Warning: Permanently added '[localhost]:16748' (ECDSA) to the list of known hosts. 2025/01/18 15:10:27 fuzzer started 2025/01/18 15:10:28 dialing manager at localhost:44245 syzkaller login: [ 62.937121] cgroup: Unknown subsys name 'net' [ 63.041858] cgroup: Unknown subsys name 'cpuset' [ 63.078092] cgroup: Unknown subsys name 'rlimit' [ 70.463738] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/18 15:10:47 syscalls: 2217 2025/01/18 15:10:47 code coverage: enabled 2025/01/18 15:10:47 comparison tracing: enabled 2025/01/18 15:10:47 extra coverage: enabled 2025/01/18 15:10:47 setuid sandbox: enabled 2025/01/18 15:10:47 namespace sandbox: enabled 2025/01/18 15:10:47 Android sandbox: enabled 2025/01/18 15:10:47 fault injection: enabled 2025/01/18 15:10:47 leak checking: enabled 2025/01/18 15:10:47 net packet injection: enabled 2025/01/18 15:10:47 net device setup: enabled 2025/01/18 15:10:47 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/18 15:10:47 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/18 15:10:47 USB emulation: enabled 2025/01/18 15:10:47 hci packet injection: enabled 2025/01/18 15:10:47 wifi device emulation: enabled 2025/01/18 15:10:47 802.15.4 emulation: enabled 2025/01/18 15:10:47 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/18 15:10:48 fetching corpus: 50, signal 24077/27147 (executing program) 2025/01/18 15:10:48 fetching corpus: 100, signal 37476/41332 (executing program) 2025/01/18 15:10:48 fetching corpus: 150, signal 46152/50644 (executing program) 2025/01/18 15:10:48 fetching corpus: 200, signal 51319/56450 (executing program) 2025/01/18 15:10:48 fetching corpus: 250, signal 56172/61825 (executing program) 2025/01/18 15:10:48 fetching corpus: 300, signal 61836/67653 (executing program) 2025/01/18 15:10:49 fetching corpus: 350, signal 65124/71286 (executing program) 2025/01/18 15:10:49 fetching corpus: 400, signal 69445/75622 (executing program) 2025/01/18 15:10:49 fetching corpus: 450, signal 72993/79225 (executing program) 2025/01/18 15:10:49 fetching corpus: 500, signal 75957/82231 (executing program) 2025/01/18 15:10:49 fetching corpus: 550, signal 78791/85037 (executing program) 2025/01/18 15:10:49 fetching corpus: 600, signal 82436/88293 (executing program) 2025/01/18 15:10:50 fetching corpus: 650, signal 84359/90191 (executing program) 2025/01/18 15:10:50 fetching corpus: 700, signal 86458/92175 (executing program) 2025/01/18 15:10:50 fetching corpus: 750, signal 89433/94637 (executing program) 2025/01/18 15:10:50 fetching corpus: 800, signal 90752/95875 (executing program) 2025/01/18 15:10:50 fetching corpus: 850, signal 92621/97420 (executing program) 2025/01/18 15:10:50 fetching corpus: 900, signal 93686/98349 (executing program) 2025/01/18 15:10:50 fetching corpus: 950, signal 96068/100047 (executing program) 2025/01/18 15:10:51 fetching corpus: 1000, signal 97656/101202 (executing program) 2025/01/18 15:10:51 fetching corpus: 1050, signal 99874/102672 (executing program) 2025/01/18 15:10:51 fetching corpus: 1100, signal 100991/103424 (executing program) 2025/01/18 15:10:51 fetching corpus: 1150, signal 102173/104192 (executing program) 2025/01/18 15:10:51 fetching corpus: 1200, signal 103363/104898 (executing program) 2025/01/18 15:10:52 fetching corpus: 1250, signal 104579/105579 (executing program) 2025/01/18 15:10:52 fetching corpus: 1264, signal 104923/105798 (executing program) 2025/01/18 15:10:52 fetching corpus: 1264, signal 104923/105832 (executing program) 2025/01/18 15:10:52 fetching corpus: 1264, signal 104923/105867 (executing program) 2025/01/18 15:10:52 fetching corpus: 1264, signal 104923/105899 (executing program) 2025/01/18 15:10:52 fetching corpus: 1264, signal 104923/105928 (executing program) 2025/01/18 15:10:52 fetching corpus: 1264, signal 104923/105959 (executing program) 2025/01/18 15:10:52 fetching corpus: 1264, signal 104923/105994 (executing program) 2025/01/18 15:10:52 fetching corpus: 1264, signal 104923/106030 (executing program) 2025/01/18 15:10:52 fetching corpus: 1264, signal 104923/106063 (executing program) 2025/01/18 15:10:52 fetching corpus: 1264, signal 104923/106095 (executing program) 2025/01/18 15:10:52 fetching corpus: 1264, signal 104923/106131 (executing program) 2025/01/18 15:10:52 fetching corpus: 