Debian GNU/Linux 11 syzkaller ttyS0 syzkaller login: [ 58.734830] scp (246) used greatest stack depth: 24216 bytes left Warning: Permanently added '[localhost]:4500' (ECDSA) to the list of known hosts. 2025/01/28 16:12:54 fuzzer started 2025/01/28 16:12:55 dialing manager at localhost:40187 [ 61.208175] cgroup: Unknown subsys name 'net' [ 61.310128] cgroup: Unknown subsys name 'cpuset' [ 61.347187] cgroup: Unknown subsys name 'rlimit' [ 66.465678] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 76.612871] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/28 16:13:11 syscalls: 2217 2025/01/28 16:13:11 code coverage: enabled 2025/01/28 16:13:11 comparison tracing: enabled 2025/01/28 16:13:11 extra coverage: enabled 2025/01/28 16:13:11 setuid sandbox: enabled 2025/01/28 16:13:11 namespace sandbox: enabled 2025/01/28 16:13:11 Android sandbox: enabled 2025/01/28 16:13:11 fault injection: enabled 2025/01/28 16:13:11 leak checking: enabled 2025/01/28 16:13:11 net packet injection: enabled 2025/01/28 16:13:11 net device setup: enabled 2025/01/28 16:13:11 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/28 16:13:11 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/28 16:13:11 USB emulation: enabled 2025/01/28 16:13:11 hci packet injection: enabled 2025/01/28 16:13:11 wifi device emulation: enabled 2025/01/28 16:13:11 802.15.4 emulation: enabled 2025/01/28 16:13:11 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/28 16:13:11 fetching corpus: 13, signal 5231/8080 (executing program) 2025/01/28 16:13:11 fetching corpus: 13, signal 5231/9499 (executing program) 2025/01/28 16:13:11 fetching corpus: 13, signal 5231/10919 (executing program) 2025/01/28 16:13:11 fetching corpus: 13, signal 5231/12323 (executing program) 2025/01/28 16:13:11 fetching corpus: 13, signal 5231/13725 (executing program) 2025/01/28 16:13:11 fetching corpus: 13, signal 5231/15132 (executing program) 2025/01/28 16:13:11 fetching corpus: 13, signal 5231/16554 (executing program) 2025/01/28 16:13:11 fetching corpus: 13, signal 5231/17856 (executing program) 2025/01/28 16:13:11 fetching corpus: 13, signal 5231/17856 (executing program) 2025/01/28 16:13:15 starting 8 fuzzer processes 16:13:15 executing program 0: syz_mount_image$nfs(0x0, 0x0, 0x0, 0xb, &(0x7f0000000700), 0x0, 0x0) 16:13:15 executing program 2: readlink(0x0, 0x0, 0x0) 16:13:15 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x2c, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000700100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000def4655f000000000000000001000000000000000b0000000004000008000000d2c20100120300000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e32313538333830363200"/192, 0xc0, 0x400}, {&(0x7f0000010100)="000000000000000000000000efdd79b7c3654313ac0cec53e79dcbaf010040000c00000000000000def4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000100000000000000000000000000000000000000040000003800000000000000", 0x40, 0x540}, {&(0x7f0000010300)="0300000004000000000000000000000000000000010400"/32, 0x20, 0x640}, {&(0x7f0000010400)="03000000040000000500000017000f000300040000000000000000000f008551", 0x20, 0x800}, {&(0x7f0000010500)="ff010000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000def4655fdef4655fdef4655f00"/2080, 0x820, 0xc00}, {&(0x7f0000010e00)="ed41000000040000def4655fdef4655fdef4655f00000000000004002000000000000800050000000af301000400000000000000000000000100000030000000", 0x40, 0x1800}, {&(0x7f0000010f00)="20000000c0f78c96c0f78c9600000000def4655f00"/32, 0x20, 0x1880}, {&(0x7f0000011000)="8081000000180000def4655fdef4655fdef4655f00000000000001002000000010000800000000000af3020004000000000000000000000002000000500000000200000004000000520000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000def4655f00"/160, 0xa0, 0x1c00}, {&(0x7f0000011100)="8081000000180000def4655fdef4655fdef4655f00000000000001002000000010000800000000000af3020004000000000000000000000002000000600000000200000004000000620000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000def4655f00"/160, 0xa0, 0x2000}, {&(0x7f0000011200)="c0410000002c0000def4655fdef4655fdef4655f00000000000002002000000000000800000000000af301000400000000000000000000000b00000040000000", 0x40, 0x3c00}, {&(0x7f0000011300)="20000000000000000000000000000000def4655f000000000000000000000000000002ea00"/64, 0x40, 0x3c80}, {&(0x7f0000011400)="ed4100003c000000def4655fdef4655fdef4655f0000000000000200000000000000001003000000020000000d0000001000050166696c65300000000e0000002800050766696c65310000000000000000000000000000000000000000000000000000003e1ea11700000000000000000000000000000000000000000000000020000000c0f78c96c0f78c96c0f78c96def4655fc0f78c960000000000000000000002ea04070000000000000000000000000000646174610000000000000000", 