Warning: Permanently added '10.128.1.144' (ED25519) to the list of known hosts.
2025/12/09 09:26:36 parsed 1 programs
[ 74.411558][ T4513] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 76.188268][ T4162] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 76.196529][ T4162] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 76.218432][ T4162] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 76.229384][ T4162] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 76.239913][ T4162] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 76.247296][ T4162] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 76.828590][ T4564] chnl_net:caif_netlink_parms(): no params data found
[ 76.975986][ T4564] bridge0: port 1(bridge_slave_0) entered blocking state
[ 76.983158][ T4564] bridge0: port 1(bridge_slave_0) entered disabled state
[ 76.991214][ T4564] bridge_slave_0: entered allmulticast mode
[ 77.000646][ T4564] bridge_slave_0: entered promiscuous mode
[ 77.008854][ T4564] bridge0: port 2(bridge_slave_1) entered blocking state
[ 77.015926][ T4564] bridge0: port 2(bridge_slave_1) entered disabled state
[ 77.023212][ T4564] bridge_slave_1: entered allmulticast mode
[ 77.030113][ T4564] bridge_slave_1: entered promiscuous mode
[ 77.076339][ T4564] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 77.092653][ T4564] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 77.305584][ T4564] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 77.318847][ T4564] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 77.346596][ T4564] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 77.370864][ T4564] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 77.382264][ T4564] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 77.409471][ T4564] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 78.179376][ T4564] 8021q: adding VLAN 0 to HW filter on device bond0
[ 78.283988][ T11] bridge0: port 1(bridge_slave_0) entered blocking state
[ 78.291164][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 78.302519][ T34] bridge0: port 2(bridge_slave_1) entered blocking state
[ 78.309604][ T34] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 78.578914][ T4564] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 78.691111][ T4564] veth0_vlan: entered promiscuous mode
[ 79.248974][ T4564] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 79.260091][ T4564] batman_adv: batadv0: Interface activated: batadv_slave_1
2025/12/09 09:26:42 executed programs: 0
[ 79.448880][ T3665] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 79.456957][ T3665] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 79.473625][ T49] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 79.481907][ T49] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 79.495351][ T49] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 79.503228][ T4758] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 79.508050][ T4760] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 79.513856][ T4758] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 79.526402][ T4758] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 79.530664][ T49] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 79.533758][ T4758] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 79.548339][ T49] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 79.556917][ T4758] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 79.564405][ T4765] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 79.565114][ T4758] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 79.572571][ T4765] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 79.580181][ T4758] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 79.587869][ T4765] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 79.600458][ T4765] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 79.603480][ T4758] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 79.612979][ T4765] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 79.615264][ T4758] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 79.622758][ T4765] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 79.644026][ T4765] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 80.236992][ T4755] chnl_net:caif_netlink_parms(): no params data found
