Warning: Permanently added '[localhost]:50728' (ECDSA) to the list of known hosts. 2025/01/18 13:48:11 fuzzer started 2025/01/18 13:48:12 dialing manager at localhost:44245 syzkaller login: [ 67.260650] cgroup: Unknown subsys name 'net' [ 67.362273] cgroup: Unknown subsys name 'cpuset' [ 67.387706] cgroup: Unknown subsys name 'rlimit' [ 74.190218] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/18 13:48:31 syscalls: 2217 2025/01/18 13:48:31 code coverage: enabled 2025/01/18 13:48:31 comparison tracing: enabled 2025/01/18 13:48:31 extra coverage: enabled 2025/01/18 13:48:31 setuid sandbox: enabled 2025/01/18 13:48:31 namespace sandbox: enabled 2025/01/18 13:48:31 Android sandbox: enabled 2025/01/18 13:48:31 fault injection: enabled 2025/01/18 13:48:31 leak checking: enabled 2025/01/18 13:48:31 net packet injection: enabled 2025/01/18 13:48:31 net device setup: enabled 2025/01/18 13:48:31 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/18 13:48:31 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/18 13:48:31 USB emulation: enabled 2025/01/18 13:48:31 hci packet injection: enabled 2025/01/18 13:48:31 wifi device emulation: enabled 2025/01/18 13:48:31 802.15.4 emulation: enabled 2025/01/18 13:48:31 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/18 13:48:31 fetching corpus: 50, signal 30361/33202 (executing program) 2025/01/18 13:48:31 fetching corpus: 100, signal 41238/44839 (executing program) 2025/01/18 13:48:32 fetching corpus: 150, signal 48190/52570 (executing program) 2025/01/18 13:48:32 fetching corpus: 200, signal 52908/57921 (executing program) 2025/01/18 13:48:32 fetching corpus: 250, signal 57035/62581 (executing program) 2025/01/18 13:48:32 fetching corpus: 300, signal 60801/66791 (executing program) 2025/01/18 13:48:32 fetching corpus: 350, signal 64248/70565 (executing program) 2025/01/18 13:48:33 fetching corpus: 400, signal 67484/74065 (executing program) 2025/01/18 13:48:33 fetching corpus: 450, signal 71682/78192 (executing program) 2025/01/18 13:48:33 fetching corpus: 500, signal 73658/80432 (executing program) 2025/01/18 13:48:33 fetching corpus: 550, signal 76453/83236 (executing program) 2025/01/18 13:48:33 fetching corpus: 600, signal 79530/86098 (executing program) 2025/01/18 13:48:33 fetching corpus: 650, signal 83649/89669 (executing program) 2025/01/18 13:48:33 fetching corpus: 700, signal 86253/92025 (executing program) 2025/01/18 13:48:33 fetching corpus: 750, signal 88783/94203 (executing program) 2025/01/18 13:48:34 fetching corpus: 800, signal 90442/95686 (executing program) 2025/01/18 13:48:34 fetching corpus: 850, signal 91835/96893 (executing program) 2025/01/18 13:48:34 fetching corpus: 900, signal 93670/98310 (executing program) 2025/01/18 13:48:34 fetching corpus: 950, signal 96233/100148 (executing program) 2025/01/18 13:48:34 fetching corpus: 1000, signal 97585/101181 (executing program) 2025/01/18 13:48:34 fetching corpus: 1050, signal 99309/102394 (executing program) 2025/01/18 13:48:35 fetching corpus: 1100, signal 100697/103294 (executing program) 2025/01/18 13:48:35 fetching corpus: 1150, signal 101842/104061 (executing program) 2025/01/18 13:48:35 fetching corpus: 1200, signal 103014/104772 (executing program) 2025/01/18 13:48:35 fetching corpus: 1250, signal 104385/105527 (executing program) 2025/01/18 13:48:35 fetching corpus: 1264, signal 104923/105830 (executing program) 2025/01/18 13:48:35 fetching corpus: 1264, signal 104923/105859 (executing program) 2025/01/18 13:48:35 fetching corpus: 1264, signal 104923/105896 (executing program) 2025/01/18 13:48:35 fetching corpus: 1264, signal 104923/105932 (executing program) 2025/01/18 13:48:35 fetching corpus: 1264, signal 104923/105967 (executing program) 2025/01/18 13:48:35 fetching corpus: 1264, signal 104923/105995 (executing program) 2025/01/18 13:48:35 fetching corpus: 1264, signal 104923/106029 (executing program) 2025/01/18 13:48:35 fetching corpus: 1264, signal 104923/106061 (executing program) 2025/01/18 13:48:35 fetching corpus: 1264, signal 104923/106092 (executing program) 2025/01/18 13:48:35 fetching corpus: 1264, signal 104923/106120 (executing program) 2025/01/18 13:48:35 fetching corpus: 1264, signal 104923/106141 (executing program) 2025/01/18 13:48:35 fetching corpus: 1264, signal 104923/106163 (executing program) 2025/01/18 13:48:35 fetching