0xc0, 0x4000}, {&(0x7f0000011500)="ed8100001a040000def4655fdef4655fdef4655f00000000000001002000000000000800010000000af3010004000000000000000000000002000000700000000000000000000000000000000000000000000000000000000000000000000000000000005793e75d00000000000000000000000000000000000000000000000020000000c0f78c96c0f78c96c0f78c96def4655fc0f78c960000000000000000", 0xa0, 0x4400}, {&(0x7f0000011600)="ffa1000026000000def4655fdef4655fdef4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3231353833383036322f66696c65302f66696c6530000000000000000000000000000000000000000000004bfd2c1c00000000000000000000000000000000000000000000000020000000c0f78c96c0f78c96c0f78c96def4655fc0f78c960000000000000000", 0xa0, 0x4800}, {&(0x7f0000011700)="ed8100000a000000def4655fdef4655fdef4655f000000000000010000000000000000100100000073797a6b616c6c6572730000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e5264f2500000000000000000000000000000000000000000000000020000000c0f78c96c0f78c96c0f78c96def4655fc0f78c960000000000000000000002ea040700000000000000000000000000006461746106015403000000000600000000000000786174747231000006014c0300000000060000000000000078617474723200"/256, 0x100, 0x4c00}, {&(0x7f0000011800)="0000000000000000000000000000000078617474723200007861747472310000ed81000028230000def4655fdef4655fdef4655f00000000000002002000000000000800010000000af301000400000000000000000000000900000080000000000000000000000000000000000000000000000000000000000000000000000000000000c20bb4fb00000000000000000000000000000000000000000000000020000000c0f78c96c0f78c96c0f78c96def4655fc0f78c960000000000000000", 0xc0, 0x4fe0}, {&(0x7f0000011900)="ed81000064000000def4655fdef4655fdef4655f000000000000010000000000000000100100000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616cdd0e886300000000000000000000000000000000000000000000000020000000c0f78c96c0f78c96c0f78c96def4655fc0f78c960000000000000000000002ea04073403000000002800000000000000646174610000000000000000", 0xc0, 0x5400}, {&(0x7f0000011a00)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00lersyzkallersyzkallersyzkallersyzkallers', 0x40, 0x57c0}, {&(0x7f0000011b00)="020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c6533000000110000009403090166696c652e636f6c64000000", 0x80, 0xc000}, {&(0x7f0000011c00)="0b0000000c0001022e000000020000000c0002022e2e000000000000e8030000", 0x20, 0x10000}, {&(0x7f0000011d00)="00000000000400"/32, 0x20, 0x10400}, {&(0x7f0000011e00)="00000000000400"/32, 0x20, 0x10800}, {&(0x7f0000011f00)="00000000000400"/32, 0x20, 0x10c00}, {&(0x7f0000012000)="00000000000400"/32, 0x20, 0x11000}, {&(0x7f0000012100)="00000000000400"/32, 0x20, 0x11400}, {&(0x7f0000012200)="00000000000400"/32, 0x20, 0x11800}, {&(0x7f0000012300)="00000000000400"/32, 0x20, 0x11c00}, {&(0x7f0000012400)="00000000000400"/32, 0x20, 0x12000}, {&(0x7f0000012500)="00000000000400"/32, 0x20, 0x12400}, {&(0x7f0000012600)="00000000000400"/32, 0x20, 0x12800}, {&(0x7f0000012700)="111fc0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0x14000}, {&(0x7f0000012800)="0200"/32, 0x20, 0x14400}, {&(0x7f0000012900)="0300"/32, 0x20, 0x14800}, {&(0x7f0000012a00)="0400"/32, 0x20, 0x14c00}, {&(0x7f0000012b00)="0500"/32, 0x20, 0x15000}, {&(0x7f0000012c00)="0000000000000000010000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000100"/96, 0x60, 0x15400}, {&(0x7f0000012d00)="2719c0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0x18000}, {&(0x7f0000012e00)="0200"/32, 0x20, 0x18400}, {&(0x7f0000012f00)="0300"/32, 0x20, 0x18800}, {&(0x7f0000013000)="0400"/32, 0x20, 0x18c00}, {&(0x7f0000013100)="0500"/32, 0x20, 0x19000}, {&(0x7f0000013200)="0000000000000000010000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000100"/96, 0x60, 0x19400}, {&(0x7f0000013300)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x1c000}], 0x0, &(0x7f0000013800)) 16:13:15 executing program 3: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) dup3(r0, r1, 0x0) 16:13:15 executing program 5: ptrace$getregset(0x4204, 0x0, 0x0, 0x0) 16:13:15 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$SO_TIMESTAMPING(r0, 0x1, 0x47, 0x0, &(0x7f0000000140)=0x47) 16:13:15 executing program 6: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$sock_int(r0, 0x1, 0x9, &(0x7f0000000000)=0x3f, 0x4) [ 81.509880] audit: type=1400 audit(1738080795.828:7): avc: denied { execmem } for pid=281 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 16:13:15 executing program 7: pipe(&(0x7f00000010c0)={0xffffffffffffffff}) openat$cgroup_freezer_state(r0, &(0x7f0000001d00), 