Bluetooth: hci7: command 0x0c1a tx timeout wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 ================================ WARNING: inconsistent lock state 6.13.0-rc2-next-20241213 #1 Not tainted -------------------------------- inconsistent {HARDIRQ-ON-W} -> {IN-HARDIRQ-W} usage. systemd-udevd/112 [HC1[1]:SC1[1]:HE0:SE0] takes: ffff88800c61a518 (&sighand->siglock){?.+.}-{3:3}, at: __lock_task_sighand+0xd2/0x340 {HARDIRQ-ON-W} state was registered at: lockdep_hardirqs_on_prepare+0x12b/0x3f0 trace_hardirqs_on+0x36/0x40 _raw_spin_unlock_irq+0x23/0x40 mtree_erase+0x15c/0x1f0 free_pid+0x32/0x270 __change_pid+0x38e/0x580 release_task+0xf72/0x1600 wait_consider_task+0x2ef0/0x3c50 __do_wait+0x7af/0x8f0 do_wait+0x19a/0x530 kernel_wait+0xa0/0x160 call_usermodehelper_exec_work+0xf9/0x180 process_one_work+0x8ee/0x1a10 worker_thread+0x674/0xe70 kthread+0x3ab/0x720 ret_from_fork+0x48/0x80 ret_from_fork_asm+0x1a/0x30 irq event stamp: 646067 hardirqs last enabled at (646066): [] kasan_quarantine_put+0x84/0x1e0 hardirqs last disabled at (646067): [] sysvec_apic_timer_interrupt+0xf/0x80 softirqs last enabled at (645914): [] handle_softirqs+0x50c/0x770 softirqs last disabled at (646053): [] __irq_exit_rcu+0xc4/0x100 other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(&sighand->siglock); lock(&sighand->siglock); *** DEADLOCK *** 3 locks held by systemd-udevd/112: #0: ffffffff85c162e0 (rcu_callback){....}-{0:0}, at: rcu_core+0x724/0x17a0 #1: ffffffff85c16400 (rcu_read_lock){....}-{1:3}, at: kill_pid_info_type+0x1a/0x2c0 #2: ffffffff85c16400 (rcu_read_lock){....}-{1:3}, at: __lock_task_sighand+0x34/0x340 stack backtrace: CPU: 0 UID: 0 PID: 112 Comm: systemd-udevd Not tainted 6.13.0-rc2-next-20241213 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 Call Trace: dump_stack_lvl+0xca/0x120 print_usage_bug.part.0+0x371/0x4d0 mark_lock+0xb92/0xed0 __lock_acquire+0x1595/0x4360 lock_acquire.part.0+0xeb/0x320 _raw_spin_lock_irqsave+0x3a/0x60 __lock_task_sighand+0xd2/0x340 group_send_sig_info+0x294/0x310 kill_pid_info_type+0x92/0x2c0 it_real_fn+0x9e/0x220 __hrtimer_run_queues+0x1ab/0xa80 hrtimer_interrupt+0x369/0x830 __sysvec_apic_timer_interrupt+0xc2/0x330 sysvec_apic_timer_interrupt+0x34/0x80 asm_sysvec_apic_timer_interrupt+0x1a/0x20 RIP: 0010:lock_release+0x407/0x6f0 Code: ff ff ff ff 65 0f c1 05 5f 51 b2 7e 83 f8 01 0f 85 4c 01 00 00 48 f7 04 24 00 02 00 00 74 01 fb 48 b8 00 00 00 00 00 fc ff df <48> 01 c3 48 c7 03 00 00 00 00 c7 43 08 00 00 00 00 48 8b 84 24 88 RSP: 0018:ffff88806ce09940 EFLAGS: 00000206 RAX: dffffc0000000000 RBX: 1ffff1100d9c132a RCX: 0000000000000000 RDX: 1ffff11001e29837 RSI: ffffffff85c16400 RDI: ffff88800f14c1b8 RBP: 10254d26b26672e7 R08: 0000000000000001 R09: ffff88800f14c1c0 R10: ffffffff863fbe97 R11: 0000000000000003 R12: 0000000000000001 R13: ffffffff81727ad6 R14: 0000000000000002 R15: ffff88800f14b780 __is_insn_slot_addr+0x13b/0x290 kernel_text_address+0x48/0xc0 __kernel_text_address+0xd/0x40 unwind_get_return_address+0x59/0xa0 