corpus: 1264, signal 104923/106194 (executing program) 2025/01/18 13:48:35 fetching corpus: 1264, signal 104923/106221 (executing program) 2025/01/18 13:48:35 fetching corpus: 1264, signal 104923/106250 (executing program) 2025/01/18 13:48:35 fetching corpus: 1264, signal 104923/106283 (executing program) 2025/01/18 13:48:35 fetching corpus: 1264, signal 104923/106330 (executing program) 2025/01/18 13:48:35 fetching corpus: 1264, signal 104923/106355 (executing program) 2025/01/18 13:48:35 fetching corpus: 1264, signal 104923/106389 (executing program) 2025/01/18 13:48:35 fetching corpus: 1264, signal 104923/106411 (executing program) 2025/01/18 13:48:35 fetching corpus: 1264, signal 104923/106441 (executing program) 2025/01/18 13:48:35 fetching corpus: 1264, signal 104923/106470 (executing program) 2025/01/18 13:48:35 fetching corpus: 1264, signal 104923/106511 (executing program) 2025/01/18 13:48:35 fetching corpus: 1264, signal 104923/106544 (executing program) 2025/01/18 13:48:36 fetching corpus: 1264, signal 104923/106569 (executing program) 2025/01/18 13:48:36 fetching corpus: 1264, signal 104923/106610 (executing program) 2025/01/18 13:48:36 fetching corpus: 1264, signal 104923/106644 (executing program) 2025/01/18 13:48:36 fetching corpus: 1264, signal 104923/106655 (executing program) 2025/01/18 13:48:36 fetching corpus: 1264, signal 104923/106655 (executing program) 2025/01/18 13:48:39 starting 8 fuzzer processes 13:48:39 executing program 0: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/cgroups\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/130, 0x82}], 0x1, 0x10001, 0x0) 13:48:39 executing program 1: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpid() r2 = pidfd_open(r1, 0x0) pidfd_getfd(r2, r0, 0x0) 13:48:39 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x0) fcntl$lock(r0, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x6}) fcntl$lock(r0, 0x6, &(0x7f0000000040)={0x0, 0x0, 0xe900}) 13:48:39 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x11, r0, 0x0) mount$tmpfs(0x0, 0x0, &(0x7f0000000180), 0x0, 0x0) [ 94.658882] audit: type=1400 audit(1737208119.657:7): avc: denied { execmem } for pid=281 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 13:48:39 executing program 4: keyctl$revoke(0x3, 0x0) 13:48:39 executing program 5: r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x40010, r0, 0x0) 13:48:39 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_timeval(r0, 0x1, 0x2, &(0x7f0000000000)={0x77359400}, 0x10) 13:48:39 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$sock_int(r1, 0x1, 0x2f, &(0x7f0000000380)=0xffffffff, 0x4) socket$inet_tcp(0x2, 0x1, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040)) write(0xffffffffffffffff, &(0x7f0000000200)='E', 0x140000) sendmsg$DEVLINK_CMD_SB_POOL_SET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="cc000004424aa3fcc03929118084aa553172425e1f260100741aa9323bfb52c7784db8ee39", @ANYRES16=0x0, @ANYBLOB="200029bd7000fbdbdf2510000000080001007063690011000200303030303a30303a31302e300000000008000b0000000000060011004000000008001300040000000500140000000000080001007063690011000200303030303a30303a31302e300000000008000b00070000000600110007000000080013000000008005001400010000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008000b0000000000c6ff11000000000008001300000000000500140000000000"], 0xcc}, 0x1, 0x0, 0x0, 0x20000000}, 0x40000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r3, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) [ 96.238035] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 96.241521] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 96.241969] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 96.243019] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 96.243784] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 96.244178] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 96.244725] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 96.246483] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 96.246904] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 96.247764] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 96.248410] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 96.249736] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 96.255531] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 