0x2, 0x0) [ 82.983464] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 82.987260] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 82.989662] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 82.994871] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 82.999063] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 83.001810] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 83.048901] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 83.051547] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 83.057757] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 83.060693] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 83.064843] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 83.066390] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 83.071246] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 83.076387] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 83.078884] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 83.080707] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 83.081370] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 83.093311] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 83.095584] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 83.111047] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 83.116671] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 83.118587] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 83.121832] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 83.122792] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 83.124680] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 83.126454] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 83.132112] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 83.137679] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 83.140333] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 83.143456] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 83.145852] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 83.150332] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 83.153395] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 83.155345] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 83.158555] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 83.164390] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 83.166440] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 83.168234] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 83.172389] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 83.183844] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 83.199140] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 83.202791] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 83.211397] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 83.213230] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 83.215687] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 83.217564] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 83.220470] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 83.221924] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 85.070416] Bluetooth: hci0: command tx timeout [ 85.134152] Bluetooth: hci1: command tx timeout [ 85.197078] Bluetooth: hci2: command tx timeout [ 85.197145] Bluetooth: hci3: command tx timeout [ 85.261562] Bluetooth: hci4: command tx timeout [ 85.262770] Bluetooth: hci6: command tx timeout [ 85.263073] Bluetooth: hci7: command tx timeout [ 85.264102] Bluetooth: hci5: command tx timeout [ 87.118093] Bluetooth: hci0: command tx timeout [ 87.182099] Bluetooth: hci1: command tx timeout [ 87.245211] Bluetooth: hci2: command tx timeout [ 87.245786] Bluetooth: hci3: command tx timeout [ 87.310032] Bluetooth: hci6: command tx timeout [ 87.310599] Bluetooth: hci5: command tx timeout [ 87.311502] Bluetooth: hci7: command tx timeout [ 87.312104] Bluetooth: hci4: command tx timeout [ 89.165072] Bluetooth: hci0: command tx timeout [ 89.229161] Bluetooth: hci1: command tx timeout [ 89.293115] Bluetooth: hci2: command tx timeout [ 89.293567] Bluetooth: hci3: command tx timeout [ 89.357113] Bluetooth: hci7: command tx timeout [ 89.357560] Bluetooth: hci4: command tx timeout [ 89.358176] Bluetooth: hci5: command tx timeout [ 89.358598] Bluetooth: hci6: command tx timeout [ 91.213296] Bluetooth: hci0: command tx timeout [ 91.277068] Bluetooth: hci1: command tx timeout [ 91.342063] Bluetooth: hci3: command tx timeout [ 91.342502] Bluetooth: hci2: command tx timeout [ 91.405088] Bluetooth: hci6: command tx timeout [ 91.405534] Bluetooth: hci5: command tx timeout [ 91.405952] Bluetooth: hci4: command tx timeout [ 