Warning: Permanently added '10.128.1.22' (ED25519) to the list of known hosts.
2026/01/11 17:55:23 parsed 1 programs
[  117.670344][ T6216] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  121.052650][ T5151] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  121.061653][ T5151] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  121.070327][ T5151] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  121.078941][ T5151] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  121.086597][ T5151] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  121.493653][ T6249] chnl_net:caif_netlink_parms(): no params data found
[  121.571178][ T6249] bridge0: port 1(bridge_slave_0) entered blocking state
[  121.578338][ T6249] bridge0: port 1(bridge_slave_0) entered disabled state
[  121.585678][ T6249] bridge_slave_0: entered allmulticast mode
[  121.592638][ T6249] bridge_slave_0: entered promiscuous mode
[  121.601283][ T6249] bridge0: port 2(bridge_slave_1) entered blocking state
[  121.608421][ T6249] bridge0: port 2(bridge_slave_1) entered disabled state
[  121.615748][ T6249] bridge_slave_1: entered allmulticast mode
[  121.623776][ T6249] bridge_slave_1: entered promiscuous mode
[  121.654986][ T6249] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  121.666902][ T6249] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  121.698198][ T6249] team0: Port device team_slave_0 added
[  121.706347][ T6249] team0: Port device team_slave_1 added
[  121.730243][ T6249] batman_adv: batadv0: Adding interface: batadv_slave_0
[  121.737281][ T6249] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  121.763741][ T6249] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  121.776092][ T6249] batman_adv: batadv0: Adding interface: batadv_slave_1
[  121.783384][ T6249] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  121.809570][ T6249] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  121.846397][ T6249] hsr_slave_0: entered promiscuous mode
[  121.852766][ T6249] hsr_slave_1: entered promiscuous mode
[  122.279744][ T6249] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  122.293262][ T6249] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  122.316430][ T6249] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  122.334536][ T6249] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  122.388380][ T6249] bridge0: port 2(bridge_slave_1) entered blocking state
[  122.395575][ T6249] bridge0: port 2(bridge_slave_1) entered forwarding state
[  122.403109][ T6249] bridge0: port 1(bridge_slave_0) entered blocking state
[  122.410296][ T6249] bridge0: port 1(bridge_slave_0) entered forwarding state
[  122.475074][ T6249] 8021q: adding VLAN 0 to HW filter on device bond0
[  122.494391][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  122.510375][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  122.533614][ T6249] 8021q: adding VLAN 0 to HW filter on device team0
[  122.547423][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[  122.554624][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[  122.583257][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[  122.590447][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[  122.618566][ T6249] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  122.629890][ T6249] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  122.836631][ T6249] 8021q: adding VLAN 0 to HW filter on device batadv0
[  122.888325][ T6249] veth0_vlan: entered promiscuous mode
[  122.904706][ T6249] veth1_vlan: entered promiscuous mode
[  122.937081][ T6249] veth0_macvtap: entered promiscuous mode
[  122.950440][ T6249] veth1_macvtap: entered promiscuous mode
[  122.971233][ T6249] batman_adv: batadv0: Interface activated: batadv_slave_0
[  122.998350][ T6249] batman_adv: batadv0: Interface activated: batadv_slave_1
[  123.015439][ T3850] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  123.035088][ T3850] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  123.065613][ T3850] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  123.089903][ T3850] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  123.252944][   T42] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  123.329923][   T42] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  123.411659][   T42] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  123.501302][   T42] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.564861][   T42] bridge_slave_1: left allmulticast mode