[ 80.255685][ T4759] chnl_net:caif_netlink_parms(): no params data found
[ 80.351116][ T4755] bridge0: port 1(bridge_slave_0) entered blocking state
[ 80.358703][ T4755] bridge0: port 1(bridge_slave_0) entered disabled state
[ 80.365784][ T4755] bridge_slave_0: entered allmulticast mode
[ 80.374007][ T4755] bridge_slave_0: entered promiscuous mode
[ 80.381526][ T4755] bridge0: port 2(bridge_slave_1) entered blocking state
[ 80.390205][ T4755] bridge0: port 2(bridge_slave_1) entered disabled state
[ 80.397298][ T4755] bridge_slave_1: entered allmulticast mode
[ 80.403942][ T4755] bridge_slave_1: entered promiscuous mode
[ 80.419433][ T4753] chnl_net:caif_netlink_parms(): no params data found
[ 80.452103][ T4762] chnl_net:caif_netlink_parms(): no params data found
[ 80.461304][ T4759] bridge0: port 1(bridge_slave_0) entered blocking state
[ 80.468575][ T4759] bridge0: port 1(bridge_slave_0) entered disabled state
[ 80.475665][ T4759] bridge_slave_0: entered allmulticast mode
[ 80.482627][ T4759] bridge_slave_0: entered promiscuous mode
[ 80.515187][ T4759] bridge0: port 2(bridge_slave_1) entered blocking state
[ 80.522579][ T4759] bridge0: port 2(bridge_slave_1) entered disabled state
[ 80.530155][ T4759] bridge_slave_1: entered allmulticast mode
[ 80.536604][ T4759] bridge_slave_1: entered promiscuous mode
[ 80.544593][ T4755] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 80.558225][ T4755] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 80.599979][ T34] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 80.607465][ T34] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 80.615305][ T34] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 80.623465][ T34] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 80.631301][ T34] bridge_slave_1: left allmulticast mode
[ 80.636955][ T34] bridge_slave_1: left promiscuous mode
[ 80.643445][ T34] bridge0: port 2(bridge_slave_1) entered disabled state
[ 80.652403][ T34] bridge_slave_0: left allmulticast mode
[ 80.658398][ T34] bridge_slave_0: left promiscuous mode
[ 80.664189][ T34] bridge0: port 1(bridge_slave_0) entered disabled state
[ 80.681193][ T34] veth0_vlan: left promiscuous mode
[ 80.928335][ T34] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 80.959151][ T34] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 81.145439][ T34] bond0 (unregistering): Released all slaves
[ 81.256451][ T4759] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 81.314120][ T4759] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 81.354619][ T4753] bridge0: port 1(bridge_slave_0) entered blocking state
[ 81.361823][ T4753] bridge0: port 1(bridge_slave_0) entered disabled state
[ 81.370273][ T4753] bridge_slave_0: entered allmulticast mode
[ 81.376869][ T4753] bridge_slave_0: entered promiscuous mode
[ 81.385293][ T4753] bridge0: port 2(bridge_slave_1) entered blocking state
[ 81.392445][ T4753] bridge0: port 2(bridge_slave_1) entered disabled state
[ 81.399924][ T4753] bridge_slave_1: entered allmulticast mode
[ 81.406490][ T4753] bridge_slave_1: entered promiscuous mode
[ 81.435600][ T4762] bridge0: port 1(bridge_slave_0) entered blocking state
[ 81.463088][ T4762] bridge0: port 1(bridge_slave_0) entered disabled state
[ 81.471479][ T4762] bridge_slave_0: entered allmulticast mode
[ 81.483188][ T4762] bridge_slave_0: entered promiscuous mode
[ 81.491923][ T4762] bridge0: port 2(bridge_slave_1) entered blocking state
[ 81.499586][ T4762] bridge0: port 2(bridge_slave_1) entered disabled state
[ 81.506696][ T4762] bridge_slave_1: entered allmulticast mode