91.406421] Bluetooth: hci7: command tx timeout [ 141.122679] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 141.123851] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 141.401589] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 141.402567] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 141.816574] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 141.817501] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 142.395723] syz-executor.1 (292) used greatest stack depth: 24024 bytes left [ 142.872212] [ 142.872423] ====================================================== [ 142.872929] WARNING: possible circular locking dependency detected [ 142.873439] 6.13.0-next-20250128 #1 Not tainted [ 142.873838] ------------------------------------------------------ [ 142.874820] kworker/u8:0/11 is trying to acquire lock: [ 142.875874] ffffffff8621d9a8 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 142.877649] [ 142.877649] but task is already holding lock: [ 142.878554] ffff8880171d8768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 142.880554] [ 142.880554] which lock already depends on the new lock. [ 142.880554] [ 142.881847] [ 142.881847] the existing dependency chain (in reverse order) is: [ 142.882882] [ 142.882882] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 142.883933] __mutex_lock+0x13d/0xb50 [ 142.885015] wiphy_register+0x1b2e/0x25d0 [ 142.885449] ieee80211_register_hw+0x23a4/0x3d60 [ 142.885909] mac80211_hwsim_new_radio+0x2759/0x4d60 [ 142.886396] init_mac80211_hwsim+0x389/0x870 [ 142.886849] do_one_initcall+0xf9/0x640 [ 142.887277] kernel_init_freeable+0x53d/0x7a0 [ 142.887731] kernel_init+0x1e/0x2d0 [ 142.888097] ret_from_fork+0x48/0x80 [ 142.888466] ret_from_fork_asm+0x1a/0x30 [ 142.888887] [ 142.888887] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 142.889416] __lock_acquire+0x29fd/0x4580 [ 142.889837] lock_acquire+0x19b/0x520 [ 142.890230] __mutex_lock+0x13d/0xb50 [ 142.890632] unregister_netdevice_many_notify+0x1612/0x1c80 [ 142.891178] unregister_netdevice_queue+0x224/0x2e0 [ 142.891663] _cfg80211_unregister_wdev+0x57b/0x700 [ 142.892149] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 142.892629] ieee80211_unregister_hw+0x55/0x3a0 [ 142.893087] hwsim_exit_net+0x3a0/0x730 [ 142.893492] ops_exit_list+0xb3/0x180 [ 142.893879] cleanup_net+0x546/0xad0 [ 142.894266] process_one_work+0x8ee/0x1a10 [ 142.894708] worker_thread+0x674/0xe70 [ 142.895133] kthread+0x3ab/0x720 [ 142.895500] ret_from_fork+0x48/0x80 [ 142.895872] ret_from_fork_asm+0x1a/0x30 [ 142.896301] [ 142.896301] other info that might help us debug this: [ 142.896301] [ 142.896957] Possible unsafe locking scenario: [ 142.896957] [ 142.897457] CPU0 CPU1 [ 142.897851] ---- ---- [ 142.898254] lock(&rdev->wiphy.mtx); [ 142.898607] lock(rtnl_mutex); [ 142.899121] lock(&rdev->wiphy.mtx); [ 142.899671] lock(rtnl_mutex); [ 142.899987] [ 142.899987] *** DEADLOCK *** [ 142.899987] [ 142.900481] 4 locks held by kworker/u8:0/11: [ 142.900860] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 142.901740] #1: ffff8880095dfd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 142.902589] #2: ffffffff862119d0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 142.903387] #3: ffff8880171d8768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 142.904270] [ 142.904270] stack backtrace: [ 142.904652] CPU: 1 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.13.0-next-20250128 #1 [ 142.904689] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 142.904712] Workqueue: netns cleanup_net [ 142.904753] Call Trace: [ 142.904762] [ 142.904774] dump_stack_lvl+0xca/0x120 [ 142.904833] print_circular_bug+0x47b/0x750 [ 142.904878] check_noncircular+0x2e9/0x3c0 [ 142.904921] ? __pfx_check_noncircular+0x10/0x10 [ 142.904962] ? hlock_class+0x4e/0x130 [ 142.904993] ? mark_lock+0xac/0xed0 [ 142.905033] ? srso_return_thunk+0x5/0x5f [ 142.905089] ? dl_scaled_delta_exec+0xd4/0x2c0 [ 142.905135] ? lockdep_lock+0xba/0x1b0 [ 142.905193] ? __pfx_lockdep_lock+0x10/0x10 [ 142.905255] __lock_acquire+0x29fd/0x4580 [ 142.905309] ? __pfx___lock_acquire+0x10/0x10 [ 142.905352] ? lock_release+0x20f/0x6f0 [ 142.905396] ? __pfx_lock_release+0x10/0x10 [ 142.905444] lock_acquire+0x19b/0x520 [ 142.905488] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 142.905537] ? __pfx_lock_acquire+0x10/0x10 [ 142.905581] ? srso_return_thunk+0x5/0x5f [ 142.905637] ? lock_release+0x20f/0x6f0 [ 142.905681] ? srso_return_thunk+0x5/0x5f [ 142.905736] ? lock_is_held_type+0x9e/0x120 [ 142.905792] ? srso_return_thunk+0x5/0x5f [ 142.905851] __mutex_lock+0x13d/0xb50 [ 142.905904] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 142.905949] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 142.905995] ? srso_return_thunk+0x5/0x5f [ 142.906051] ? synchronize_rcu_expedited+0x38a/0x420 [ 142.906095] ? __pfx___mutex_lock+0x10/0x10 [ 142.906149] ? __pfx_autoremove_wake_function+0x10/0x10 [ 142.906203] ? srso_return_thunk+0x5/0x5f [ 142.906259] ? kasan_quarantine_put+0x84/0x1e0 [ 142.906320] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 142.906355] ? srso_return_thunk+0x5/0x5f [ 142.906415] unregister_netdevice_many_notify+0x1612/0x1c80 [ 142.906461] ? __virt_addr_valid+0x2e8/0x5d0 [ 142.906514] ? __pfx_lock_release+0x10/0x10 [ 142.906559] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 142.906605] ? find_held_lock+0x2c/0x110 [ 142.906663] ? srso_return_thunk+0x5/0x5f [ 142.906721] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 142.906782] ? srso_return_thunk+0x5/0x5f [ 142.906837] ? lock_release+0x20f/0x6f0 [ 142.906882] ? __pfx_lock_release+0x10/0x10 [ 142.906933] ? srso_return_thunk+0x5/0x5f [ 142.906989] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 142.907037] ? srso_return_thunk+0x5/0x5f [ 142.907098] unregister_netdevice_queue+0x224/0x2e0 [ 142.907142] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 142.907185] ? up_write+0x195/0x520 [ 142.907240] _cfg80211_unregister_wdev+0x57b/0x700 [ 142.907293] ? srso_return_thunk+0x5/0x5f [ 142.907353] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 142.907391] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 142.907430] ? srso_return_thunk+0x5/0x5f [ 142.907486] ? srso_return_thunk+0x5/0x5f [ 142.907542] ? synchronize_rcu+0x1ff/0x260 [ 142.907584] ieee80211_unregister_hw+0x55/0x3a0 [ 142.907629] hwsim_exit_net+0x3a0/0x730 [ 142.907672] ? __pfx_hwsim_exit_net+0x10/0x10 [ 142.907722] ? srso_return_thunk+0x5/0x5f [ 142.907779] ? __pfx_hwsim_exit_net+0x10/0x10 [ 142.907822] ops_exit_list+0xb3/0x180 [ 142.907864] cleanup_net+0x546/0xad0 [ 142.907909] ? __pfx_cleanup_net+0x10/0x10 [ 142.907963] process_one_work+0x8ee/0x1a10 [ 142.908029] ? __pfx_lock_acquire+0x10/0x10 [ 142.908073] ? __pfx_process_one_work+0x10/0x10 [ 142.908132] ? srso_return_thunk+0x5/0x5f [ 142.908188] ? move_linked_works+0x172/0x270 [ 142.908233] ? srso_return_thunk+0x5/0x5f [ 142.908288] ? assign_work+0x196/0x240 [ 142.908346] worker_thread+0x674/0xe70 [ 142.908404] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 142.908456] ? __pfx_worker_thread+0x10/0x10 [ 142.908516] kthread+0x3ab/0x720 [ 142.908568] ? __pfx_kthread+0x10/0x10 [ 142.908620] ? srso_return_thunk+0x5/0x5f [ 142.908676] ? finish_task_switch.isra.0+0x206/0x840 [ 142.908727] ? __pfx_kthread+0x10/0x10 [ 142.908781] ret_from_fork+0x48/0x80 [ 142.908812] ? __pfx_kthread+0x10/0x10 [ 142.908865] ret_from_fork_asm+0x1a/0x30 [ 142.908932] [ 144.737719] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 144.742355] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 144.748204] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 144.753651] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 144.755695] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 144.758607] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 144.760337] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 144.764010] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 144.766874] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 144.768928] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 144.775185] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 144.779575] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 144.861442] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 144.863533] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 144.869288] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 144.872905] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 144.874503] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 144.877362] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 144.886465] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 144.887919] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 144.893588] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 144.895212] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 144.899282] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 144.901213] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 144.929061] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 144.954215] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 144.965421] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 