[  125.571849][   T42] bridge_slave_1: left promiscuous mode
[  125.577639][   T42] bridge0: port 2(bridge_slave_1) entered disabled state
[  125.587974][   T42] bridge_slave_0: left allmulticast mode
[  125.596207][   T42] bridge_slave_0: left promiscuous mode
[  125.602569][   T42] bridge0: port 1(bridge_slave_0) entered disabled state
[  125.905043][   T42] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  125.917100][   T42] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  125.928362][   T42] bond0 (unregistering): Released all slaves
[  125.949566][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  125.963368][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.017076][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.029853][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.049336][   T42] hsr_slave_0: left promiscuous mode
[  126.055485][   T42] hsr_slave_1: left promiscuous mode
[  126.067129][   T42] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  126.076216][   T42] batman_adv: batadv0: Removing interface: batadv_slave_0
[  126.084324][   T42] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  126.091986][   T42] batman_adv: batadv0: Removing interface: batadv_slave_1
[  126.110400][   T42] veth1_macvtap: left promiscuous mode
[  126.116070][   T42] veth0_macvtap: left promiscuous mode
[  126.122401][   T42] veth1_vlan: left promiscuous mode
[  126.132342][   T42] veth0_vlan: left promiscuous mode
[  126.570385][   T42] team0 (unregistering): Port device team_slave_1 removed
[  126.606192][   T42] team0 (unregistering): Port device team_slave_0 removed
2026/01/11 17:55:37 executed programs: 0
[  127.713594][ T5151] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  127.722216][ T5151] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  127.732585][ T5151] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  127.741243][ T5151] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  127.748900][ T5151] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  128.284805][ T6459] chnl_net:caif_netlink_parms(): no params data found
[  128.509376][ T6459] bridge0: port 1(bridge_slave_0) entered blocking state
[  128.516542][ T6459] bridge0: port 1(bridge_slave_0) entered disabled state
[  128.529240][ T6459] bridge_slave_0: entered allmulticast mode
[  128.536860][ T6459] bridge_slave_0: entered promiscuous mode
[  128.557968][ T6459] bridge0: port 2(bridge_slave_1) entered blocking state
[  128.566612][ T6459] bridge0: port 2(bridge_slave_1) entered disabled state
[  128.577734][ T6459] bridge_slave_1: entered allmulticast mode
[  128.585814][ T6459] bridge_slave_1: entered promiscuous mode
[  128.626143][ T6459] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  128.640985][ T6459] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  128.728630][ T6459] team0: Port device team_slave_0 added
[  128.748433][ T6459] team0: Port device team_slave_1 added
[  128.797783][ T6459] batman_adv: batadv0: Adding interface: batadv_slave_0
[  128.806221][ T6459] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  128.833834][ T6459] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  128.869644][ T6459] batman_adv: batadv0: Adding interface: batadv_slave_1
[  128.883043][ T6459] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  128.913750][ T6459] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  128.985890][ T6459] hsr_slave_0: entered promiscuous mode
[  128.992707][ T6459] hsr_slave_1: entered promiscuous mode
[  129.416646][ T6459] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  129.428611][ T6459] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  129.439725][ T6459] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  129.452259][ T6459] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  129.543057][ T6459] 8021q: adding VLAN 0 to HW filter on device bond0
[  129.566667][ T6459] 8021q: adding VLAN 0 to HW filter on device team0
[  129.581062][ T3850] bridge0: port 1(bridge_slave_0) entered blocking state
[  129.588203][ T3850] bridge0: port 1(bridge_slave_0) entered forwarding state
[  129.602890][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[  129.610050][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[  129.779431][   T53] Bluetooth: hci0: command tx timeout
