Warning: Permanently added '[localhost]:36292' (ECDSA) to the list of known hosts. 2025/01/18 13:58:01 fuzzer started 2025/01/18 13:58:01 dialing manager at localhost:44245 syzkaller login: [ 74.226504] cgroup: Unknown subsys name 'net' [ 74.372407] cgroup: Unknown subsys name 'cpuset' [ 74.412576] cgroup: Unknown subsys name 'rlimit' [ 82.204877] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/18 13:58:21 syscalls: 2217 2025/01/18 13:58:21 code coverage: enabled 2025/01/18 13:58:21 comparison tracing: enabled 2025/01/18 13:58:21 extra coverage: enabled 2025/01/18 13:58:21 setuid sandbox: enabled 2025/01/18 13:58:21 namespace sandbox: enabled 2025/01/18 13:58:21 Android sandbox: enabled 2025/01/18 13:58:21 fault injection: enabled 2025/01/18 13:58:21 leak checking: enabled 2025/01/18 13:58:21 net packet injection: enabled 2025/01/18 13:58:21 net device setup: enabled 2025/01/18 13:58:21 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/18 13:58:21 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/18 13:58:21 USB emulation: enabled 2025/01/18 13:58:21 hci packet injection: enabled 2025/01/18 13:58:21 wifi device emulation: enabled 2025/01/18 13:58:21 802.15.4 emulation: enabled 2025/01/18 13:58:21 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/18 13:58:21 fetching corpus: 50, signal 25092/28143 (executing program) 2025/01/18 13:58:22 fetching corpus: 100, signal 39384/43176 (executing program) 2025/01/18 13:58:22 fetching corpus: 150, signal 44179/48882 (executing program) 2025/01/18 13:58:22 fetching corpus: 200, signal 49582/54941 (executing program) 2025/01/18 13:58:22 fetching corpus: 250, signal 56030/61712 (executing program) 2025/01/18 13:58:22 fetching corpus: 300, signal 60403/66455 (executing program) 2025/01/18 13:58:22 fetching corpus: 350, signal 65190/71350 (executing program) 2025/01/18 13:58:23 fetching corpus: 400, signal 67378/73955 (executing program) 2025/01/18 13:58:23 fetching corpus: 450, signal 70346/77107 (executing program) 2025/01/18 13:58:23 fetching corpus: 500, signal 73006/79901 (executing program) 2025/01/18 13:58:23 fetching corpus: 550, signal 75179/82229 (executing program) 2025/01/18 13:58:23 fetching corpus: 600, signal 77752/84754 (executing program) 2025/01/18 13:58:23 fetching corpus: 650, signal 81360/87987 (executing program) 2025/01/18 13:58:24 fetching corpus: 700, signal 82964/89602 (executing program) 2025/01/18 13:58:24 fetching corpus: 750, signal 85181/91623 (executing program) 2025/01/18 13:58:24 fetching corpus: 800, signal 87873/93847 (executing program) 2025/01/18 13:58:24 fetching corpus: 850, signal 91191/96347 (executing program) 2025/01/18 13:58:24 fetching corpus: 900, signal 93665/98253 (executing program) 2025/01/18 13:58:24 fetching corpus: 950, signal 95510/99587 (executing program) 2025/01/18 13:58:24 fetching corpus: 1000, signal 96834/100592 (executing program) 2025/01/18 13:58:25 fetching corpus: 1050, signal 98221/101616 (executing program) 2025/01/18 13:58:25 fetching corpus: 1100, signal 100047/102861 (executing program) 2025/01/18 13:58:25 fetching corpus: 1150, signal 101961/104045 (executing program) 2025/01/18 13:58:25 fetching corpus: 1200, signal 103400/104902 (executing program) 2025/01/18 13:58:25 fetching corpus: 1250, signal 104733/105640 (executing program) 2025/01/18 13:58:25 fetching corpus: 1264, signal 104923/105777 (executing program) 2025/01/18 13:58:25 fetching corpus: 1264, signal 104923/105816 (executing program) 2025/01/18 13:58:25 fetching corpus: 1264, signal 104923/105847 (executing program) 2025/01/18 13:58:25 fetching corpus: 1264, signal 104923/105879 (executing program) 2025/01/18 13:58:25 fetching corpus: 1264, signal 104923/105911 (executing program) 2025/01/18 13:58:25 fetching corpus: 1264, signal 104923/105946 (executing program) 2025/01/18 13:58:25 fetching corpus: 1264, signal 104923/105977 (executing program) 2025/01/18 13:58:25 fetching corpus: 1264, signal 104923/106008 (executing program) 2025/01/18 13:58:25 fetching corpus: 1264, signal 104923/106038 (executing program) 2025/01/18 13:58:25 fetching corpus: 1264, signal 104923/106064 (executing program) 2025/01/18 13:58:25 fetching corpus: 1264, signal 104923/106103 (executing program) 2025/01/18 13:58:25 fetching corpus: 1264, signal 104923/106139 (executing program) 2025/01/18 13:58:25 fetching corpus: 1264, signal 104923/106170 (executing program) 