96.255796] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 96.267776] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 96.268740] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 96.269062] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 96.270763] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 96.361259] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 96.366918] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 96.369132] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 96.388773] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 96.393614] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 96.396613] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 96.434170] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 96.441066] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 96.444071] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 96.444808] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 96.447678] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 96.451569] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 96.457433] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 96.459480] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 96.459580] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 96.459751] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 96.464079] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 96.464121] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 96.483605] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 96.491493] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 96.500646] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 96.502244] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 96.517503] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 96.517523] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 96.523935] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 96.528340] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 96.532657] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 96.559695] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 96.572673] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 96.581255] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 98.321674] Bluetooth: hci0: command tx timeout [ 98.322770] Bluetooth: hci2: command tx timeout [ 98.322981] Bluetooth: hci1: command tx timeout [ 98.449409] Bluetooth: hci3: command tx timeout [ 98.515025] Bluetooth: hci4: command tx timeout [ 98.577435] Bluetooth: hci6: command tx timeout [ 98.578587] Bluetooth: hci5: command tx timeout [ 98.643346] Bluetooth: hci7: command tx timeout [ 100.369569] Bluetooth: hci1: command tx timeout [ 100.370045] Bluetooth: hci2: command tx timeout [ 100.370150] Bluetooth: hci0: command tx timeout [ 100.498666] Bluetooth: hci3: command tx timeout [ 100.562569] Bluetooth: hci4: command tx timeout [ 100.625563] Bluetooth: hci6: command tx timeout [ 100.625655] Bluetooth: hci5: command tx timeout [ 100.690395] Bluetooth: hci7: command tx timeout [ 102.417422] Bluetooth: hci0: command tx timeout [ 102.417522] Bluetooth: hci2: command tx timeout [ 102.418170] Bluetooth: hci1: command tx timeout [ 102.546203] Bluetooth: hci3: command tx timeout [ 102.610483] Bluetooth: hci4: command tx timeout [ 102.674377] Bluetooth: hci5: command tx timeout [ 102.674478] Bluetooth: hci6: command tx timeout [ 102.738399] Bluetooth: hci7: command tx timeout [ 104.466396] Bluetooth: hci1: command tx timeout [ 104.466492] Bluetooth: hci2: command tx timeout [ 104.466581] Bluetooth: hci0: command tx timeout [ 104.593352] Bluetooth: hci3: command tx timeout [ 104.657402] Bluetooth: hci4: command tx timeout [ 104.722445] Bluetooth: hci6: command tx timeout [ 104.722541] Bluetooth: hci5: command tx timeout [ 104.787478] Bluetooth: hci7: command tx timeout [ 155.856125] syz-executor.0 (289) used greatest stack depth: 24288 bytes left [ 158.819210] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 158.823880] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 158.827694] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 158.833083] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 158.840050] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 158.842934] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 158.895981] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 