[  129.858740][ T6459] 8021q: adding VLAN 0 to HW filter on device batadv0
[  129.908767][ T6459] veth0_vlan: entered promiscuous mode
[  129.922707][ T6459] veth1_vlan: entered promiscuous mode
[  129.955224][ T6459] veth0_macvtap: entered promiscuous mode
[  129.965394][ T6459] veth1_macvtap: entered promiscuous mode
[  129.985789][ T6459] batman_adv: batadv0: Interface activated: batadv_slave_0
[  130.003342][ T6459] batman_adv: batadv0: Interface activated: batadv_slave_1
[  130.023331][ T3146] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  130.043741][ T3146] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  130.080777][ T3146] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  130.094147][ T3146] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  130.130724][ T1081] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.143511][ T1081] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  130.183970][ T1081] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.193001][ T1081] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  131.527493][ T5879] hid-generic 0005:16C0:5505.0001: unknown main item tag 0x0
[  131.536585][ T5879] hid-generic 0005:16C0:5505.0001: unknown main item tag 0x0
[  131.551964][ T5879] hid-generic 0005:16C0:5505.0001: unknown main item tag 0x0
[  131.559831][ T5879] hid-generic 0005:16C0:5505.0001: unknown main item tag 0x0
[  131.567258][ T5879] hid-generic 0005:16C0:5505.0001: unknown main item tag 0x0
[  131.582592][ T5879] hid-generic 0005:16C0:5505.0001: unknown main item tag 0x0
[  131.592273][ T5879] hid-generic 0005:16C0:5505.0001: unknown main item tag 0x3
[  131.600062][ T5879] hid-generic 0005:16C0:5505.0001: unknown main item tag 0x1
[  131.607545][ T5879] hid-generic 0005:16C0:5505.0001: unknown main item tag 0x0
[  131.624287][ T5879] hid-generic 0005:16C0:5505.0001: unknown main item tag 0x0
[  131.859167][   T53] Bluetooth: hci0: command tx timeout
[  132.575361][ T5879] hid-generic 0005:16C0:5505.0001: hidraw0: BLUETOOTH HID v0.8b Device [syz0] on aa:aa:aa:aa:aa:aa
2026/01/11 17:55:42 executed programs: 54
[  132.822418][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  132.828883][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  133.940692][   T53] Bluetooth: hci0: command tx timeout
[  136.020925][   T53] Bluetooth: hci0: command tx timeout
2026/01/11 17:55:47 executed programs: 309
2026/01/11 17:55:52 executed programs: 558
[  143.633190][ T5151] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  143.642215][ T5151] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  143.650583][ T5151] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  143.658471][ T5151] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  143.666173][ T5151] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  143.810970][   T42] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.835285][ T7755] chnl_net:caif_netlink_parms(): no params data found
[  143.883615][   T42] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.932360][   T42] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.946372][ T7755] bridge0: port 1(bridge_slave_0) entered blocking state
[  143.954128][ T7755] bridge0: port 1(bridge_slave_0) entered disabled state
[  143.961470][ T7755] bridge_slave_0: entered allmulticast mode
[  143.968345][ T7755] bridge_slave_0: entered promiscuous mode
[  143.985150][   T42] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.998722][ T7755] bridge0: port 2(bridge_slave_1) entered blocking state
[  144.006080][ T7755] bridge0: port 2(bridge_slave_1) entered disabled state
[  144.013326][ T7755] bridge_slave_1: entered allmulticast mode
[  144.020958][ T7755] bridge_slave_1: entered promiscuous mode
[  144.050637][ T7755] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  144.063230][ T7755] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  144.095960][ T7755] team0: Port device team_slave_0 added
[  144.112878][ T7755] team0: Port device team_slave_1 added
[  144.157654][ T7755] batman_adv: batadv0: Adding interface: batadv_slave_0
[  144.165711][ T7755] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  144.192502][ T7755] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  144.213053][ T7755] batman_adv: batadv0: Adding interface: batadv_slave_1