arch_stack_walk+0x9d/0xf0 stack_trace_save+0x8f/0xc0 kasan_save_stack+0x24/0x50 kasan_save_track+0x14/0x30 kasan_save_free_info+0x3a/0x60 __kasan_slab_free+0x38/0x50 kmem_cache_free+0x138/0x470 rcu_core+0x7c9/0x17a0 handle_softirqs+0x1b1/0x770 __irq_exit_rcu+0xc4/0x100 irq_exit_rcu+0x9/0x20 sysvec_apic_timer_interrupt+0x70/0x80 asm_sysvec_apic_timer_interrupt+0x1a/0x20 RIP: 0010:filp_flush+0x158/0x1b0 Code: 0f b6 04 02 84 c0 74 04 3c 03 7e 44 8b 5d 48 31 ff 81 e3 00 40 00 00 89 de e8 54 5a c2 ff 85 db 75 1b e8 1b 57 c2 ff 4c 89 e6 <48> 89 ef e8 10 fb 15 00 4c 89 e6 48 89 ef e8 45 7c 19 00 e8 00 57 RSP: 0018:ffff88800e5e7ef0 EFLAGS: 00000293 RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff81af9acc RDX: ffff88800f14b780 RSI: ffff888009454780 RDI: 0000000000000005 RBP: ffff88801632ce00 R08: 0000000000000000 R09: ffffed1002c659c0 R10: 0000000000000000 R11: 0000000000000000 R12: ffff888009454780 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 __x64_sys_close+0x81/0x120 do_syscall_64+0xbf/0x1d0 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fa6c88a6d77 Code: 44 00 00 48 8b 15 19 a1 0c 00 f7 d8 64 89 02 b8 ff ff ff ff eb bc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 8b 15 e9 a0 0c 00 f7 d8 64 89 02 b8 RSP: 002b:00007ffd8152f528 EFLAGS: 00000206 ORIG_RAX: 0000000000000003 RAX: ffffffffffffffda RBX: 00007fa6c83f26c0 RCX: 00007fa6c88a6d77 RDX: 0000000000020d80 RSI: 0000000000000000 RDI: 0000000000000012 RBP: 000055cf8ea03250 R08: 0000000000000000 R09: 00007fa6c8971be0 R10: 0000000000000010 R11: 0000000000000206 R12: 0000000000000000 R13: 000055cf8e9a33c0 R14: 000055cf8e9a33c0 R15: 000055cf8e9db750 Bluetooth: hci4: command 0x0c1a tx timeout Bluetooth: hci1: command 0x0c1a tx timeout Bluetooth: hci5: command 0x0c1a tx timeout Bluetooth: hci0: command 0x0c1a tx timeout Bluetooth: hci6: command 0x0c1a tx timeout Bluetooth: hci2: command 0x0c1a tx timeout Bluetooth: hci3: command 0x0c1a tx timeout Bluetooth: hci7: command 0x0c1a tx timeout Bluetooth: hci4: command 0x0c1a tx timeout Bluetooth: hci0: command 0x0c1a tx timeout Bluetooth: hci5: command 0x0c1a tx timeout Bluetooth: hci1: command 0x0c1a tx timeout Bluetooth: hci3: command 0x0c1a tx timeout Bluetooth: hci6: command 0x0c1a tx timeout Bluetooth: hci2: command 0x0c1a tx timeout Bluetooth: hci7: command 0x0c1a tx timeout ---------------- Code disassembly (best guess), 3 bytes skipped: 0: ff 65 0f jmpq *0xf(%rbp) 3: c1 05 5f 51 b2 7e 83 roll $0x83,0x7eb2515f(%rip) # 0x7eb25169 a: f8 clc b: 01 0f add %ecx,(%rdi) d: 85 4c 01 00 test %ecx,0x0(%rcx,%rax,1) 11: 00 48 f7 add %cl,-0x9(%rax) 14: 04 24 add $0x24,%al 16: 00 02 add %al,(%rdx) 18: 00 00 add %al,(%rax) 1a: 74 01 je 0x1d 1c: fb sti 1d: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax 24: fc ff df * 27: 48 01 c3 add %rax,%rbx <-- trapping instruction 2a: 48 c7 03 00 00 00 00 movq $0x0,(%rbx) 31: c7 43 08 00 00 00 00 movl $0x0,0x8(%rbx) 38: 48 rex.W 39: 8b .byte 0x8b 3a: 84 24 88 test %ah,(%rax,%rcx,4)