144.971564] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 144.979251] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 144.982373] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 144.996052] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 145.004217] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 145.015752] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 145.026643] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 145.027828] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 145.029452] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 145.039216] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 145.041101] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 145.045783] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 145.049577] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 145.056200] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 145.061145] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 145.064345] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 145.065351] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 145.066580] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 145.067389] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 145.071392] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 145.077607] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 146.829374] Bluetooth: hci0: command tx timeout [ 146.830030] Bluetooth: hci1: command tx timeout [ 146.957016] Bluetooth: hci2: command tx timeout [ 146.957046] Bluetooth: hci3: command tx timeout [ 147.086069] Bluetooth: hci4: command tx timeout [ 147.150009] Bluetooth: hci6: command tx timeout [ 147.150440] Bluetooth: hci5: command tx timeout [ 147.150819] Bluetooth: hci7: command tx timeout [ 148.878077] Bluetooth: hci1: command tx timeout [ 148.878093] Bluetooth: hci0: command tx timeout [ 149.005251] Bluetooth: hci3: command tx timeout [ 149.006352] Bluetooth: hci2: command tx timeout [ 149.133163] Bluetooth: hci4: command tx timeout [ 149.197101] Bluetooth: hci7: command tx timeout [ 149.198049] Bluetooth: hci5: command tx timeout [ 149.198100] Bluetooth: hci6: command tx timeout [ 150.925307] Bluetooth: hci0: command tx timeout [ 150.926265] Bluetooth: hci1: command tx timeout [ 151.055015] Bluetooth: hci3: command tx timeout [ 151.055736] Bluetooth: hci2: command tx timeout [ 151.181109] Bluetooth: hci4: command tx timeout [ 151.245120] Bluetooth: hci5: command tx timeout [ 151.245762] Bluetooth: hci6: command tx timeout [ 151.245785] Bluetooth: hci7: command tx timeout VM DIAGNOSIS: 16:14:17 Registers: info registers vcpu 0 RAX=ffff88800f140000 RBX=ffff88807c340648 RCX=ffffffff81429a8a RDX=1ffff11001daee00 RSI=0000000000000008 RDI=ffff88800ed77000 RBP=fcfcfcfc00000000 RSP=ffff88800f14fdd0 R8 =0000000000000000 R9 =ffffed1001daee00 R10=ffff88800ed77007 R11=ffff88800f1404b8 R12=ffff88807c340ff9 R13=ffffffff88652658 R14=ffff88800f140000 R15=0000000000000086 RIP=ffffffff81aefb8a RFL=00000097 [--S-APC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000c00c9e3010 CR3=000000000e1ce000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=0000000000000000000000007372656b XMM02=ffffff0f0e0d0c0b0a09080706050403 XMM03=696e656420737365636341002f737973 XMM04=0000000100000000000055fa01aa13d0 XMM05=000055fa01ae1320000055fa01aa1390 XMM06=0000000000000000ffffffff00000004 XMM07=00000000000000000000000000000000 XMM08=2f74656e2f73666e2f73662f7379732f XMM09=00000000000000000000000000000000 XMM10=00000020000000000000002000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=000000000000002b RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8283f415 RDI=ffffffff886970a0 RBP=ffffffff88697060 RSP=ffff8880095deca0 R8 =0000000000000000 R9 =ffffed1001cd6046 R10=000000000000002b R11=5f20202020202020 R12=000000000000002b R13=0000000000000010 R14=ffffffff88697060 R15=ffffffff8283f400 RIP=ffffffff8283f46d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000c00ca5b010 CR3=0000000013f4e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=000000c000333080000000c000333020 XMM02=000000c0002ec230000000c0003330e0 XMM03=000000c0002ec320000000c0002ec280 XMM04=000000c00017a090000000c00017a060 XMM05=000000c00017a0f0000000c00017a0c0 XMM06=000000c00017a150000000c00017a120 XMM07=000000c000179760000000c0000554d0 XMM08=000000c00017a4b0000000c00017a480 XMM09=000000c00017a510000000c00017a4e0 XMM10=000000c00017a540000000c000055530 XMM11=000000c00017a5a0000000c00017a570 XMM12=000000c00017a600000000c00017a5d0 XMM13=000000c00017a660000000c00017a630 XMM14=000000c00017a6c0000000c00017a690 XMM15=000000c000105080000000c00017a6f0