[  144.220655][ T7755] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  144.246982][ T7755] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  144.306417][ T7755] hsr_slave_0: entered promiscuous mode
[  144.314135][ T7755] hsr_slave_1: entered promiscuous mode
[  144.320428][ T7755] debugfs: 'hsr0' already exists in 'hsr'
[  144.326233][ T7755] Cannot create hsr debugfs directory
[  144.333357][   T42] bridge_slave_1: left allmulticast mode
[  144.341371][   T42] bridge_slave_1: left promiscuous mode
[  144.347200][   T42] bridge0: port 2(bridge_slave_1) entered disabled state
[  144.356776][   T42] bridge_slave_0: left allmulticast mode
[  144.362838][   T42] bridge_slave_0: left promiscuous mode
[  144.368518][   T42] bridge0: port 1(bridge_slave_0) entered disabled state
[  144.586591][   T42] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  144.597114][   T42] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  144.606962][   T42] bond0 (unregistering): Released all slaves
[  144.830800][   T42] hsr_slave_0: left promiscuous mode
[  144.840666][   T42] hsr_slave_1: left promiscuous mode
[  144.847005][   T42] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  144.854682][   T42] batman_adv: batadv0: Removing interface: batadv_slave_0
[  144.868155][   T42] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  144.879793][   T42] batman_adv: batadv0: Removing interface: batadv_slave_1
[  144.899670][   T42] veth1_macvtap: left promiscuous mode
[  144.905248][   T42] veth0_macvtap: left promiscuous mode
[  144.911250][   T42] veth1_vlan: left promiscuous mode
[  144.917264][   T42] veth0_vlan: left promiscuous mode
[  145.318568][   T42] team0 (unregistering): Port device team_slave_1 removed
[  145.344030][   T42] team0 (unregistering): Port device team_slave_0 removed
[  145.700022][   T53] Bluetooth: hci0: command tx timeout
[  145.886513][ T7755] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  145.897902][ T7755] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  145.909512][ T7755] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  145.923115][ T7755] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  146.059365][ T7755] 8021q: adding VLAN 0 to HW filter on device bond0
[  146.081077][ T7755] 8021q: adding VLAN 0 to HW filter on device team0
[  146.092968][ T1081] bridge0: port 1(bridge_slave_0) entered blocking state
[  146.100080][ T1081] bridge0: port 1(bridge_slave_0) entered forwarding state
[  146.116980][ T1081] bridge0: port 2(bridge_slave_1) entered blocking state
[  146.124215][ T1081] bridge0: port 2(bridge_slave_1) entered forwarding state
[  146.333907][ T7755] 8021q: adding VLAN 0 to HW filter on device batadv0
[  146.392130][ T7755] veth0_vlan: entered promiscuous mode
[  146.412699][ T7755] veth1_vlan: entered promiscuous mode
[  146.451457][ T7755] veth0_macvtap: entered promiscuous mode
[  146.461947][ T7755] veth1_macvtap: entered promiscuous mode
[  146.486728][ T7755] batman_adv: batadv0: Interface activated: batadv_slave_0
[  146.504026][ T7755] batman_adv: batadv0: Interface activated: batadv_slave_1
[  146.519813][ T1081] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  146.545077][ T1081] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  146.559121][ T1081] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  146.568320][ T1081] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  146.636784][   T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  146.653016][   T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  146.690718][ T1081] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  146.700557][ T1081] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  147.715706][ T5863] hid_parser_main: 65150 callbacks suppressed
[  147.715721][ T5863] hid-generic 0005:16C0:5505.0002: unknown main item tag 0x0
[  147.730141][ T5863] hid-generic 0005:16C0:5505.0002: unknown main item tag 0x0
[  147.737582][ T5863] hid-generic 0005:16C0:5505.0002: unknown main item tag 0x0
[  147.745437][ T5863] hid-generic 0005:16C0:5505.0002: unknown main item tag 0x0
[  147.753917][ T5863] hid-generic 0005:16C0:5505.0002: unknown main item tag 0x0
2026/01/11 17:55:57 executed programs: 637
[  147.761595][ T5863] hid-generic 0005:16C0:5505.0002: unknown main item tag 0x0