2025/01/18 13:58:25 fetching corpus: 1264, signal 104923/106203 (executing program) 2025/01/18 13:58:25 fetching corpus: 1264, signal 104923/106234 (executing program) 2025/01/18 13:58:25 fetching corpus: 1264, signal 104923/106264 (executing program) 2025/01/18 13:58:25 fetching corpus: 1264, signal 104923/106296 (executing program) 2025/01/18 13:58:25 fetching corpus: 1264, signal 104923/106331 (executing program) 2025/01/18 13:58:25 fetching corpus: 1264, signal 104923/106377 (executing program) 2025/01/18 13:58:25 fetching corpus: 1264, signal 104923/106399 (executing program) 2025/01/18 13:58:25 fetching corpus: 1264, signal 104923/106436 (executing program) 2025/01/18 13:58:25 fetching corpus: 1264, signal 104923/106467 (executing program) 2025/01/18 13:58:26 fetching corpus: 1264, signal 104923/106493 (executing program) 2025/01/18 13:58:26 fetching corpus: 1264, signal 104923/106529 (executing program) 2025/01/18 13:58:26 fetching corpus: 1264, signal 104923/106568 (executing program) 2025/01/18 13:58:26 fetching corpus: 1264, signal 104923/106598 (executing program) 2025/01/18 13:58:26 fetching corpus: 1264, signal 104923/106641 (executing program) 2025/01/18 13:58:26 fetching corpus: 1264, signal 104923/106655 (executing program) 2025/01/18 13:58:26 fetching corpus: 1264, signal 104923/106655 (executing program) 2025/01/18 13:58:29 starting 8 fuzzer processes 13:58:29 executing program 0: perf_event_open(&(0x7f0000003c80)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mq_open(&(0x7f0000000040)='}\x00', 0x40, 0x0, &(0x7f0000000080)={0x2, 0x40800000000, 0xbb58, 0x895}) 13:58:29 executing program 1: syz_emit_ethernet(0x46, &(0x7f0000000080)={@local, @dev, @void, {@ipv4={0x800, @generic={{0xe, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x0, 0x0, @private=0xa010102, @remote, {[@timestamp_prespec={0x44, 0x24, 0x17, 0x3, 0x0, [{}, {}, {@empty}, {@local}]}]}}}}}}, 0x0) 13:58:29 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000000)=0x2, 0x4) ioctl$FS_IOC_SETFSLABEL(0xffffffffffffffff, 0x41009432, &(0x7f0000000100)="19202cdbb43b42aff347cfea7b3be1d7e94e0fb19ba558ab8785fe990b98bc9bac793bd7790a86d95691f932c1fba65e89463266837e4de78b1909310e8b121d57810354d21fca4638670eea2967af9a5e3ad3df53d41480a2e3251656c3bfbe0dc01976dd3a9e2ff42b09ad79f307e0ef8a0c0980debf554c8835a9ce0b88ab37809b5e204ea5c71ef41756e6743f01d775e3a9dc6e0d50c4441400d546f7a9ec06b68636b791705f2dca2d714f0e12552790d09ae22516470b791a51671290059b3673ddea6e8cf22905a62baaf3a812f88b37b7e17211db8422ceb2c3a9a5cfa606bd0f2fe323ecd3f61773eeb35e62b26ae3f823de2ba8f1242028e8fb9e") sendmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=ANY=[], 0x10}}], 0x2, 0x0) [ 101.515027] audit: type=1400 audit(1737208709.068:7): avc: denied { execmem } for pid=272 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 13:58:29 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000140)='coredump_filter\x00') writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)='f', 0x1}], 0x1) 13:58:29 executing program 5: ioperm(0x0, 0xfff, 0x7) mount_setattr(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) 13:58:29 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLOCK(r0, &(0x7f0000000040)={0x8}, 0x8) 13:58:29 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) shutdown(r0, 0x0) ppoll(&(0x7f0000000080)=[{r0}], 0x1, &(0x7f0000000100), 0x0, 0x0) 13:58:29 executing program 7: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040)) execveat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0) [ 102.794115] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 102.796450] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 102.798742] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 102.804076] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 102.806521] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 102.807296] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 102.862406] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 102.866291] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 102.867838] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 102.872704] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 102.873569] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 102.876569] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 102.881021] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 102.881469] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 