[ 81.513556][ T4762] bridge_slave_1: entered promiscuous mode
[ 81.575667][ T4753] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 81.588630][ T4753] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 81.600719][ T4755] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 81.607750][ T4755] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 81.634519][ T4755] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 81.647035][ T4762] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 81.658510][ T4762] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 81.668730][ T4765] Bluetooth: hci1: command tx timeout
[ 81.674751][ T4760] Bluetooth: hci0: command tx timeout
[ 81.702577][ T4755] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 81.717279][ T4755] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 81.743904][ T4755] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 81.755255][ T4760] Bluetooth: hci3: command tx timeout
[ 81.757717][ T4765] Bluetooth: hci2: command tx timeout
[ 81.832701][ T4759] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 81.846452][ T4759] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 81.873056][ T4759] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 81.901475][ T4759] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 81.921464][ T4759] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 81.956161][ T4759] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 82.005973][ T4762] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 82.013594][ T4762] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 82.039724][ T4762] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 82.072384][ T4762] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 82.079795][ T4762] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 82.106530][ T4762] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 82.122153][ T4753] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 82.129349][ T4753] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 82.155997][ T4753] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 82.168463][ T4753] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 82.175455][ T4753] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 82.201632][ T4753] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 83.738261][ T4765] Bluetooth: hci1: command tx timeout
[ 83.738407][ T4760] Bluetooth: hci0: command tx timeout
[ 83.817893][ T4760] Bluetooth: hci2: command tx timeout
[ 83.818595][ T4765] Bluetooth: hci3: command tx timeout
[ 84.553712][ T4755] 8021q: adding VLAN 0 to HW filter on device bond0
[ 84.616141][ T4762] 8021q: adding VLAN 0 to HW filter on device bond0
[ 84.925738][ T4753] 8021q: adding VLAN 0 to HW filter on device bond0
[ 84.953163][ T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 84.960294][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 84.995214][ T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 85.002428][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 85.028640][ T34] bridge0: port 1(bridge_slave_0) entered blocking state
[ 85.035708][ T34] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 85.050049][ T34] bridge0: port 2(bridge_slave_1) entered blocking state
[ 85.057465][ T34] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 85.092553][ T4759] 8021q: adding VLAN 0 to HW filter on device bond0
[ 85.368469][ T11] bridge0: port 1(bridge_slave_0) entered blocking state
[ 85.375574][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 85.402101][ T11] bridge0: port 2(bridge_slave_1) entered blocking state
[ 85.409207][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 85.450819][ T688] bridge0: port 1(bridge_slave_0) entered blocking state
[ 85.458021][ T688] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 85.483256][ T688] bridge0: port 2(bridge_slave_1) entered blocking state
[ 85.490358][ T688] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 85.818102][ T4765] Bluetooth: hci0: command tx timeout
