Warning: Permanently added '[localhost]:63896' (ECDSA) to the list of known hosts. 2025/01/18 06:35:37 fuzzer started 2025/01/18 06:35:38 dialing manager at localhost:44245 syzkaller login: [ 67.992249] cgroup: Unknown subsys name 'net' [ 68.082905] cgroup: Unknown subsys name 'cpuset' [ 68.120814] cgroup: Unknown subsys name 'rlimit' [ 73.960944] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 84.358760] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/18 06:35:55 syscalls: 2217 2025/01/18 06:35:55 code coverage: enabled 2025/01/18 06:35:55 comparison tracing: enabled 2025/01/18 06:35:55 extra coverage: enabled 2025/01/18 06:35:55 setuid sandbox: enabled 2025/01/18 06:35:55 namespace sandbox: enabled 2025/01/18 06:35:55 Android sandbox: enabled 2025/01/18 06:35:55 fault injection: enabled 2025/01/18 06:35:55 leak checking: enabled 2025/01/18 06:35:55 net packet injection: enabled 2025/01/18 06:35:55 net device setup: enabled 2025/01/18 06:35:55 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/18 06:35:55 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/18 06:35:55 USB emulation: enabled 2025/01/18 06:35:55 hci packet injection: enabled 2025/01/18 06:35:55 wifi device emulation: enabled 2025/01/18 06:35:55 802.15.4 emulation: enabled 2025/01/18 06:35:55 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/18 06:35:55 fetching corpus: 50, signal 26367/29083 (executing program) 2025/01/18 06:35:55 fetching corpus: 100, signal 35832/39172 (executing program) 2025/01/18 06:35:55 fetching corpus: 150, signal 43177/46881 (executing program) 2025/01/18 06:35:55 fetching corpus: 200, signal 48903/52846 (executing program) 2025/01/18 06:35:56 fetching corpus: 250, signal 55541/59288 (executing program) 2025/01/18 06:35:56 fetching corpus: 300, signal 59536/63211 (executing program) 2025/01/18 06:35:56 fetching corpus: 350, signal 64715/67886 (executing program) 2025/01/18 06:35:56 fetching corpus: 400, signal 70378/72667 (executing program) 2025/01/18 06:35:56 fetching corpus: 450, signal 74134/75776 (executing program) 2025/01/18 06:35:57 fetching corpus: 500, signal 78069/78778 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/79464 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/79526 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/79572 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/79625 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/79669 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/79713 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/79761 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/79810 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/79849 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/79894 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/79941 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/79987 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/80030 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/80072 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/80112 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/80166 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/80217 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/80261 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/80314 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/80368 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/80422 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/80478 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/80527 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/80579 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/80616 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/80644 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/80697 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/80757 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/80804 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/80820 (executing program) 2025/01/18 06:35:57 fetching corpus: 528, signal 78927/80820 (executing program) 2025/01/18 06:36:01 starting 8 fuzzer processes 06:36:01 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), r0) sendmsg$IEEE802154_LLSEC_DEL_KEY(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x20, r1, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}]}, 0x20}}, 0x0) 06:36:01 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = io_uring_setup(0x4f45, &(0x7f0000000240)) io_uring_register$IORING_REGISTER_PROBE(r0, 0x5, 0x0, 0x1) 06:36:01 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xfc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) dup3(r0, r1, 0x0) 06:36:01 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)={0x1c, 0x1e, 0x1, 0x0, 0x0, "", [@typed={0xa, 0x0, 0x0, 0x0, @binary="d8c9310200"}]}, 0x1c}], 0x1}, 0x0) [ 