102.883970] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 102.892224] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 102.906598] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 102.909207] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 102.917626] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 102.922059] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 102.927302] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 102.946194] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 102.950759] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 102.953354] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 102.993608] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 102.998434] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 103.007174] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 103.013288] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 103.018177] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 103.020362] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 103.063687] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 103.078528] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 103.080010] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 103.082094] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 103.083770] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 103.084228] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 103.089550] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 103.092298] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 103.094251] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 103.113368] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 103.120286] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 103.124324] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 103.131547] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 103.135872] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 103.141194] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 103.150009] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 103.152005] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 103.153932] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 104.888318] Bluetooth: hci0: command tx timeout [ 104.951277] Bluetooth: hci2: command tx timeout [ 104.951459] Bluetooth: hci1: command tx timeout [ 105.016018] Bluetooth: hci3: command tx timeout [ 105.080009] Bluetooth: hci4: command tx timeout [ 105.142971] Bluetooth: hci6: command tx timeout [ 105.206996] Bluetooth: hci7: command tx timeout [ 105.271162] Bluetooth: hci5: command tx timeout [ 106.935108] Bluetooth: hci0: command tx timeout [ 106.999191] Bluetooth: hci2: command tx timeout [ 106.999392] Bluetooth: hci1: command tx timeout [ 107.065996] Bluetooth: hci3: command tx timeout [ 107.126979] Bluetooth: hci4: command tx timeout [ 107.190981] Bluetooth: hci6: command tx timeout [ 107.255060] Bluetooth: hci7: command tx timeout [ 107.319000] Bluetooth: hci5: command tx timeout [ 108.983003] Bluetooth: hci0: command tx timeout [ 109.048127] Bluetooth: hci2: command tx timeout [ 109.048419] Bluetooth: hci1: command tx timeout [ 109.110963] Bluetooth: hci3: command tx timeout [ 109.175029] Bluetooth: hci4: command tx timeout [ 109.239126] Bluetooth: hci6: command tx timeout [ 109.302997] Bluetooth: hci7: command tx timeout [ 109.367925] Bluetooth: hci5: command tx timeout [ 111.031809] Bluetooth: hci0: command tx timeout [ 111.095041] Bluetooth: hci2: command tx timeout [ 111.095201] Bluetooth: hci1: command tx timeout [ 111.158969] Bluetooth: hci3: command tx timeout [ 111.223045] Bluetooth: hci4: command tx timeout [ 111.286966] Bluetooth: hci6: command tx timeout [ 111.352925] Bluetooth: hci7: command tx timeout [ 111.415007] Bluetooth: hci5: command tx timeout [ 162.589956] syz-executor.0 (281) used greatest stack depth: 24080 bytes left [ 163.644843] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 165.513662] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 165.517457] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 165.519781] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 165.529211] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 165.532637] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 165.540416] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 165.608796] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 