[ 85.818112][ T4760] Bluetooth: hci1: command tx timeout
[ 85.897753][ T4760] Bluetooth: hci2: command tx timeout
[ 85.897801][ T4765] Bluetooth: hci3: command tx timeout
[ 85.993302][ T4755] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 86.128633][ T4762] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 86.391366][ T4755] veth0_vlan: entered promiscuous mode
[ 86.503177][ T4753] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 86.513553][ T4762] veth0_vlan: entered promiscuous mode
[ 86.550628][ T4759] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 86.899699][ T4753] veth0_vlan: entered promiscuous mode
[ 86.989084][ T4759] veth0_vlan: entered promiscuous mode
[ 87.906265][ T4765] Bluetooth: hci0: command tx timeout
[ 87.906435][ T4760] Bluetooth: hci1: command tx timeout
[ 87.978747][ T4760] Bluetooth: hci2: command tx timeout
[ 87.978978][ T4765] Bluetooth: hci3: command tx timeout
[ 88.442205][ T4755] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 88.478046][ T4755] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 88.713474][ T4762] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 88.737583][ T4762] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 88.750261][ T4762] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 88.765387][ T4762] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 88.776858][ T4762] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 88.793068][ T4762] batman_adv: batadv0: Interface activated: batadv_slave_1
2025/12/09 09:26:51 executed programs: 8
[ 88.955162][ T4765] debugfs: Directory '201' with parent 'hci1' already present!
[ 88.963916][ T4765] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[ 88.973677][ T4765] CPU: 1 PID: 4765 Comm: kworker/u5:7 Not tainted syzkaller #0
[ 88.981229][ T4765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 88.991415][ T4765] Workqueue: hci1 hci_rx_work
[ 88.996141][ T4765] Call Trace:
[ 88.999526][ T4765]
[ 89.002475][ T4765] dump_stack_lvl+0xe7/0x170
[ 89.007082][ T4765] ? show_regs_print_info+0x10/0x10
[ 89.012325][ T4765] ? load_image+0x2f0/0x2f0
[ 89.016863][ T4765] sysfs_create_dir_ns+0x22b/0x250
[ 89.022068][ T4765] ? hci_rx_work+0x3a6/0xbe0
[ 89.026656][ T4765] ? sysfs_warn_dup+0x90/0x90
[ 89.031318][ T4765] ? do_raw_spin_unlock+0x121/0x230
[ 89.036499][ T4765] kobject_add_internal+0x56c/0xa50
[ 89.041683][ T4765] kobject_add+0x130/0x1e0
[ 89.046165][ T4765] ? kobject_init+0x1b0/0x1b0
[ 89.050818][ T4765] ? _raw_spin_unlock+0x28/0x40
[ 89.055647][ T4765] ? class_to_subsys+0xd8/0xf0
[ 89.060491][ T4765] ? get_device_parent+0x30b/0x320
[ 89.065753][ T4765] device_add+0x399/0xa30
[ 89.070059][ T4765] hci_conn_add_sysfs+0xbc/0x1a0
[ 89.075073][ T4765] le_conn_complete_evt+0xc7e/0x1380
[ 89.080354][ T4765] ? hci_le_big_info_adv_report_evt+0x740/0x740
[ 89.086588][ T4765] ? __mutex_unlock_slowpath+0x1a2/0x6a0
[ 89.092209][ T4765] ? mutex_unlock+0x10/0x10
[ 89.096690][ T4765] hci_le_conn_complete_evt+0x175/0x480
[ 89.102212][ T4765] ? hci_remote_host_features_evt+0x130/0x130
[ 89.108262][ T4765] hci_event_packet+0x8a1/0xf90
[ 89.113095][ T4765] ? bis_list+0x220/0x220
[ 89.117401][ T4765] ? _raw_spin_unlock_irqrestore+0xae/0x110
[ 89.123270][ T4765] ? _raw_spin_unlock+0x40/0x40
[ 89.128154][ T4765] ? hci_send_to_monitor+0x26/0x460
[ 89.133504][ T4765] hci_rx_work+0x3a6/0xbe0
[ 89.137905][ T4765] ? process_scheduled_works+0x8c6/0x12a0
[ 89.143605][ T4765] process_scheduled_works+0x96d/0x12a0
[ 89.149148][ T4765] ? assign_work+0x3a0/0x3a0
[ 89.153726][ T4765] worker_thread+0x883/0xd10
[ 89.158553][ T4765] ? lockdep_hardirqs_on+0x98/0x150
[ 89.163820][ T4765] ? _raw_spin_unlock+0x40/0x40
[ 89.168649][ T4765] ? __kthread_parkme+0x75/0x190
[ 89.173575][ T4765] ? __kthread_parkme+0xba/0x190
[ 89.178501][ T4765] kthread+0x274/0x2f0
[ 89.182549][ T4765] ? pr_cont_work+0x4a0/0x4a0
[ 89.187203][ T4765] ? kthread_blkcg+0xa0/0xa0
