 [ 64.776976][ T6604] Preemption disabled at: [ 64.776985][ T6604] [] __sco_sock_close+0x378/0x7e4 [ 64.779726][ T6604] CPU: 0 PID: 6604 Comm: syz-executor.0 Tainted: G W 6.6.0-rc7-syzkaller-00089-g8de1e7afcc1c-dirty #0 [ 64.782822][ T6604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 64.785426][ T6604] Call trace: [ 64.786301][ T6604] dump_backtrace+0x1b8/0x1e4 [ 64.787532][ T6604] show_stack+0x2c/0x44 [ 64.788633][ T6604] dump_stack_lvl+0xd0/0x124 [ 64.789849][ T6604] dump_stack+0x1c/0x28 [ 64.790925][ T6604] __might_resched+0x374/0x4d0 [ 64.792192][ T6604] __might_sleep+0x90/0xe4 [ 64.793346][ T6604] start_flush_work+0x44/0x7bc [ 64.794565][ T6604] __flush_work+0x11c/0x1c0 [ 64.795760][ T6604] __cancel_work_timer+0x3e4/0x540 [ 64.797102][ T6604] work_fixup_free+0x40/0x70 [ 64.798288][ T6604] debug_check_no_obj_freed+0x464/0x534 [ 64.799730][ T6604] __kmem_cache_free+0x250/0x480 [ 64.801040][ T6604] kfree+0xb8/0x19c [ 64.802059][ T6604] bt_link_release+0x20/0x30 [ 64.803277][ T6604] device_release+0x8c/0x1ac [ 64.804488][ T6604] kobject_put+0x1c4/0x3c4 [ 64.805686][ T6604] put_device+0x28/0x40 [ 64.806811][ T6604] __sco_sock_close+0x3dc/0x7e4 [ 64.808084][ T6604] sco_sock_release+0xb4/0x2c0 [ 64.809382][ T6604] sock_close+0xa4/0x1e8 [ 64.810520][ T6604] __fput+0x324/0x7f8 [ 64.811607][ T6604] __fput_sync+0x60/0x9c [ 64.812764][ T6604] __arm64_sys_close+0x150/0x1e0 [ 64.814061][ T6604] invoke_syscall+0x98/0x2b8 [ 64.815240][ T6604] el0_svc_common+0x130/0x23c [ 64.816449][ T6604] do_el0_svc+0x48/0x58 [ 64.817507][ T6604] el0_svc+0x54/0x158 [ 64.818543][ T6604] el0t_64_sync_handler+0x84/0xfc [ 64.819871][ T6604] el0t_64_sync+0x190/0x194 [ 65.533508][ T5661] Bluetooth: hci0: command 0x041b tx timeout 1970/01/01 00:01:06 executed programs: 2 [ 67.613560][ T5661] Bluetooth: hci0: command 0x040f tx timeout [ 69.615142][ T1637] cfg80211: failed to load regulatory.db [ 69.704317][ T6093] Bluetooth: hci0: command 0x0419 tx timeout [ 71.773360][ T5661] Bluetooth: hci0: command 0x0407 tx timeout 1970/01/01 00:01:11 executed programs: 8 [ 73.863318][ T5661] Bluetooth: hci0: command 0x0405 tx timeout