165.613591] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 165.621410] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 165.635404] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 165.648579] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 165.650645] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 165.652808] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 165.656433] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 165.658579] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 165.665810] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 165.673227] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 165.675168] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 165.676448] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 165.678428] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 165.679495] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 165.704505] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 165.710327] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 165.713139] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 165.719322] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 165.724474] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 165.739459] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 165.762600] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 165.771267] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 165.773602] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 165.785204] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 165.791754] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 165.797206] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 165.800652] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 165.808251] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 165.812694] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 165.842838] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 165.894277] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 165.903679] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 165.908396] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 165.923074] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 165.934498] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 165.934686] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 165.940229] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 165.954660] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 165.995346] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 166.011102] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 166.016644] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 167.607978] Bluetooth: hci0: command tx timeout [ 167.735093] Bluetooth: hci2: command tx timeout [ 167.735484] Bluetooth: hci1: command tx timeout [ 167.800146] Bluetooth: hci4: command tx timeout [ 167.800794] Bluetooth: hci3: command tx timeout [ 167.991125] Bluetooth: hci6: command tx timeout [ 168.055441] Bluetooth: hci7: command tx timeout [ 168.056386] Bluetooth: hci5: command tx timeout [ 169.655289] Bluetooth: hci0: command tx timeout [ 169.783100] Bluetooth: hci2: command tx timeout [ 169.783261] Bluetooth: hci1: command tx timeout [ 169.847817] Bluetooth: hci3: command tx timeout [ 169.847850] Bluetooth: hci4: command tx timeout [ 170.039234] Bluetooth: hci6: command tx timeout [ 170.103947] Bluetooth: hci5: command tx timeout [ 170.103990] Bluetooth: hci7: command tx timeout [ 171.703197] Bluetooth: hci0: command tx timeout [ 171.832035] Bluetooth: hci1: command tx timeout [ 171.832073] Bluetooth: hci2: command tx timeout [ 171.895155] Bluetooth: hci4: command tx timeout [ 171.895191] Bluetooth: hci3: command tx timeout [ 172.087540] Bluetooth: hci6: command tx timeout [ 172.151306] Bluetooth: hci5: command tx timeout [ 172.151475] Bluetooth: hci7: command tx timeout [ 173.751108] Bluetooth: hci0: command tx timeout [ 173.878965] Bluetooth: hci2: command tx timeout [ 173.878995] Bluetooth: hci1: command tx timeout [ 173.942947] Bluetooth: hci4: command tx timeout [ 173.945894] Bluetooth: hci3: command tx timeout [ 174.134956] Bluetooth: hci6: command tx timeout [ 174.200922] Bluetooth: hci7: command tx timeout [ 174.201239] Bluetooth: hci5: command tx timeout [ 223.850055] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 223.850174] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 