[ 89.191870][ T4765] ret_from_fork+0x2f/0x60
[ 89.196282][ T4765] ? kthread_blkcg+0xa0/0xa0
[ 89.201034][ T4765] ret_from_fork_asm+0x11/0x20
[ 89.205792][ T4765]
[ 89.211958][ T4765] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 89.216370][ T4753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 89.226065][ T4765] Bluetooth: hci1: failed to register connection device
[ 89.259372][ T4753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 89.270835][ T4753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 89.285732][ T4753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 89.297823][ T4760] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[ 89.304887][ T4753] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 89.322153][ T4753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 89.356013][ T4753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 89.366001][ T4753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 89.376492][ T4753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 89.387382][ T4753] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 89.433374][ T4759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 89.453791][ T4759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 89.464640][ T4759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 89.477021][ T4759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 89.487146][ T4759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 89.500003][ T4765] debugfs: Directory '201' with parent 'hci3' already present!
[ 89.508149][ T4759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 89.518279][ T4765] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[ 89.528145][ T4765] CPU: 1 PID: 4765 Comm: kworker/u5:7 Not tainted syzkaller #0
[ 89.535767][ T4765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 89.545807][ T4765] Workqueue: hci3 hci_rx_work
[ 89.550474][ T4765] Call Trace:
[ 89.553732][ T4765]
[ 89.556641][ T4765] dump_stack_lvl+0xe7/0x170
[ 89.561229][ T4765] ? show_regs_print_info+0x10/0x10
[ 89.566399][ T4765] ? load_image+0x2f0/0x2f0
[ 89.570896][ T4765] sysfs_create_dir_ns+0x22b/0x250
[ 89.575983][ T4765] ? hci_rx_work+0x3a6/0xbe0
[ 89.580550][ T4765] ? sysfs_warn_dup+0x90/0x90
[ 89.585218][ T4765] ? do_raw_spin_unlock+0x121/0x230
[ 89.590462][ T4765] kobject_add_internal+0x56c/0xa50
[ 89.595662][ T4765] kobject_add+0x130/0x1e0
[ 89.600062][ T4765] ? kobject_init+0x1b0/0x1b0
[ 89.604721][ T4765] ? _raw_spin_unlock+0x28/0x40
[ 89.609545][ T4765] ? class_to_subsys+0xd8/0xf0
[ 89.614405][ T4765] ? get_device_parent+0x30b/0x320
[ 89.619492][ T4765] device_add+0x399/0xa30
[ 89.623800][ T4765] hci_conn_add_sysfs+0xbc/0x1a0
[ 89.628716][ T4765] le_conn_complete_evt+0xc7e/0x1380
[ 89.633986][ T4765] ? hci_le_big_info_adv_report_evt+0x740/0x740
[ 89.640204][ T4765] ? __mutex_unlock_slowpath+0x1a2/0x6a0
[ 89.645817][ T4765] ? mutex_unlock+0x10/0x10
[ 89.650852][ T4765] hci_le_conn_complete_evt+0x175/0x480
[ 89.656413][ T4765] ? hci_remote_host_features_evt+0x130/0x130
[ 89.662491][ T4765] hci_event_packet+0x8a1/0xf90
[ 89.667339][ T4765] ? bis_list+0x220/0x220
[ 89.671640][ T4765] ? _raw_spin_unlock_irqrestore+0xae/0x110
[ 89.677543][ T4765] ? _raw_spin_unlock+0x40/0x40
[ 89.682472][ T4765] ? hci_send_to_monitor+0x26/0x460
[ 89.687683][ T4765] hci_rx_work+0x3a6/0xbe0
[ 89.692195][ T4765] ? process_scheduled_works+0x8c6/0x12a0
[ 89.697888][ T4765] process_scheduled_works+0x96d/0x12a0
[ 89.703425][ T4765] ? assign_work+0x3a0/0x3a0
[ 89.708002][ T4765] worker_thread+0x883/0xd10
[ 89.712586][ T4765] ? lockdep_hardirqs_on+0x98/0x150
[ 89.717849][ T4765] ? _raw_spin_unlock+0x40/0x40
[ 89.722677][ T4765] ? __kthread_parkme+0x75/0x190
[ 89.727588][ T4765] ? __kthread_parkme+0xba/0x190
[ 89.732680][ T4765] kthread+0x274/0x2f0
[ 89.736722][ T4765] ? pr_cont_work+0x4a0/0x4a0
[ 89.741375][ T4765] ? kthread_blkcg+0xa0/0xa0
[ 89.745942][ T4765] ret_from_fork+0x2f/0x60