158.902018] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 158.904868] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 158.914660] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 158.918000] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 158.920718] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 158.959901] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 158.964733] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 158.970154] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 158.976090] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 158.980167] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 158.986838] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 159.062505] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 159.065692] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 159.069704] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 159.076731] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 159.080079] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 159.086861] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 159.381885] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 159.388385] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 159.388837] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 159.404159] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 159.414075] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 159.415434] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 159.435245] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 159.448161] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 159.454117] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 159.470907] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 159.478237] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 159.478783] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 159.479851] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 159.501764] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 159.548180] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 159.551145] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 159.552001] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 159.569413] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 159.579178] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 159.595466] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 159.620030] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 159.631683] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 159.636645] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 159.640592] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 160.914453] Bluetooth: hci0: command tx timeout [ 160.977403] Bluetooth: hci1: command tx timeout [ 161.169354] Bluetooth: hci3: command tx timeout [ 161.169780] Bluetooth: hci2: command tx timeout [ 161.617358] Bluetooth: hci6: command tx timeout [ 161.681342] Bluetooth: hci5: command tx timeout [ 161.745388] Bluetooth: hci4: command tx timeout [ 161.809335] Bluetooth: hci7: command tx timeout [ 162.961385] Bluetooth: hci0: command tx timeout [ 163.025526] Bluetooth: hci1: command tx timeout [ 163.218427] Bluetooth: hci3: command tx timeout [ 163.218626] Bluetooth: hci2: command tx timeout [ 163.665565] Bluetooth: hci6: command tx timeout [ 163.729502] Bluetooth: hci5: command tx timeout [ 163.793602] Bluetooth: hci4: command tx timeout [ 163.857439] Bluetooth: hci7: command tx timeout [ 165.009499] Bluetooth: hci0: command tx timeout [ 165.073431] Bluetooth: hci1: command tx timeout [ 165.267304] Bluetooth: hci2: command tx timeout [ 165.267401] Bluetooth: hci3: command tx timeout [ 165.713396] Bluetooth: hci6: command tx timeout [ 165.778345] Bluetooth: hci5: command tx timeout [ 165.841490] Bluetooth: hci4: command tx timeout [ 165.905531] Bluetooth: hci7: command tx timeout [ 167.057380] Bluetooth: hci0: command tx timeout [ 167.121448] Bluetooth: hci1: command tx timeout [ 167.313476] Bluetooth: hci3: command tx timeout [ 167.313650] Bluetooth: hci2: command tx timeout [ 167.764402] Bluetooth: hci6: command tx timeout [ 167.825467] Bluetooth: hci5: command tx timeout [ 167.889522] Bluetooth: hci4: command tx timeout [ 167.953404] Bluetooth: hci7: command tx timeout [ 218.922613] [ 218.922848] ====================================================== [ 