224.065197] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 224.065276] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 225.916691] [ 225.916917] ====================================================== [ 225.917520] WARNING: possible circular locking dependency detected [ 225.918118] 6.13.0-rc7-next-20250117 #1 Not tainted [ 225.918606] ------------------------------------------------------ [ 225.921222] kworker/u8:1/68 is trying to acquire lock: [ 225.924169] ffffffff8621b968 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 225.927989] [ 225.927989] but task is already holding lock: [ 225.929240] ffff88803be40768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 225.931400] [ 225.931400] which lock already depends on the new lock. [ 225.931400] [ 225.933061] [ 225.933061] the existing dependency chain (in reverse order) is: [ 225.934587] [ 225.934587] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 225.936059] __mutex_lock+0x13d/0xb50 [ 225.937099] wiphy_register+0x1b2e/0x25d0 [ 225.938201] ieee80211_register_hw+0x23a4/0x3d60 [ 225.939380] mac80211_hwsim_new_radio+0x2759/0x4d50 [ 225.940639] init_mac80211_hwsim+0x389/0x870 [ 225.941808] do_one_initcall+0xf9/0x640 [ 225.942852] kernel_init_freeable+0x53d/0x7a0 [ 225.943983] kernel_init+0x1e/0x2d0 [ 225.944926] ret_from_fork+0x48/0x80 [ 225.945872] ret_from_fork_asm+0x1a/0x30 [ 225.946928] [ 225.946928] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 225.948296] __lock_acquire+0x29fd/0x4580 [ 225.949387] lock_acquire+0x19b/0x520 [ 225.950405] __mutex_lock+0x13d/0xb50 [ 225.951420] unregister_netdevice_many_notify+0x1612/0x1c80 [ 225.952802] unregister_netdevice_queue+0x224/0x2e0 [ 225.954039] _cfg80211_unregister_wdev+0x57b/0x700 [ 225.955284] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 225.956488] ieee80211_unregister_hw+0x55/0x3a0 [ 225.957659] hwsim_exit_net+0x3a0/0x730 [ 225.958685] ops_exit_list+0xb3/0x180 [ 225.959660] cleanup_net+0x546/0xad0 [ 225.960627] process_one_work+0x8ee/0x1a10 [ 225.961745] worker_thread+0x674/0xe70 [ 225.962792] kthread+0x3ab/0x720 [ 225.963729] ret_from_fork+0x48/0x80 [ 225.964675] ret_from_fork_asm+0x1a/0x30 [ 225.965779] [ 225.965779] other info that might help us debug this: [ 225.965779] [ 225.967453] Possible unsafe locking scenario: [ 225.967453] [ 225.968692] CPU0 CPU1 [ 225.969667] ---- ---- [ 225.970641] lock(&rdev->wiphy.mtx); [ 225.971526] lock(rtnl_mutex); [ 225.972807] lock(&rdev->wiphy.mtx); [ 225.974158] lock(rtnl_mutex); [ 225.974931] [ 225.974931] *** DEADLOCK *** [ 225.974931] [ 225.976167] 4 locks held by kworker/u8:1/68: [ 225.977114] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 225.979320] #1: ffff88800f35fd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 225.981473] #2: ffffffff8620f810 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 225.983465] #3: ffff88803be40768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 225.985714] [ 225.985714] stack backtrace: [ 225.986647] CPU: 1 UID: 0 PID: 68 Comm: kworker/u8:1 Not tainted 6.13.0-rc7-next-20250117 #1 [ 225.988383] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 225.989907] Workqueue: netns cleanup_net [ 225.990471] Call Trace: [ 225.990817] [ 225.991124] dump_stack_lvl+0xca/0x120 [ 225.991670] print_circular_bug+0x47b/0x750 [ 225.992246] check_noncircular+0x2e9/0x3c0 [ 225.992818] ? lock_repin_lock+0x207/0x320 [ 225.993403] ? __pfx_check_noncircular+0x10/0x10 [ 225.993919] ? hlock_class+0x4e/0x130 [ 225.994273] ? mark_lock+0xac/0xed0 [ 225.994649] ? __pfx_lock_repin_lock+0x10/0x10 [ 225.995127] ? lockdep_lock+0xba/0x1b0 [ 225.995540] ? __pfx_lockdep_lock+0x10/0x10 [ 225.995994] __lock_acquire+0x29fd/0x4580 [ 225.996421] ? __pfx___lock_acquire+0x10/0x10 [ 225.996890] ? lock_release+0x20f/0x6f0 [ 225.997289] ? __pfx_lock_release+0x10/0x10 [ 225.997702] lock_acquire+0x19b/0x520 [ 225.998067] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 225.998618] ? __pfx_lock_acquire+0x10/0x10 [ 225.999032] ? srso_return_thunk+0x5/0x5f [ 225.999437] ? lock_release+0x20f/0x6f0 [ 225.999818] ? srso_return_thunk+0x5/0x5f [ 226.000228] ? lock_is_held_type+0x9e/0x120 [ 226.000647] ? srso_return_thunk+0x5/0x5f [ 226.001064] __mutex_lock+0x13d/0xb50 [ 226.001440] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 226.001974] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 226.002531] ? srso_return_thunk+0x5/0x5f [ 