90.927368] audit: type=1400 audit(1737182161.318:7): avc: denied { execmem } for pid=273 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 06:36:01 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x9031}, 0x1c) setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x11, &(0x7f0000000000)=0x9031, 0x4) 06:36:01 executing program 5: syz_80211_inject_frame(&(0x7f00000004c0)=@broadcast, &(0x7f0000000500)=@mgmt_frame=@action_no_ack={@wo_ht={{}, {}, @device_a, @broadcast, @from_mac=@broadcast}, @sp_mp_close={0xf, 0x3, {{0x72, 0x6}, {0x75, 0x16, {0x0, 0x0, @val, @void, @val="f810f2d6d1e2d37d01b5f242842e814a"}}}}}, 0x3a) 06:36:01 executing program 6: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) close(r1) r2 = socket$inet6_udp(0xa, 0x2, 0x0) splice(r0, 0x0, r2, 0x0, 0x7, 0x0) 06:36:01 executing program 7: r0 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$setperm(0x5, r0, 0x20082000) keyctl$join(0x1, &(0x7f0000000300)={'syz', 0x0}) keyctl$join(0x1, &(0x7f0000000000)={'syz', 0x0}) [ 92.197024] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 92.201961] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 92.203977] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 92.208053] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 92.211407] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 92.212797] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 92.262797] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 92.264424] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 92.268298] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 92.276432] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 92.278687] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 92.284637] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 92.342765] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 92.343892] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 92.346016] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 92.349762] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 92.355736] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 92.358090] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 92.362971] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 92.364647] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 92.368716] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 92.385756] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 92.388193] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 92.390928] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 92.424155] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 92.430906] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 92.433963] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 92.440052] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 92.443716] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 92.451979] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 92.485398] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 92.496941] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 92.499897] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 92.527945] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 92.547182] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 92.550985] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 92.553126] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 92.559894] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 92.567999] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 92.574121] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 92.578173] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 92.595861] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 92.602154] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 92.602994] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 92.633056] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 92.659702] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 92.680982] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 92.687023] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 94.294220] Bluetooth: hci0: command tx timeout [ 94.358221] Bluetooth: hci1: command tx timeout [ 94.421644] Bluetooth: hci2: command tx timeout [ 94.422942] Bluetooth: hci3: command tx timeout [ 94.549836] Bluetooth: hci4: command tx timeout [ 94.677838] Bluetooth: hci6: command tx timeout [ 94.677858] Bluetooth: hci5: command tx timeout [ 94.805598] Bluetooth: hci7: command tx timeout [ 96.341714] Bluetooth: hci0: command tx timeout [ 96.406661] Bluetooth: hci1: command tx timeout [ 96.469677] Bluetooth: hci3: command tx timeout [ 96.469829] Bluetooth: hci2: command tx timeout [ 96.597636] Bluetooth: hci4: command tx timeout [ 96.725594] Bluetooth: hci5: command tx timeout [ 96.725695] Bluetooth: hci6: command tx timeout [ 96.853725] Bluetooth: hci7: command tx timeout [ 98.389735] Bluetooth: hci0: command tx timeout [ 98.453561] Bluetooth: hci1: command tx timeout [ 98.519539] Bluetooth: hci2: command tx timeout [ 98.519622] Bluetooth: hci3: command tx timeout [ 98.645620] Bluetooth: hci4: command tx timeout [ 98.774157] Bluetooth: hci5: command tx timeout [ 98.774332] Bluetooth: hci6: command tx timeout [ 98.903564] Bluetooth: hci7: command tx timeout [ 100.438705] Bluetooth: hci0: command tx timeout [ 100.501614] Bluetooth: hci1: command tx timeout [ 100.566396] Bluetooth: hci3: command tx timeout [ 100.566580] Bluetooth: hci2: command tx timeout [ 100.693606] Bluetooth: hci4: command tx timeout [ 100.821589] Bluetooth: hci5: command tx timeout [ 100.821683] Bluetooth: hci6: command tx timeout [ 100.949801] Bluetooth: hci7: command tx timeout [ 154.918916] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 154.924661] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 154.930200] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 154.931884] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 154.932268] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 154.933941] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 154.947972] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 154.950998] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 154.951975] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 154.953214] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 154.954852] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 154.956230] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 154.982904] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 154.985635] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 154.989680] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 155.003860] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 155.010852] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 155.013438] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 155.043117] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 155.044714] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 155.046494] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 155.047702] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 155.050208] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 155.052427] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 155.054345] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 155.077155] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 155.078052] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 155.082113] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 155.082755] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 155.083060] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 155.084977] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 155.088947] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 155.101411] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 155.101584] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 155.105282] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 155.110876] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 155.118889] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 155.120975] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 155.128904] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 155.130789] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 155.134248] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 155.135576] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 155.137050] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 155.144522] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 155.145831] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 155.159104] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 155.173305] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 155.177779] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 157.014069] Bluetooth: hci0: command tx timeout [ 157.015007] Bluetooth: hci1: command tx timeout [ 157.078119] Bluetooth: hci2: command tx timeout [ 157.205783] Bluetooth: hci7: command tx timeout [ 157.206236] Bluetooth: hci5: command tx timeout [ 157.206514] Bluetooth: hci3: command tx timeout [ 157.206588] Bluetooth: hci6: command tx timeout [ 157.269620] Bluetooth: hci4: command tx timeout [ 159.061737] Bluetooth: hci0: command tx timeout [ 159.061766] Bluetooth: hci1: command tx timeout [ 159.125719] Bluetooth: hci2: command tx timeout [ 159.254750] Bluetooth: hci6: command tx timeout [ 159.254883] Bluetooth: hci7: command tx timeout [ 159.254977] Bluetooth: hci3: command tx timeout [ 159.255041] Bluetooth: hci5: command tx timeout [ 159.318507] Bluetooth: hci4: command tx timeout [ 