218.923451] WARNING: possible circular locking dependency detected [ 218.924073] 6.13.0-rc7-next-20250117 #1 Not tainted [ 218.924541] ------------------------------------------------------ [ 218.928262] kworker/u8:0/11 is trying to acquire lock: [ 218.932014] ffffffff8621b968 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 218.934227] [ 218.934227] but task is already holding lock: [ 218.935453] ffff888035898768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 218.937557] [ 218.937557] which lock already depends on the new lock. [ 218.937557] [ 218.939202] [ 218.939202] the existing dependency chain (in reverse order) is: [ 218.940725] [ 218.940725] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 218.942150] __mutex_lock+0x13d/0xb50 [ 218.943133] wiphy_register+0x1b2e/0x25d0 [ 218.944202] ieee80211_register_hw+0x23a4/0x3d60 [ 218.945345] mac80211_hwsim_new_radio+0x2759/0x4d50 [ 218.946552] init_mac80211_hwsim+0x389/0x870 [ 218.947684] do_one_initcall+0xf9/0x640 [ 218.948713] kernel_init_freeable+0x53d/0x7a0 [ 218.949846] kernel_init+0x1e/0x2d0 [ 218.950755] ret_from_fork+0x48/0x80 [ 218.951692] ret_from_fork_asm+0x1a/0x30 [ 218.952752] [ 218.952752] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 218.954076] __lock_acquire+0x29fd/0x4580 [ 218.955122] lock_acquire+0x19b/0x520 [ 218.956109] __mutex_lock+0x13d/0xb50 [ 218.957096] unregister_netdevice_many_notify+0x1612/0x1c80 [ 218.958431] unregister_netdevice_queue+0x224/0x2e0 [ 218.959633] _cfg80211_unregister_wdev+0x57b/0x700 [ 218.960849] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 218.962044] ieee80211_unregister_hw+0x55/0x3a0 [ 218.963182] hwsim_exit_net+0x3a0/0x730 [ 218.964200] ops_exit_list+0xb3/0x180 [ 218.965163] cleanup_net+0x546/0xad0 [ 218.966116] process_one_work+0x8ee/0x1a10 [ 218.967209] worker_thread+0x674/0xe70 [ 218.968259] kthread+0x3ab/0x720 [ 218.969175] ret_from_fork+0x48/0x80 [ 218.970107] ret_from_fork_asm+0x1a/0x30 [ 218.971160] [ 218.971160] other info that might help us debug this: [ 218.971160] [ 218.972780] Possible unsafe locking scenario: [ 218.972780] [ 218.974005] CPU0 CPU1 [ 218.974975] ---- ---- [ 218.975950] lock(&rdev->wiphy.mtx); [ 218.976816] lock(rtnl_mutex); [ 218.978073] lock(&rdev->wiphy.mtx); [ 218.979411] lock(rtnl_mutex); [ 218.980191] [ 218.980191] *** DEADLOCK *** [ 218.980191] [ 218.981416] 4 locks held by kworker/u8:0/11: [ 218.982361] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 218.984568] #1: ffff8880095dfd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 218.986691] #2: ffffffff8620f810 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 218.988487] #3: ffff888035898768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 218.989817] [ 218.989817] stack backtrace: [ 218.990388] CPU: 1 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.13.0-rc7-next-20250117 #1 [ 218.991427] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 218.992369] Workqueue: netns cleanup_net [ 218.992755] Call Trace: [ 218.992990] [ 218.993203] dump_stack_lvl+0xca/0x120 [ 218.993590] print_circular_bug+0x47b/0x750 [ 218.993998] check_noncircular+0x2e9/0x3c0 [ 218.994402] ? __pfx_check_noncircular+0x10/0x10 [ 218.994843] ? hlock_class+0x4e/0x130 [ 218.995198] ? mark_lock+0xac/0xed0 [ 218.995548] ? srso_return_thunk+0x5/0x5f [ 218.995960] ? dl_scaled_delta_exec+0xd4/0x2c0 [ 218.996395] ? lockdep_lock+0xba/0x1b0 [ 218.996784] ? __pfx_lockdep_lock+0x10/0x10 [ 218.997211] __lock_acquire+0x29fd/0x4580 [ 218.997614] ? __pfx___lock_acquire+0x10/0x10 [ 218.998055] ? lock_release+0x20f/0x6f0 [ 218.998442] ? __pfx_lock_release+0x10/0x10 [ 218.998853] lock_acquire+0x19b/0x520 [ 218.999222] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 218.999766] ? __pfx_lock_acquire+0x10/0x10 [ 219.000176] ? srso_return_thunk+0x5/0x5f [ 219.000580] ? lock_release+0x20f/0x6f0 [ 219.000960] ? srso_return_thunk+0x5/0x5f [ 219.001393] ? lock_is_held_type+0x9e/0x120 [ 219.001845] ? srso_return_thunk+0x5/0x5f [ 219.002280] __mutex_lock+0x13d/0xb50 [ 219.002682] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 219.003256] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 219.003838] ? srso_return_thunk+0x5/0x5f [ 219.004271] ? synchronize_rcu_expedited+0x38a/0x420 [ 219.004776] ? __pfx___mutex_lock+0x10/0x10 [ 219.005224] ? __pfx_autoremove_wake_function+0x10/0x10 [ 