226.002964] ? synchronize_rcu_expedited+0x38a/0x420 [ 226.003470] ? __pfx___mutex_lock+0x10/0x10 [ 226.003917] ? __pfx_autoremove_wake_function+0x10/0x10 [ 226.004452] ? srso_return_thunk+0x5/0x5f [ 226.004888] ? kasan_quarantine_put+0x84/0x1e0 [ 226.005364] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 226.005817] ? srso_return_thunk+0x5/0x5f [ 226.006245] unregister_netdevice_many_notify+0x1612/0x1c80 [ 226.006761] ? __virt_addr_valid+0x2e8/0x5d0 [ 226.007200] ? __pfx_lock_release+0x10/0x10 [ 226.007628] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 226.008202] ? find_held_lock+0x2c/0x110 [ 226.008624] ? srso_return_thunk+0x5/0x5f [ 226.009057] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 226.009547] ? srso_return_thunk+0x5/0x5f [ 226.009953] ? lock_release+0x20f/0x6f0 [ 226.010360] ? __pfx_lock_release+0x10/0x10 [ 226.010795] ? srso_return_thunk+0x5/0x5f [ 226.011227] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 226.011748] ? srso_return_thunk+0x5/0x5f [ 226.012181] unregister_netdevice_queue+0x224/0x2e0 [ 226.012677] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 226.013230] ? up_write+0x195/0x520 [ 226.013623] _cfg80211_unregister_wdev+0x57b/0x700 [ 226.014120] ? srso_return_thunk+0x5/0x5f [ 226.014550] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 226.015040] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 226.015594] ? srso_return_thunk+0x5/0x5f [ 226.016025] ? srso_return_thunk+0x5/0x5f [ 226.016457] ? synchronize_rcu+0x1ff/0x260 [ 226.016895] ieee80211_unregister_hw+0x55/0x3a0 [ 226.017375] hwsim_exit_net+0x3a0/0x730 [ 226.017793] ? __pfx_hwsim_exit_net+0x10/0x10 [ 226.018244] ? srso_return_thunk+0x5/0x5f [ 226.018683] ? netdev_run_todo+0x788/0x1040 [ 226.019116] ? srso_return_thunk+0x5/0x5f [ 226.019570] ? __pfx_hwsim_exit_net+0x10/0x10 [ 226.020020] ops_exit_list+0xb3/0x180 [ 226.020408] cleanup_net+0x546/0xad0 [ 226.020808] ? __pfx_cleanup_net+0x10/0x10 [ 226.021243] process_one_work+0x8ee/0x1a10 [ 226.021702] ? __pfx_lock_acquire+0x10/0x10 [ 226.022132] ? __pfx_process_one_work+0x10/0x10 [ 226.022610] ? srso_return_thunk+0x5/0x5f [ 226.023037] ? move_linked_works+0x172/0x270 [ 226.023476] ? srso_return_thunk+0x5/0x5f [ 226.023911] ? assign_work+0x196/0x240 [ 226.024323] worker_thread+0x674/0xe70 [ 226.024737] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 226.025274] ? srso_return_thunk+0x5/0x5f [ 226.025688] ? __pfx_worker_thread+0x10/0x10 [ 226.026123] kthread+0x3ab/0x720 [ 226.026467] ? __pfx_kthread+0x10/0x10 [ 226.026850] ? srso_return_thunk+0x5/0x5f [ 226.027256] ? finish_task_switch.isra.0+0x206/0x840 [ 226.027742] ? __pfx_kthread+0x10/0x10 [ 226.028128] ret_from_fork+0x48/0x80 [ 226.028477] ? __pfx_kthread+0x10/0x10 [ 226.028867] ret_from_fork_asm+0x1a/0x30 [ 226.029279] [ 227.583525] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 227.586225] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 227.588380] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 227.593247] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 227.596311] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 227.598831] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 227.915769] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 227.918392] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 227.920572] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 227.924102] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 227.927248] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 227.929501] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 227.978344] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 227.980692] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 227.988287] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 227.996024] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 228.005210] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 228.007343] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 228.055400] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 228.062366] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 228.066099] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 228.066779] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 228.072225] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 228.087162] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 228.087578] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 