program:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r0, 0x90004)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r1, 0xffffffffffffffff, 0x0)
[ 86.183484][ T44] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[ 86.188485][ T44] CPU: 0 UID: 0 PID: 44 Comm: kworker/u5:0 Not tainted syzkaller #0 PREEMPT(full)
[ 86.188506][ T44] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 86.188515][ T44] Workqueue: hci0 hci_rx_work
[ 86.188626][ T44] Call Trace:
[ 86.188633][ T44]
[ 86.188640][ T44] dump_stack_lvl+0xe8/0x150
[ 86.188657][ T44] sysfs_create_dir_ns+0x271/0x2a0
[ 86.188673][ T44] ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 86.188688][ T44] ? do_raw_spin_unlock+0x4d/0x210
[ 86.188709][ T44] kobject_add_internal+0x62b/0xd00
[ 86.188729][ T44] kobject_add+0x163/0x240
[ 86.188746][ T44] ? __pfx_kobject_add+0x10/0x10
[ 86.188760][ T44] ? _raw_spin_unlock+0x28/0x50
[ 86.188779][ T44] ? get_device_parent+0x366/0x3a0
[ 86.188830][ T44] device_add+0x408/0xbb0
[ 86.188850][ T44] hci_conn_add_sysfs+0xd5/0x210
[ 86.188866][ T44] le_conn_complete_evt+0x10e6/0x16b0
[ 86.188890][ T44] ? __pfx_le_conn_complete_evt+0x10/0x10
[ 86.188904][ T44] ? __mutex_unlock_slowpath+0x1be/0x6f0
[ 86.188916][ T44] ? __asan_memcpy+0x40/0x70
[ 86.188931][ T44] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 86.188950][ T44] ? skb_pull_data+0xfb/0x200
[ 86.188970][ T44] hci_le_conn_complete_evt+0x187/0x470
[ 86.188990][ T44] hci_event_packet+0x659/0xef0
[ 86.189007][ T44] ? __pfx_hci_le_meta_evt+0x10/0x10
[ 86.189023][ T44] ? __pfx_hci_event_packet+0x10/0x10
[ 86.189039][ T44] ? kcov_remote_start+0x49a/0x7a0
[ 86.189056][ T44] ? hci_send_to_monitor+0xe2/0x590
[ 86.189082][ T44] hci_rx_work+0x3ee/0x1040
[ 86.189100][ T44] ? process_scheduled_works+0xa70/0x1860
[ 86.189115][ T44] process_scheduled_works+0xb5d/0x1860
[ 86.189147][ T44] ? __pfx_process_scheduled_works+0x10/0x10
[ 86.189161][ T44] ? assign_work+0x3d5/0x5e0
[ 86.189175][ T44] worker_thread+0xa53/0xfc0
[ 86.189202][ T44] kthread+0x388/0x470
[ 86.189218][ T44] ? __pfx_worker_thread+0x10/0x10
[ 86.189230][ T44] ? __pfx_kthread+0x10/0x10
[ 86.189246][ T44] ret_from_fork+0x514/0xb70
[ 86.189263][ T44] ? __pfx_ret_from_fork+0x10/0x10
[ 86.189276][ T44] ? __switch_to+0xc79/0x1410
[ 86.189295][ T44] ? __pfx_kthread+0x10/0x10
[ 86.189310][ T44] ret_from_fork_asm+0x1a/0x30
[ 86.189334][ T44]
[ 86.189358][ T44] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 86.302693][ T44] Bluetooth: hci0: failed to register connection device
[ 86.310776][ T44] Oops: general protection fault, probably for non-canonical address 0xdffffc000000004c: 0000 [#1] SMP KASAN NOPTI
[ 86.316245][ T44] KASAN: null-ptr-deref in range [0x0000000000000260-0x0000000000000267]
[ 86.319977][ T44] CPU: 0 UID: 0 PID: 44 Comm: kworker/u5:0 Not tainted syzkaller #0 PREEMPT(full)
[ 86.324015][ T44] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 86.328490][ T44] Workqueue: hci0 hci_rx_work
[ 86.330626][ T44] RIP: 0010:kasan_byte_accessible+0x12/0x30
[ 86.333291][ T44] Code: 79 ff ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 40 d6 48 c1 ef 03 48 b8 00 00 00 00 00 fc ff df <0f> b6 04 07 3c 08 0f 92 c0 c3 cc cc cc cc cc 66 66 66 66 66 66 2e
[ 86.341949][ T44] RSP: 0018:ffffc900004674d0 EFLAGS: 00010202
[ 86.344607][ T44] RAX: dffffc0000000000 RBX: ffffffff8975c721 RCX: 0000000080000001
[ 86.348057][ T44] RDX: 0000000000000000 RSI: ffffffff8975c721 RDI: 000000000000004c
[ 86.351586][ T44] RBP: ffffffff8aac029a R08: 0000000000000001 R09: 0000000000000000
[ 86.355120][ T44] R10: dffffc0000000000 R11: ffffffff8aac0250 R12: 0000000000000000