219.005760] ? srso_return_thunk+0x5/0x5f [ 219.006194] ? kasan_quarantine_put+0x84/0x1e0 [ 219.006673] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 219.007126] ? srso_return_thunk+0x5/0x5f [ 219.007566] unregister_netdevice_many_notify+0x1612/0x1c80 [ 219.008132] ? __virt_addr_valid+0x2e8/0x5d0 [ 219.008591] ? __pfx_lock_release+0x10/0x10 [ 219.009030] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 219.009617] ? find_held_lock+0x2c/0x110 [ 219.010046] ? srso_return_thunk+0x5/0x5f [ 219.010487] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 219.010993] ? srso_return_thunk+0x5/0x5f [ 219.011426] ? lock_release+0x20f/0x6f0 [ 219.011839] ? __pfx_lock_release+0x10/0x10 [ 219.012277] ? srso_return_thunk+0x5/0x5f [ 219.012712] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 219.013236] ? srso_return_thunk+0x5/0x5f [ 219.013678] unregister_netdevice_queue+0x224/0x2e0 [ 219.014177] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 219.014716] ? up_write+0x195/0x520 [ 219.015109] _cfg80211_unregister_wdev+0x57b/0x700 [ 219.015606] ? srso_return_thunk+0x5/0x5f [ 219.016049] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 219.016546] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 219.017093] ? srso_return_thunk+0x5/0x5f [ 219.017526] ? srso_return_thunk+0x5/0x5f [ 219.017958] ? synchronize_rcu+0x1ff/0x260 [ 219.018391] ieee80211_unregister_hw+0x55/0x3a0 [ 219.018858] hwsim_exit_net+0x3a0/0x730 [ 219.019266] ? __pfx_hwsim_exit_net+0x10/0x10 [ 219.019720] ? srso_return_thunk+0x5/0x5f [ 219.020155] ? netdev_run_todo+0x788/0x1040 [ 219.020600] ? __pfx_hwsim_exit_net+0x10/0x10 [ 219.021054] ops_exit_list+0xb3/0x180 [ 219.021444] cleanup_net+0x546/0xad0 [ 219.021825] ? __pfx_cleanup_net+0x10/0x10 [ 219.022268] process_one_work+0x8ee/0x1a10 [ 219.022719] ? __pfx_lock_acquire+0x10/0x10 [ 219.023160] ? __pfx_process_one_work+0x10/0x10 [ 219.023650] ? srso_return_thunk+0x5/0x5f [ 219.024088] ? move_linked_works+0x172/0x270 [ 219.024537] ? srso_return_thunk+0x5/0x5f [ 219.024968] ? assign_work+0x196/0x240 [ 219.025382] worker_thread+0x674/0xe70 [ 219.025794] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 219.026326] ? __pfx_worker_thread+0x10/0x10 [ 219.026789] kthread+0x3ab/0x720 [ 219.027154] ? __pfx_kthread+0x10/0x10 [ 219.027563] ? srso_return_thunk+0x5/0x5f [ 219.028002] ? finish_task_switch.isra.0+0x206/0x840 [ 219.028516] ? __pfx_kthread+0x10/0x10 [ 219.028928] ret_from_fork+0x48/0x80 [ 219.029308] ? __pfx_kthread+0x10/0x10 [ 219.029722] ret_from_fork_asm+0x1a/0x30 [ 219.030165] [ 220.700886] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 220.703006] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 220.708448] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 220.712984] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 220.716430] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 220.719674] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 220.903319] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 220.906789] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 220.909810] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 220.917039] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 220.924505] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 220.925418] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 220.964577] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 220.967560] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 220.968761] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 220.970872] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 220.972495] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 220.973193] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 221.028862] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 221.031933] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 221.033228] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 221.036008] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 221.037645] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 221.039015] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 221.120038] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 221.122515] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 221.129575] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 221.133939] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 