161.109645] Bluetooth: hci1: command tx timeout [ 161.109677] Bluetooth: hci0: command tx timeout [ 161.173528] Bluetooth: hci2: command tx timeout [ 161.302046] Bluetooth: hci5: command tx timeout [ 161.302088] Bluetooth: hci3: command tx timeout [ 161.302129] Bluetooth: hci7: command tx timeout [ 161.302205] Bluetooth: hci6: command tx timeout [ 161.365598] Bluetooth: hci4: command tx timeout [ 163.158009] Bluetooth: hci0: command tx timeout [ 163.158598] Bluetooth: hci1: command tx timeout [ 163.223499] Bluetooth: hci2: command tx timeout [ 163.350600] Bluetooth: hci6: command tx timeout [ 163.350699] Bluetooth: hci3: command tx timeout [ 163.350792] Bluetooth: hci7: command tx timeout [ 163.350855] Bluetooth: hci5: command tx timeout [ 163.413746] Bluetooth: hci4: command tx timeout [ 213.851342] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 213.851494] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 215.193548] [ 215.193882] ====================================================== [ 215.194773] WARNING: possible circular locking dependency detected [ 215.195669] 6.13.0-rc7-next-20250117 #1 Not tainted [ 215.196989] ------------------------------------------------------ [ 215.199627] kworker/u8:0/11 is trying to acquire lock: [ 215.201875] ffffffff8621b968 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 215.203983] [ 215.203983] but task is already holding lock: [ 215.204825] ffff888015ed0768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 215.206299] [ 215.206299] which lock already depends on the new lock. [ 215.206299] [ 215.207454] [ 215.207454] the existing dependency chain (in reverse order) is: [ 215.208499] [ 215.208499] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 215.209500] __mutex_lock+0x13d/0xb50 [ 215.210194] wiphy_register+0x1b2e/0x25d0 [ 215.210923] ieee80211_register_hw+0x23a4/0x3d60 [ 215.211718] mac80211_hwsim_new_radio+0x2759/0x4d50 [ 215.212562] init_mac80211_hwsim+0x389/0x870 [ 215.213331] do_one_initcall+0xf9/0x640 [ 215.214062] kernel_init_freeable+0x53d/0x7a0 [ 215.214857] kernel_init+0x1e/0x2d0 [ 215.215485] ret_from_fork+0x48/0x80 [ 215.216141] ret_from_fork_asm+0x1a/0x30 [ 215.216863] [ 215.216863] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 215.217795] __lock_acquire+0x29fd/0x4580 [ 215.218534] lock_acquire+0x19b/0x520 [ 215.219196] __mutex_lock+0x13d/0xb50 [ 215.219869] unregister_netdevice_many_notify+0x1612/0x1c80 [ 215.220783] unregister_netdevice_queue+0x224/0x2e0 [ 215.221606] _cfg80211_unregister_wdev+0x57b/0x700 [ 215.222449] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 215.223262] ieee80211_unregister_hw+0x55/0x3a0 [ 215.224027] hwsim_exit_net+0x3a0/0x730 [ 215.224704] ops_exit_list+0xb3/0x180 [ 215.225375] cleanup_net+0x546/0xad0 [ 215.226026] process_one_work+0x8ee/0x1a10 [ 215.226768] worker_thread+0x674/0xe70 [ 215.227491] kthread+0x3ab/0x720 [ 215.228125] ret_from_fork+0x48/0x80 [ 215.228756] ret_from_fork_asm+0x1a/0x30 [ 215.229503] [ 215.229503] other info that might help us debug this: [ 215.229503] [ 215.230629] Possible unsafe locking scenario: [ 215.230629] [ 215.231469] CPU0 CPU1 [ 215.232148] ---- ---- [ 215.232868] lock(&rdev->wiphy.mtx); [ 215.233532] lock(rtnl_mutex); [ 215.234409] lock(&rdev->wiphy.mtx); [ 215.235351] lock(rtnl_mutex); [ 215.235873] [ 215.235873] *** DEADLOCK *** [ 215.235873] [ 215.236723] 4 locks held by kworker/u8:0/11: [ 215.237390] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 215.238897] #1: ffff8880095dfd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 215.240343] #2: ffffffff8620f810 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 215.241828] #3: ffff888015ed0768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 215.243632] [ 215.243632] stack backtrace: [ 215.244292] CPU: 0 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.13.0-rc7-next-20250117 #1 [ 215.245492] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 215.246635] Workqueue: netns cleanup_net [ 215.247274] Call Trace: [ 215.247673] [ 215.248015] dump_stack_lvl+0xca/0x120 [ 215.248621] print_circular_bug+0x47b/0x750 [ 215.249281] check_noncircular+0x2e9/0x3c0 [ 215.249902] ? srso_return_thunk+0x5/0x5f [ 215.250543] ? __pfx_check_noncircular+0x10/0x10 [ 215.251267] ? hlock_class+0x4e/0x130 [ 215.251942] ? mark_lock+0xac/0xed0 [ 215.252553] ? __pfx___resched_curr+0x10/0x10 [ 215.253270] ? lockdep_lock+0xba/0x1b0 [ 215.253938] ? __pfx_lockdep_lock+0x10/0x10 [ 215.254678] __lock_acquire+0x29fd/0x4580 [ 215.255368] ? __pfx___lock_acquire+0x10/0x10 [ 215.256084] ? lock_release+0x20f/0x6f0 [ 215.256727] ? __pfx_lock_release+0x10/0x10 [ 215.257594] lock_acquire+0x19b/0x520 [ 215.258218] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 215.259127] ? __pfx_lock_acquire+0x10/0x10 [ 