[ 86.358691][ T44] R13: 0000000000000260 R14: 0000000000000260 R15: 0000000000000001
[ 86.362109][ T44] FS: 0000000000000000(0000) GS:ffff88808c888000(0000) knlGS:0000000000000000
[ 86.365806][ T44] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 86.368482][ T44] CR2: 00007ffdaa758f52 CR3: 000000000e74a000 CR4: 0000000000352ef0
[ 86.371719][ T44] Call Trace:
[ 86.373220][ T44]
[ 86.374486][ T44] __kasan_check_byte+0x12/0x40
[ 86.376525][ T44] lock_acquire+0x84/0x350
[ 86.378562][ T44] ? __pfx___mutex_lock+0x10/0x10
[ 86.380881][ T44] ? l2cap_global_fixed_chan+0x2ee/0x380
[ 86.383481][ T44] lock_sock_nested+0x41/0x100
[ 86.385617][ T44] ? l2cap_sock_new_connection_cb+0x4a/0x2e0
[ 86.388363][ T44] l2cap_sock_new_connection_cb+0x4a/0x2e0
[ 86.390920][ T44] l2cap_connect_cfm+0x368/0x1560
[ 86.393283][ T44] ? __pfx_l2cap_connect_cfm+0x10/0x10
[ 86.395783][ T44] ? __pfx_bt_err+0x10/0x10
[ 86.397845][ T44] ? __pfx_l2cap_connect_cfm+0x10/0x10
[ 86.400396][ T44] hci_connect_cfm+0x95/0x140
[ 86.402594][ T44] le_conn_complete_evt+0x1134/0x16b0
[ 86.405083][ T44] ? __pfx_le_conn_complete_evt+0x10/0x10
[ 86.407700][ T44] ? __mutex_unlock_slowpath+0x1be/0x6f0
[ 86.410307][ T44] ? __asan_memcpy+0x40/0x70
[ 86.412558][ T44] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 86.415390][ T44] ? skb_pull_data+0xfb/0x200
[ 86.417570][ T44] hci_le_conn_complete_evt+0x187/0x470
[ 86.420192][ T44] hci_event_packet+0x659/0xef0
[ 86.422472][ T44] ? __pfx_hci_le_meta_evt+0x10/0x10
[ 86.424863][ T44] ? __pfx_hci_event_packet+0x10/0x10
[ 86.427359][ T44] ? kcov_remote_start+0x49a/0x7a0
[ 86.429690][ T44] ? hci_send_to_monitor+0xe2/0x590
[ 86.432046][ T44] hci_rx_work+0x3ee/0x1040
[ 86.434113][ T44] ? process_scheduled_works+0xa70/0x1860
[ 86.436633][ T44] process_scheduled_works+0xb5d/0x1860
[ 86.439159][ T44] ? __pfx_process_scheduled_works+0x10/0x10
[ 86.441942][ T44] ? assign_work+0x3d5/0x5e0
[ 86.447360][ T44] worker_thread+0xa53/0xfc0
[ 86.449550][ T44] kthread+0x388/0x470
[ 86.451471][ T44] ? __pfx_worker_thread+0x10/0x10
[ 86.453870][ T44] ? __pfx_kthread+0x10/0x10
[ 86.455996][ T44] ret_from_fork+0x514/0xb70
[ 86.458037][ T44] ? __pfx_ret_from_fork+0x10/0x10
[ 86.460356][ T44] ? __switch_to+0xc79/0x1410
[ 86.462817][ T44] ? __pfx_kthread+0x10/0x10
[ 86.465496][ T44] ret_from_fork_asm+0x1a/0x30
[ 86.467733][ T44]
[ 86.469235][ T44] Modules linked in:
[ 86.472364][ T44] ---[ end trace 0000000000000000 ]---
[ 86.481161][ T44] RIP: 0010:kasan_byte_accessible+0x12/0x30
[ 86.484071][ T44] Code: 79 ff ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 40 d6 48 c1 ef 03 48 b8 00 00 00 00 00 fc ff df <0f> b6 04 07 3c 08 0f 92 c0 c3 cc cc cc cc cc 66 66 66 66 66 66 2e
[ 86.493849][ T44] RSP: 0018:ffffc900004674d0 EFLAGS: 00010202
[ 86.496515][ T44] RAX: dffffc0000000000 RBX: ffffffff8975c721 RCX: 0000000080000001
[ 86.500097][ T44] RDX: 0000000000000000 RSI: ffffffff8975c721 RDI: 000000000000004c
[ 86.503833][ T44] RBP: ffffffff8aac029a R08: 0000000000000001 R09: 0000000000000000
[ 86.507376][ T44] R10: dffffc0000000000 R11: ffffffff8aac0250 R12: 0000000000000000
[ 86.510857][ T44] R13: 0000000000000260 R14: 0000000000000260 R15: 0000000000000001
[ 86.514789][ T44] FS: 0000000000000000(0000) GS:ffff88808c888000(0000) knlGS:0000000000000000
[ 86.518725][ T44] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 86.521716][ T44] CR2: 00007fa1eadbe708 CR3: 0000000043c82000 CR4: 0000000000352ef0
[ 86.525474][ T44] Kernel panic - not syncing: Fatal exception
[ 86.528370][ T44] Kernel Offset: disabled
[ 86.530215][ T44] Rebooting in 86400 seconds..