228.089615] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 228.090335] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 228.100227] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 228.109996] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 228.114064] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 228.114993] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 228.121797] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 228.123720] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 228.128317] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 228.131318] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 228.133403] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 228.178796] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 228.188205] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 228.205283] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 228.219202] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 228.226686] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 228.238547] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 228.243576] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 228.243963] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 228.250446] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 228.299237] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 228.305594] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 228.319278] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 229.622965] Bluetooth: hci0: command tx timeout [ 229.942938] Bluetooth: hci1: command tx timeout [ 230.071389] Bluetooth: hci2: command tx timeout [ 230.136053] Bluetooth: hci3: command tx timeout [ 230.199888] Bluetooth: hci4: command tx timeout [ 230.391033] Bluetooth: hci5: command tx timeout [ 230.456098] Bluetooth: hci6: command tx timeout [ 230.519090] Bluetooth: hci7: command tx timeout [ 231.671777] Bluetooth: hci0: command tx timeout [ 231.992050] Bluetooth: hci1: command tx timeout [ 232.118973] Bluetooth: hci2: command tx timeout [ 232.183924] Bluetooth: hci3: command tx timeout [ 232.246922] Bluetooth: hci4: command tx timeout [ 232.438886] Bluetooth: hci5: command tx timeout [ 232.504001] Bluetooth: hci6: command tx timeout [ 232.567897] Bluetooth: hci7: command tx timeout [ 233.718911] Bluetooth: hci0: command tx timeout [ 234.040958] Bluetooth: hci1: command tx timeout [ 234.167900] Bluetooth: hci2: command tx timeout [ 234.231059] Bluetooth: hci3: command tx timeout [ 234.295048] Bluetooth: hci4: command tx timeout [ 234.487898] Bluetooth: hci5: command tx timeout [ 234.551142] Bluetooth: hci6: command tx timeout [ 234.615294] Bluetooth: hci7: command tx timeout [ 235.769914] Bluetooth: hci0: command tx timeout VM DIAGNOSIS: 14:00:33 Registers: info registers vcpu 0 RAX=ffff88806ce00000 RBX=0000000000000000 RCX=ffffffff84a8bb27 RDX=ffffed100d9c6c4b RSI=0000000000000004 RDI=ffffffff814b1b6a RBP=dffffc0000000000 RSP=ffffffff85a07e10 R8 =0000000000000000 R9 =ffffed100d9c6c4a R10=ffff88806ce36253 R11=0000000000000000 R12=ffffffff864021d0 R13=1ffffffff0b40fc7 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff84a8cace RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055c825640c70 CR3=00000000130ba000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=55e31b78e705db9e4b423b246941ed02 XMM02=d12871896912de2d00000000000fd408 XMM03=f9980df3bdc2dbad00000000001343b8 XMM04=1a46bf38532f090a00000000000ae988 XMM05=3cc027b654ebc50600000000001411b0 XMM06=9f165a4fe6c971ad0000000000138368 XMM07=711fbe8126c5d3440000000000138260 XMM08=68a8aee3740b9fad00000000000fd528 XMM09=00000000000000000000000000000000 XMM10=20000000000000002000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=000000000000007d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8283cdc5 RDI=ffffffff886930a0 RBP=ffffffff88693060 RSP=ffff88800f35eb28 R8 =0000000000000001 R9 =ffffed1001e6bd55 R10=000000000000007d R11=6666666666666666 R12=000000000000007d R13=0000000000000001 R14=ffff888008fea038 R15=ffff88800f35ee28 RIP=ffffffff8283ce1d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f49bfb2d468 CR3=000000001b0c6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000003fb11e62946a5f88 XMM02=0000000000000000413b7c2000000000 XMM03=0000ff00000000000000000000000000 XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962 XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000