[ 89.750649][ T4765] ? kthread_blkcg+0xa0/0xa0
[ 89.755212][ T4765] ret_from_fork_asm+0x11/0x20
[ 89.759968][ T4765]
[ 89.763839][ T4765] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 89.769546][ T4759] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 89.779078][ T4765] Bluetooth: hci3: failed to register connection device
[ 89.788163][ T4759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 89.795852][ T4765] ==================================================================
[ 89.803577][ T4759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 89.811104][ T4765] BUG: KASAN: slab-use-after-free in l2cap_connect_cfm+0x6cd/0xf00
[ 89.811118][ T4765] Read of size 8 at addr ffff888077269480 by task kworker/u5:7/4765
[ 89.811124][ T4765]
[ 89.811127][ T4765] CPU: 1 PID: 4765 Comm: kworker/u5:7 Not tainted syzkaller #0
[ 89.811134][ T4765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 89.811139][ T4765] Workqueue: hci3 hci_rx_work
[ 89.811151][ T4765] Call Trace:
[ 89.811154][ T4765]
[ 89.811158][ T4765] dump_stack_lvl+0xe7/0x170
[ 89.811167][ T4765] ? show_regs_print_info+0x10/0x10
[ 89.811174][ T4765] ? load_image+0x2f0/0x2f0
[ 89.822035][ T4759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 89.828900][ T4765] ? __virt_addr_valid+0x10e/0x380
[ 89.828913][ T4765] ? __virt_addr_valid+0x10e/0x380
[ 89.828919][ T4765] ? __virt_addr_valid+0x10e/0x380
[ 89.828924][ T4765] ? __virt_addr_valid+0x2c3/0x380
[ 89.828929][ T4765] print_report+0xac/0x220
[ 89.828939][ T4765] ? l2cap_connect_cfm+0x6cd/0xf00
[ 89.828945][ T4765] kasan_report+0x117/0x150
[ 89.828954][ T4765] ? l2cap_connect_cfm+0x6cd/0xf00
[ 89.828961][ T4765] l2cap_connect_cfm+0x6cd/0xf00
[ 89.828970][ T4765] ? l2cap_ertm_resend+0xe70/0xe70
[ 89.828978][ T4765] hci_connect_cfm+0x85/0xf0
[ 89.828987][ T4765] le_conn_complete_evt+0xce1/0x1380
[ 89.828998][ T4765] ? hci_le_big_info_adv_report_evt+0x740/0x740
[ 89.829007][ T4765] ? __mutex_unlock_slowpath+0x1a2/0x6a0
[ 89.829016][ T4765] ? mutex_unlock+0x10/0x10
[ 89.829024][ T4765] hci_le_conn_complete_evt+0x175/0x480
[ 89.829032][ T4765] ? hci_remote_host_features_evt+0x130/0x130
[ 89.829040][ T4765] hci_event_packet+0x8a1/0xf90
[ 89.829049][ T4765] ? bis_list+0x220/0x220
[ 89.829054][ T4765] ? _raw_spin_unlock_irqrestore+0xae/0x110
[ 89.829061][ T4765] ? _raw_spin_unlock+0x40/0x40
[ 89.829071][ T4765] ? hci_send_to_monitor+0x26/0x460
[ 89.829080][ T4765] hci_rx_work+0x3a6/0xbe0
[ 89.829092][ T4765] ? process_scheduled_works+0x8c6/0x12a0
[ 89.829100][ T4765] process_scheduled_works+0x96d/0x12a0
[ 89.829115][ T4765] ? assign_work+0x3a0/0x3a0
[ 89.829126][ T4765] worker_thread+0x883/0xd10
[ 89.829132][ T4765] ? lockdep_hardirqs_on+0x98/0x150
[ 89.829142][ T4765] ? _raw_spin_unlock+0x40/0x40
[ 89.829150][ T4765] ? __kthread_parkme+0x75/0x190
[ 89.829157][ T4765] ? __kthread_parkme+0xba/0x190
[ 89.829164][ T4765] kthread+0x274/0x2f0
[ 89.829171][ T4765] ? pr_cont_work+0x4a0/0x4a0
[ 89.829177][ T4765] ? kthread_blkcg+0xa0/0xa0
[ 89.829184][ T4765] ret_from_fork+0x2f/0x60
[ 89.829191][ T4765] ? kthread_blkcg+0xa0/0xa0
[ 89.829197][ T4765] ret_from_fork_asm+0x11/0x20
[ 89.829209][ T4765]
[ 89.829212][ T4765]
[ 89.829225][ T4765] Allocated by task 4765:
[ 89.841929][ T4759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 89.846991][ T4765] kasan_set_track+0x4e/0x70
[ 89.847003][ T4765] __kasan_kmalloc+0x8f/0xa0
[ 89.847009][ T4765] l2cap_chan_create+0x4b/0x740
[ 89.847015][ T4765] l2cap_sock_new_connection_cb+0x194/0x290
[ 89.860275][ T4759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 89.861790][ T4765] l2cap_connect_cfm+0x3c4/0xf00
[ 89.861802][ T4765] hci_connect_cfm+0x85/0xf0
[ 89.861808][ T4765] le_conn_complete_evt+0xce1/0x1380
[ 89.861815][ T4765] hci_le_conn_complete_evt+0x175/0x480
[ 89.867193][ T4759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 89.867988][ T4765] hci_event_packet+0x8a1/0xf90