221.136115] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 221.136768] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 221.219815] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 221.234606] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 221.246028] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 221.246546] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 221.254354] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 221.258903] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 221.262553] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 221.279763] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 221.280457] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 221.328566] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 221.340606] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 221.343413] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 221.354417] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 221.361644] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 221.362064] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 221.368957] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 221.375538] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 221.391129] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 222.738328] Bluetooth: hci0: command tx timeout [ 222.994344] Bluetooth: hci2: command tx timeout [ 222.994435] Bluetooth: hci1: command tx timeout [ 223.057323] Bluetooth: hci3: command tx timeout [ 223.186313] Bluetooth: hci4: command tx timeout [ 223.505466] Bluetooth: hci5: command tx timeout [ 223.506510] Bluetooth: hci6: command tx timeout [ 223.506578] Bluetooth: hci7: command tx timeout [ 224.785531] Bluetooth: hci0: command tx timeout [ 225.041408] Bluetooth: hci2: command tx timeout [ 225.041532] Bluetooth: hci1: command tx timeout [ 225.105423] Bluetooth: hci3: command tx timeout [ 225.234414] Bluetooth: hci4: command tx timeout [ 225.554321] Bluetooth: hci7: command tx timeout [ 225.554447] Bluetooth: hci6: command tx timeout [ 225.554517] Bluetooth: hci5: command tx timeout [ 226.833457] Bluetooth: hci0: command tx timeout [ 227.089425] Bluetooth: hci1: command tx timeout [ 227.089596] Bluetooth: hci2: command tx timeout [ 227.155277] Bluetooth: hci3: command tx timeout [ 227.281921] Bluetooth: hci4: command tx timeout [ 227.601556] Bluetooth: hci5: command tx timeout [ 227.601750] Bluetooth: hci6: command tx timeout [ 227.601844] Bluetooth: hci7: command tx timeout [ 228.883270] Bluetooth: hci0: command tx timeout VM DIAGNOSIS: 13:50:44 Registers: info registers vcpu 0 RAX=ffff88806ce00000 RBX=0000000000000000 RCX=ffffffff84a8bb27 RDX=ffffed100d9c6c4b RSI=0000000000000004 RDI=ffffffff814b1b6a RBP=dffffc0000000000 RSP=ffffffff85a07e10 R8 =0000000000000000 R9 =ffffed100d9c6c4a R10=ffff88806ce36253 R11=0000000000000001 R12=ffffffff864021d0 R13=1ffffffff0b40fc7 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff84a8cace RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f16a307e000 CR3=00000000136b2000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=d647020a18183bbb244a89d25ceb9536 XMM02=00000000000fd4a05d82995fcda31112 XMM03=00000000001340b0ee7587d5db12e8e3 XMM04=63d77b3dfae5c06a00000000000ae988 XMM05=3cc027b654ebc5060000000000140298 XMM06=9f165a4fe6c971ad0000000000138200 XMM07=711fbe8126c5d34400000000001380f8 XMM08=ee7587d5db12e8e300000000000fd4f8 XMM09=00000000000000000000000000000000 XMM10=20000000000000002000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8283cdc5 RDI=ffffffff886930a0 RBP=ffffffff88693060 RSP=ffff8880095debb8 R8 =0000000000000001 R9 =ffffed10012bbd67 R10=0000000000000031 R11=2f72656b726f776b R12=0000000000000031 R13=0000000000000001 R14=ffff888008fea005 R15=ffff8880095deeb8 RIP=ffffffff8283ce1d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00005563ff0172e0 CR3=000000001335e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=2033343a30353a3331203831206e614a XMM01=617420646570706f7453203a5d315b64 XMM02=6c6c694b20465220657661532f64616f XMM03=65747379732072656c6c616b7a797320 XMM04=2039333a38343a3331203831206e614a XMM05=65636f72703d7373616c63742030733a XMM06=733a755f6d65747379733d747865746e XMM07=725f6d65747379733a755f6d65747379 XMM08=7475636578652d7a7973223d6d6d6f63 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000