215.259810] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 215.260636] ? srso_return_thunk+0x5/0x5f [ 215.261380] ? lock_is_held_type+0x9e/0x120 [ 215.262132] ? srso_return_thunk+0x5/0x5f [ 215.262845] __mutex_lock+0x13d/0xb50 [ 215.263500] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 215.264445] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 215.265398] ? srso_return_thunk+0x5/0x5f [ 215.266091] ? synchronize_rcu_expedited+0x38a/0x420 [ 215.266944] ? __pfx___mutex_lock+0x10/0x10 [ 215.267623] ? __pfx_autoremove_wake_function+0x10/0x10 [ 215.268396] ? srso_return_thunk+0x5/0x5f [ 215.268997] ? kasan_quarantine_put+0x84/0x1e0 [ 215.269781] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 215.270441] ? srso_return_thunk+0x5/0x5f [ 215.271083] unregister_netdevice_many_notify+0x1612/0x1c80 [ 215.271971] ? __virt_addr_valid+0x2e8/0x5d0 [ 215.272704] ? __pfx_lock_release+0x10/0x10 [ 215.273464] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 215.274391] ? find_held_lock+0x2c/0x110 [ 215.275062] ? srso_return_thunk+0x5/0x5f [ 215.275797] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 215.276619] ? srso_return_thunk+0x5/0x5f [ 215.277275] ? lock_release+0x20f/0x6f0 [ 215.277896] ? __pfx_lock_release+0x10/0x10 [ 215.278616] ? srso_return_thunk+0x5/0x5f [ 215.279298] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 215.280124] ? srso_return_thunk+0x5/0x5f [ 215.280769] unregister_netdevice_queue+0x224/0x2e0 [ 215.281572] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 215.282420] ? up_write+0x195/0x520 [ 215.283006] _cfg80211_unregister_wdev+0x57b/0x700 [ 215.283761] ? srso_return_thunk+0x5/0x5f [ 215.284416] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 215.285175] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 215.286007] ? srso_return_thunk+0x5/0x5f [ 215.286658] ? srso_return_thunk+0x5/0x5f [ 215.287316] ? synchronize_rcu+0x1ff/0x260 [ 215.287962] ieee80211_unregister_hw+0x55/0x3a0 [ 215.288678] hwsim_exit_net+0x3a0/0x730 [ 215.289296] ? __pfx_hwsim_exit_net+0x10/0x10 [ 215.289990] ? srso_return_thunk+0x5/0x5f [ 215.290646] ? netdev_run_todo+0x788/0x1040 [ 215.291307] ? __pfx_hwsim_exit_net+0x10/0x10 [ 215.291991] ops_exit_list+0xb3/0x180 [ 215.292580] cleanup_net+0x546/0xad0 [ 215.293167] ? __pfx_cleanup_net+0x10/0x10 [ 215.293838] process_one_work+0x8ee/0x1a10 [ 215.294529] ? __pfx_lock_acquire+0x10/0x10 [ 215.295190] ? __pfx_process_one_work+0x10/0x10 [ 215.295927] ? srso_return_thunk+0x5/0x5f [ 215.296589] ? move_linked_works+0x172/0x270 [ 215.297267] ? srso_return_thunk+0x5/0x5f [ 215.297940] ? assign_work+0x196/0x240 [ 215.298572] worker_thread+0x674/0xe70 [ 215.299198] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 215.300038] ? __pfx_worker_thread+0x10/0x10 [ 215.300738] kthread+0x3ab/0x720 [ 215.301342] ? __pfx_kthread+0x10/0x10 [ 215.301980] ? srso_return_thunk+0x5/0x5f [ 215.302631] ? finish_task_switch.isra.0+0x206/0x840 [ 215.303447] ? __pfx_kthread+0x10/0x10 [ 215.304121] ret_from_fork+0x48/0x80 [ 215.304674] ? __pfx_kthread+0x10/0x10 [ 215.305290] ret_from_fork_asm+0x1a/0x30 [ 215.305963] [ 216.796443] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 216.797181] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 216.797963] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 216.803812] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 216.807641] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 216.808326] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 216.870677] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 216.872771] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 216.873817] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 216.876108] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 216.877834] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 216.878774] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 216.992443] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 216.993734] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 216.995035] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 216.997168] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 216.998751] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 216.999895] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 217.053704] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 217.054296] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 217.055098] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 217.057628] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 217.058793] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 217.060102] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 217.164324] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 217.167038] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 