[ 89.867995][ T4765] hci_rx_work+0x3a6/0xbe0
[ 89.868002][ T4765] process_scheduled_works+0x96d/0x12a0
[ 89.868009][ T4765] worker_thread+0x883/0xd10
[ 89.868013][ T4765] kthread+0x274/0x2f0
[ 89.868020][ T4765] ret_from_fork+0x2f/0x60
[ 89.868025][ T4765] ret_from_fork_asm+0x11/0x20
[ 89.868032][ T4765]
[ 89.868034][ T4765] Freed by task 5301:
[ 89.868037][ T4765] kasan_set_track+0x4e/0x70
[ 89.868044][ T4765] kasan_save_free_info+0x2e/0x50
[ 89.868050][ T4765] ____kasan_slab_free+0x126/0x1e0
[ 89.868055][ T4765] slab_free_freelist_hook+0x130/0x1b0
[ 89.868060][ T4765] __kmem_cache_free+0xba/0x1f0
[ 89.868067][ T4765] l2cap_sock_cleanup_listen+0x58/0x2e0
[ 89.868073][ T4765] l2cap_sock_release+0x5b/0x1d0
[ 89.868078][ T4765] sock_close+0xb3/0x210
[ 89.868085][ T4765] __fput+0x1c2/0x7a0
[ 89.868090][ T4765] task_work_run+0x146/0x1f0
[ 89.874141][ T4759] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 89.877829][ T4765] exit_to_user_mode_loop+0xda/0xf0
[ 89.877842][ T4765] exit_to_user_mode_prepare+0xf6/0x180
[ 89.877848][ T4765] syscall_exit_to_user_mode+0x1a/0x50
[ 89.877855][ T4765] do_syscall_64+0x61/0xb0
[ 89.877859][ T4765] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 89.877866][ T4765]
[ 89.877869][ T4765] Last potentially related work creation:
[ 89.877872][ T4765] kasan_save_stack+0x3e/0x60
[ 89.877879][ T4765] __kasan_record_aux_stack+0xaf/0xc0
[ 89.877884][ T4765] call_rcu+0x158/0x930
[ 89.877891][ T4765] netlink_release+0x11ac/0x15d0
[ 89.877898][ T4765] sock_release+0x75/0x120
[ 89.877903][ T4765] uevent_net_exit+0x19c/0x1c0
[ 89.877909][ T4765] cleanup_net+0x6f4/0xaa0
[ 89.877915][ T4765] process_scheduled_works+0x96d/0x12a0
[ 89.877922][ T4765] worker_thread+0x883/0xd10
[ 89.877927][ T4765] kthread+0x274/0x2f0
[ 89.877934][ T4765] ret_from_fork+0x2f/0x60
[ 89.877940][ T4765] ret_from_fork_asm+0x11/0x20
[ 89.877947][ T4765]
[ 89.877948][ T4765] The buggy address belongs to the object at ffff888077269000
[ 89.877948][ T4765] which belongs to the cache kmalloc-2k of size 2048
[ 89.877953][ T4765] The buggy address is located 1152 bytes inside of
[ 89.877953][ T4765] freed 2048-byte region [ffff888077269000, ffff888077269800)
[ 89.877958][ T4765]
[ 89.877960][ T4765] The buggy address belongs to the physical page:
[ 89.877965][ T4765] page:ffffea0001dc9a00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x77268
[ 90.390927][ T4765] head:ffffea0001dc9a00 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 90.399855][ T4765] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[ 90.407881][ T4765] page_type: 0xffffffff()
[ 90.412268][ T4765] raw: 00fff00000000840 ffff888013842000 ffffea0001ed9a00 dead000000000002
[ 90.420846][ T4765] raw: 0000000000000000 0000000080080008 00000001ffffffff 0000000000000000
[ 90.429396][ T4765] page dumped because: kasan: bad access detected
[ 90.435787][ T4765] page_owner tracks the page as allocated
[ 90.441483][ T4765] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 4197, tgid 4197 (syz-executor), ts 46435447425, free_ts 46396106898
[ 90.464295][ T4765] post_alloc_hook+0x1cd/0x210
[ 90.469039][ T4765] get_page_from_freelist+0x195c/0x19f0
[ 90.474580][ T4765] __alloc_pages+0x1e3/0x460
[ 90.479228][ T4765] alloc_slab_page+0x5d/0x170
[ 90.484026][ T4765] new_slab+0x87/0x2e0
[ 90.488077][ T4765] ___slab_alloc+0xc6d/0x1300
[ 90.492730][ T4765] __kmem_cache_alloc_node+0x1a2/0x260
[ 90.498165][ T4765] __kmalloc+0xa4/0x240
[ 90.502290][ T4765] sk_prot_alloc+0xdf/0x1c0
[ 90.506771][ T4765] sk_alloc+0x33/0x300
[ 90.510900][ T4765] __netlink_create+0x79/0x290
[ 90.515634][ T4765] __netlink_kernel_create+0x102/0x710
[ 90.521084][ T4765] audit_net_init+0xb1/0x1a0
[ 90.525907][ T4765] ops_init+0x190/0x4f0
[ 90.530082][ T4765] setup_net+0x3b5/0xa00
[ 90.534304][ T4765] copy_net_ns+0x2c7/0x4d0
[ 90.538775][ T4765] page last free stack trace:
[ 90.543507][ T4765] free_unref_page_prepare+0x7ce/0x8e0
[ 90.548936][ T4765] free_unref_page+0x32/0x2e0