[  147.769298][ T5863] hid-generic 0005:16C0:5505.0002: unknown main item tag 0x3
[  147.776713][ T5863] hid-generic 0005:16C0:5505.0002: unknown main item tag 0x1
[  147.784617][ T5863] hid-generic 0005:16C0:5505.0002: unknown main item tag 0x0
[  147.789425][   T53] Bluetooth: hci0: command tx timeout
[  147.795918][ T5863] hid-generic 0005:16C0:5505.0002: unknown main item tag 0x0
[  148.564689][ T5863] hid-generic 0005:16C0:5505.0002: hidraw0: BLUETOOTH HID v0.8b Device [syz0] on aa:aa:aa:aa:aa:aa
[  149.859109][   T53] Bluetooth: hci0: command tx timeout
[  151.939120][   T53] Bluetooth: hci0: command tx timeout
2026/01/11 17:56:02 executed programs: 884
2026/01/11 17:56:07 executed programs: 1142
[  159.012970][ T5151] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  159.022819][ T5151] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  159.031254][ T5151] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  159.040833][ T5151] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  159.048610][ T5151] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  159.056483][ T7821] ==================================================================
[  159.065073][ T7821] BUG: KASAN: use-after-free in __mutex_lock+0x801/0x1350
[  159.072193][ T7821] Read of size 8 at addr ffff8880246c80a8 by task khidpd_16c05505/7821
[  159.080436][ T7821] 
[  159.082766][ T7821] CPU: 0 UID: 0 PID: 7821 Comm: khidpd_16c05505 Not tainted syzkaller #0 PREEMPT(full) 
[  159.082779][ T7821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  159.082791][ T7821] Call Trace:
[  159.082796][ T7821]  <TASK>
[  159.082800][ T7821]  dump_stack_lvl+0xe8/0x150
[  159.082820][ T7821]  print_report+0xca/0x240
[  159.082831][ T7821]  ? __mutex_lock+0x801/0x1350
[  159.082842][ T7821]  kasan_report+0x118/0x150
[  159.082855][ T7821]  ? __mutex_lock+0x801/0x1350
[  159.082867][ T7821]  __mutex_lock+0x801/0x1350
[  159.082878][ T7821]  ? __mutex_lock+0x5bb/0x1350
[  159.082889][ T7821]  ? l2cap_unregister_user+0x6a/0x1b0
[  159.082903][ T7821]  ? __pfx___mutex_lock+0x10/0x10
[  159.082915][ T7821]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  159.082930][ T7821]  ? lockdep_hardirqs_on+0x7b/0x110
[  159.082941][ T7821]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  159.082961][ T7821]  l2cap_unregister_user+0x6a/0x1b0
[  159.082977][ T7821]  hidp_session_thread+0x3a1/0x420
[  159.082991][ T7821]  ? __pfx_hidp_session_thread+0x10/0x10
[  159.083003][ T7821]  ? __pfx_hidp_session_wake_function+0x10/0x10
[  159.083017][ T7821]  ? __pfx_hidp_session_wake_function+0x10/0x10
[  159.083030][ T7821]  ? __kthread_parkme+0x7b/0x200
[  159.083041][ T7821]  ? __kthread_parkme+0x1a1/0x200
[  159.083052][ T7821]  kthread+0x711/0x8a0
[  159.083065][ T7821]  ? __pfx_hidp_session_thread+0x10/0x10
[  159.083077][ T7821]  ? __pfx_kthread+0x10/0x10
[  159.083089][ T7821]  ? _raw_spin_unlock_irq+0x23/0x50
[  159.083104][ T7821]  ? __pfx_kthread+0x10/0x10
[  159.083115][ T7821]  ret_from_fork+0x510/0xa50
[  159.083125][ T7821]  ? __pfx_ret_from_fork+0x10/0x10
[  159.083134][ T7821]  ? __switch_to+0xc9e/0x1480
[  159.083148][ T7821]  ? __pfx_kthread+0x10/0x10
[  159.083160][ T7821]  ret_from_fork_asm+0x1a/0x30
[  159.083177][ T7821]  </TASK>
[  159.083181][ T7821] 
[  159.259662][ T7821] The buggy address belongs to the physical page:
[  159.266063][ T7821] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880246cc000 pfn:0x246c8
[  159.276107][ T7821] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  159.283205][ T7821] raw: 00fff00000000000 ffffea0001690b08 ffff8880b8740c00 0000000000000000
[  159.291769][ T7821] raw: ffff8880246cc000 0000000000000000 00000000ffffffff 0000000000000000
[  159.300335][ T7821] page dumped because: kasan: bad access detected
[  159.306742][ T7821] page_owner tracks the page as freed
[  159.312106][ T7821] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x40dc0(GFP_KERNEL|__GFP_ZERO|__GFP_COMP), pid 5151, tgid 5151 (kworker/u9:1), ts 159311747210, free_ts 159051472108
[  159.330264][ T7821]  post_alloc_hook+0x234/0x290
[  159.335021][ T7821]  get_page_from_freelist+0x24e0/0x2580
[  159.340548][ T7821]  __alloc_frozen_pages_noprof+0x181/0x370
[  159.346386][ T7821]  alloc_pages_mpol+0x232/0x4a0
[  159.351216][ T7821]  alloc_pages_noprof+0xa9/0x190