217.168394] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 217.176700] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 217.188129] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 217.188554] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 217.188754] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 217.203824] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 217.221999] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 217.242162] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 217.242330] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 217.254680] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 217.254842] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 217.260335] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 217.287689] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 217.287949] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 217.288282] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 217.288915] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 217.291500] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 217.297754] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 217.298253] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 217.298532] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 217.302053] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 217.316329] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 218.838491] Bluetooth: hci0: command tx timeout [ 218.901508] Bluetooth: hci1: command tx timeout [ 219.029806] Bluetooth: hci2: command tx timeout [ 219.094496] Bluetooth: hci3: command tx timeout [ 219.350502] Bluetooth: hci6: command tx timeout [ 219.350592] Bluetooth: hci4: command tx timeout [ 219.414490] Bluetooth: hci7: command tx timeout [ 219.605589] Bluetooth: hci5: command tx timeout [ 220.888475] Bluetooth: hci0: command tx timeout [ 220.949615] Bluetooth: hci1: command tx timeout [ 221.078676] Bluetooth: hci2: command tx timeout [ 221.141514] Bluetooth: hci3: command tx timeout [ 221.397620] Bluetooth: hci4: command tx timeout [ 221.398194] Bluetooth: hci6: command tx timeout [ 221.462567] Bluetooth: hci7: command tx timeout [ 221.654509] Bluetooth: hci5: command tx timeout [ 222.933591] Bluetooth: hci0: command tx timeout [ 222.997568] Bluetooth: hci1: command tx timeout [ 223.125505] Bluetooth: hci2: command tx timeout [ 223.190517] Bluetooth: hci3: command tx timeout [ 223.445540] Bluetooth: hci6: command tx timeout [ 223.445614] Bluetooth: hci4: command tx timeout [ 223.509508] Bluetooth: hci7: command tx timeout [ 223.702479] Bluetooth: hci5: command tx timeout [ 224.981491] Bluetooth: hci0: command tx timeout [ 225.045586] Bluetooth: hci1: command tx timeout [ 225.174513] Bluetooth: hci2: command tx timeout VM DIAGNOSIS: 06:38:05 Registers: info registers vcpu 0 RAX=dffffc0000000005 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9 RSI=ffffffff8283cd30 RDI=ffffffff886930a0 RBP=ffffffff88693060 RSP=ffff8880095debc0 R8 =0000000000000001 R9 =ffffed10012bbd67 R10=0000000000000001 R11=2f72656b726f776b R12=ffffffff886930b0 R13=ffff8880095deeb8 R14=ffffffff88693320 R15=0000000000000000 RIP=ffffffff8283cd85 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f7d26e57b70 CR3=000000000cec6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=8a0c2cdafa52b787cf4f8462643790c2 XMM02=00000000000fe9f0d12871896912de2d XMM03=0000000000136de8f9980df3bdc2dbad XMM04=ae285a26531dd16500000000000ae988 XMM05=3cc027b654ebc506000000000013f9a8 XMM06=9f165a4fe6c971ad0000000000136ef0 XMM07=711fbe8126c5d3440000000000136de8 XMM08=68a8aee3740b9fad00000000000fe9f0 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000200000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=ffff88800b975340 RCX=ffffffff81429a0f RDX=ffff88800b975340 RSI=0000000000000000 RDI=0000000000000005 RBP=0000000000200000 RSP=ffff88800bfd7db8 R8 =0000000000000000 R9 =ffffed1001e57380 R10=0000000000200000 R11=ffff88800b9757f8 R12=ffffffff85d5fff9 R13=ffff888008c50378 R14=ffff88800b975340 R15=0000000000000086 RIP=ffffffff81429a13 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055dd3b0988c8 CR3=0000000019fce000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=000000c0000c2840000000c0000bad80 XMM02=000000c00005be90000000c00005be60 XMM03=000000c00005bf50000000c00005bf20 XMM04=000000c000087230000000c000087200 XMM05=000000c00005bf80000000c00005bf50 XMM06=000000c00005bfb0000000c00005a4b0 XMM07=000000c0000a6030000000c0000a6000 XMM08=000000c0000a6090000000c0000a6060 XMM09=000000c0000a60f0000000c0000a60c0 XMM10=000000c0000a6150000000c0000a6120 XMM11=000000c00005a4e0000000c0000a6180 XMM12=000000c0000a8c60000000c0000a61b0 XMM13=000000c000086660000000c000086630 XMM14=000000c0000866c0000000c000086690 XMM15=000000c0000a1080000000c0000866f0