[ 90.553578][ T4765] __unfreeze_partials+0x1cf/0x210
[ 90.558744][ T4765] put_cpu_partial+0x17c/0x250
[ 90.563474][ T4765] __slab_free+0x31d/0x410
[ 90.568042][ T4765] qlist_free_all+0x75/0xe0
[ 90.572523][ T4765] kasan_quarantine_reduce+0x143/0x160
[ 90.577954][ T4765] __kasan_slab_alloc+0x22/0x80
[ 90.582865][ T4765] slab_post_alloc_hook+0x6e/0x4d0
[ 90.587947][ T4765] kmem_cache_alloc+0x11e/0x2e0
[ 90.592768][ T4765] __pmd_alloc+0x111/0x6b0
[ 90.597243][ T4765] handle_mm_fault+0x8f4/0x1c90
[ 90.602067][ T4765] do_user_addr_fault+0x411/0xb80
[ 90.607081][ T4765] exc_page_fault+0x67/0x110
[ 90.611677][ T4765] asm_exc_page_fault+0x26/0x30
[ 90.616592][ T4765]
[ 90.618900][ T4765] Memory state around the buggy address:
[ 90.624505][ T4765] ffff888077269380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 90.632553][ T4765] ffff888077269400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 90.640590][ T4765] >ffff888077269480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 90.648633][ T4765] ^
[ 90.652930][ T4765] ffff888077269500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 90.661047][ T4765] ffff888077269580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 90.669295][ T4765] ==================================================================
[ 90.682927][ T4765] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 90.690234][ T4765] CPU: 1 PID: 4765 Comm: kworker/u5:7 Not tainted syzkaller #0
[ 90.697863][ T4765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 90.708096][ T4765] Workqueue: hci3 hci_rx_work
[ 90.712771][ T4765] Call Trace:
[ 90.716053][ T4765]
[ 90.719015][ T4765] dump_stack_lvl+0xe7/0x170
[ 90.723602][ T4765] ? show_regs_print_info+0x10/0x10
[ 90.728799][ T4765] ? load_image+0x2f0/0x2f0
[ 90.733381][ T4765] ? vsnprintf+0x799/0x1b70
[ 90.737889][ T4765] panic+0x1f3/0x520
[ 90.741872][ T4765] ? bpf_jit_dump+0xc0/0xc0
[ 90.746468][ T4765] ? _raw_spin_unlock_irqrestore+0xfa/0x110
[ 90.752444][ T4765] ? _raw_spin_unlock+0x40/0x40
[ 90.757299][ T4765] ? print_memory_metadata+0x314/0x400
[ 90.762758][ T4765] ? l2cap_connect_cfm+0x6cd/0xf00
[ 90.767863][ T4765] check_panic_on_warn+0x5a/0x80
[ 90.772810][ T4765] end_report+0x6f/0x140
[ 90.777028][ T4765] kasan_report+0x128/0x150
[ 90.781510][ T4765] ? l2cap_connect_cfm+0x6cd/0xf00
[ 90.786597][ T4765] l2cap_connect_cfm+0x6cd/0xf00
[ 90.791507][ T4765] ? l2cap_ertm_resend+0xe70/0xe70
[ 90.796679][ T4765] hci_connect_cfm+0x85/0xf0
[ 90.801248][ T4765] le_conn_complete_evt+0xce1/0x1380
[ 90.806512][ T4765] ? hci_le_big_info_adv_report_evt+0x740/0x740
[ 90.812727][ T4765] ? __mutex_unlock_slowpath+0x1a2/0x6a0
[ 90.818423][ T4765] ? mutex_unlock+0x10/0x10
[ 90.822994][ T4765] hci_le_conn_complete_evt+0x175/0x480
[ 90.828600][ T4765] ? hci_remote_host_features_evt+0x130/0x130
[ 90.834650][ T4765] hci_event_packet+0x8a1/0xf90
[ 90.839585][ T4765] ? bis_list+0x220/0x220
[ 90.843976][ T4765] ? _raw_spin_unlock_irqrestore+0xae/0x110
[ 90.849936][ T4765] ? _raw_spin_unlock+0x40/0x40
[ 90.854760][ T4765] ? hci_send_to_monitor+0x26/0x460
[ 90.859932][ T4765] hci_rx_work+0x3a6/0xbe0
[ 90.864429][ T4765] ? process_scheduled_works+0x8c6/0x12a0
[ 90.870264][ T4765] process_scheduled_works+0x96d/0x12a0
[ 90.875833][ T4765] ? assign_work+0x3a0/0x3a0
[ 90.880396][ T4765] worker_thread+0x883/0xd10
[ 90.885000][ T4765] ? lockdep_hardirqs_on+0x98/0x150
[ 90.890184][ T4765] ? _raw_spin_unlock+0x40/0x40
[ 90.895018][ T4765] ? __kthread_parkme+0x75/0x190
[ 90.899927][ T4765] ? __kthread_parkme+0xba/0x190
[ 90.904833][ T4765] kthread+0x274/0x2f0
[ 90.908880][ T4765] ? pr_cont_work+0x4a0/0x4a0
[ 90.913527][ T4765] ? kthread_blkcg+0xa0/0xa0
[ 90.918084][ T4765] ret_from_fork+0x2f/0x60
[ 90.922480][ T4765] ? kthread_blkcg+0xa0/0xa0
[ 90.927142][ T4765] ret_from_fork_asm+0x11/0x20
[ 90.931895][ T4765]
[ 90.935231][ T4765] Kernel Offset: disabled
[ 90.939768][ T4765] Rebooting in 86400 seconds..