[  159.356132][ T7821]  stack_depot_save_flags+0x73c/0x810
[  159.361574][ T7821]  kasan_save_track+0x4f/0x80
[  159.366228][ T7821]  __kasan_slab_alloc+0x6c/0x80
[  159.371066][ T7821]  kmem_cache_alloc_noprof+0x37d/0x710
[  159.376526][ T7821]  radix_tree_node_alloc+0x19c/0x3a0
[  159.381805][ T7821]  idr_get_free+0x2b3/0xa70
[  159.386295][ T7821]  idr_alloc_u32+0x17a/0x310
[  159.390949][ T7821]  idr_alloc_cyclic+0x9b/0x1b0
[  159.395690][ T7821]  __kernfs_new_node+0x125/0x8a0
[  159.400609][ T7821]  kernfs_new_node+0x102/0x210
[  159.405356][ T7821]  kernfs_create_link+0xa7/0x200
[  159.410282][ T7821] page last free pid 7755 tgid 7755 stack trace:
[  159.416585][ T7821]  __free_frozen_pages+0xbc8/0xd30
[  159.421673][ T7821]  bt_host_release+0x82/0x90
[  159.426237][ T7821]  device_release+0x9e/0x1d0
[  159.430802][ T7821]  kobject_put+0x228/0x570
[  159.435194][ T7821]  vhci_release+0x15a/0x1a0
[  159.439675][ T7821]  __fput+0x44c/0xa70
[  159.443641][ T7821]  task_work_run+0x1d4/0x260
[  159.448217][ T7821]  do_exit+0x694/0x22f0
[  159.452354][ T7821]  do_group_exit+0x21c/0x2d0
[  159.456931][ T7821]  get_signal+0x1285/0x1340
[  159.461413][ T7821]  arch_do_signal_or_restart+0x9a/0x7a0
[  159.466946][ T7821]  exit_to_user_mode_loop+0x87/0x4e0
[  159.472209][ T7821]  do_syscall_64+0x2c1/0xf80
[  159.476789][ T7821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.482741][ T7821] 
[  159.485042][ T7821] Memory state around the buggy address:
[  159.490646][ T7821]  ffff8880246c7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  159.498709][ T7821]  ffff8880246c8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  159.506764][ T7821] >ffff8880246c8080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  159.514939][ T7821]                                   ^
[  159.520302][ T7821]  ffff8880246c8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  159.528364][ T7821]  ffff8880246c8180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  159.536403][ T7821] ==================================================================
[  159.544738][ T7821] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  159.551940][ T7821] CPU: 0 UID: 0 PID: 7821 Comm: khidpd_16c05505 Not tainted syzkaller #0 PREEMPT(full) 
[  159.561686][ T7821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  159.571742][ T7821] Call Trace:
[  159.575005][ T7821]  <TASK>
[  159.577917][ T7821]  vpanic+0x1e0/0x670
[  159.581888][ T7821]  panic+0xb9/0xc0
[  159.585595][ T7821]  ? __pfx_panic+0x10/0x10
[  159.589992][ T7821]  ? __mutex_lock+0x801/0x1350
[  159.594740][ T7821]  ? __mutex_lock+0x801/0x1350
[  159.599512][ T7821]  check_panic_on_warn+0x89/0xb0
[  159.604454][ T7821]  ? __mutex_lock+0x801/0x1350
[  159.609204][ T7821]  end_report+0x6f/0x140
[  159.613456][ T7821]  kasan_report+0x129/0x150
[  159.617943][ T7821]  ? __mutex_lock+0x801/0x1350
[  159.622688][ T7821]  __mutex_lock+0x801/0x1350
[  159.627278][ T7821]  ? __mutex_lock+0x5bb/0x1350
[  159.632040][ T7821]  ? l2cap_unregister_user+0x6a/0x1b0
[  159.637514][ T7821]  ? __pfx___mutex_lock+0x10/0x10
[  159.642520][ T7821]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  159.648326][ T7821]  ? lockdep_hardirqs_on+0x7b/0x110
[  159.653523][ T7821]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  159.659348][ T7821]  l2cap_unregister_user+0x6a/0x1b0
[  159.664566][ T7821]  hidp_session_thread+0x3a1/0x420
[  159.669668][ T7821]  ? __pfx_hidp_session_thread+0x10/0x10
[  159.675298][ T7821]  ? __pfx_hidp_session_wake_function+0x10/0x10
[  159.681525][ T7821]  ? __pfx_hidp_session_wake_function+0x10/0x10
[  159.687837][ T7821]  ? __kthread_parkme+0x7b/0x200
[  159.692861][ T7821]  ? __kthread_parkme+0x1a1/0x200
[  159.697911][ T7821]  kthread+0x711/0x8a0
[  159.701998][ T7821]  ? __pfx_hidp_session_thread+0x10/0x10
[  159.707647][ T7821]  ? __pfx_kthread+0x10/0x10
[  159.712318][ T7821]  ? _raw_spin_unlock_irq+0x23/0x50
[  159.717598][ T7821]  ? __pfx_kthread+0x10/0x10
[  159.722191][ T7821]  ret_from_fork+0x510/0xa50
[  159.726785][ T7821]  ? __pfx_ret_from_fork+0x10/0x10
[  159.731886][ T7821]  ? __switch_to+0xc9e/0x1480
[  159.736550][ T7821]  ? __pfx_kthread+0x10/0x10
[  159.741135][ T7821]  ret_from_fork_asm+0x1a/0x30
[  159.745886][ T7821]  </TASK>
[  159.749393][ T7821] Kernel Offset: disabled
[  159.753707][ T7821] Rebooting in 86400 seconds..