1264, signal 104923/106156 (executing program) 2025/01/18 15:10:52 fetching corpus: 1264, signal 104923/106192 (executing program) 2025/01/18 15:10:52 fetching corpus: 1264, signal 104923/106233 (executing program) 2025/01/18 15:10:52 fetching corpus: 1264, signal 104923/106259 (executing program) 2025/01/18 15:10:52 fetching corpus: 1264, signal 104923/106283 (executing program) 2025/01/18 15:10:52 fetching corpus: 1264, signal 104923/106321 (executing program) 2025/01/18 15:10:52 fetching corpus: 1264, signal 104923/106346 (executing program) 2025/01/18 15:10:52 fetching corpus: 1264, signal 104923/106385 (executing program) 2025/01/18 15:10:52 fetching corpus: 1264, signal 104923/106421 (executing program) 2025/01/18 15:10:52 fetching corpus: 1264, signal 104923/106456 (executing program) 2025/01/18 15:10:52 fetching corpus: 1264, signal 104923/106483 (executing program) 2025/01/18 15:10:52 fetching corpus: 1264, signal 104923/106518 (executing program) 2025/01/18 15:10:52 fetching corpus: 1264, signal 104923/106550 (executing program) 2025/01/18 15:10:52 fetching corpus: 1264, signal 104923/106577 (executing program) 2025/01/18 15:10:52 fetching corpus: 1264, signal 104923/106612 (executing program) 2025/01/18 15:10:52 fetching corpus: 1264, signal 104923/106644 (executing program) 2025/01/18 15:10:52 fetching corpus: 1264, signal 104923/106655 (executing program) 2025/01/18 15:10:52 fetching corpus: 1264, signal 104923/106655 (executing program) 2025/01/18 15:10:57 starting 8 fuzzer processes 15:10:57 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_SIOCADDRT(r0, 0x8934, &(0x7f0000000100)={0x0, {0x2, 0x0, @private}, {0x2, 0x0, @local}, {0x2, 0x0, @broadcast}}) 15:10:57 executing program 1: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x800000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) write(r0, &(0x7f0000000200)='E', 0x140000) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) write(r1, &(0x7f0000000200)='E', 0x140000) [ 91.886595] audit: type=1400 audit(1737213057.629:7): avc: denied { execmem } for pid=272 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 15:10:57 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) readlink(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)=""/67, 0x43) 15:10:57 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0003}]}) shmat(0x0, &(0x7f0000ffc000/0x2000)=nil, 0x0) mlock(&(0x7f0000ffd000/0x1000)=nil, 0x1000) 15:10:57 executing program 4: perf_event_open(&(0x7f0000001840)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() move_pages(0x0, 0x2, &(0x7f0000000280)=[&(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil], 0x0, 0x0, 0x0) process_vm_readv(r0, &(0x7f00000000c0)=[{&(0x7f0000005580)=""/4078, 0xfee}, {&(0x7f0000006580)=""/136, 0x88}, {&(0x7f0000000100)=""/57, 0x39}], 0x3, &(0x7f0000000240), 0xf7, 0x0) 15:10:57 executing program 5: r0 = gettid() ioprio_set$pid(0x1, r0, 0x0) 15:10:57 executing program 6: capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000580)) r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCGETS(r0, 0x4b32, 0x0) 15:10:57 executing program 7: r0 = perf_event_open(&(0x7f0000002040)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000006, 0x11, r0, 0x0) syz_memcpy_off$IO_URING_METADATA_FLAGS(r1, 0x0, &(0x7f0000000080), 0x0, 0x4) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4) [ 93.237904] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 93.239144] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 93.243205] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 93.249626] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 93.251383] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 93.252405] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 93.491340] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 93.495429] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 93.501861] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 93.507533] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 93.509639] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 93.512437] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 93.515639] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 93.517590] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 93.518701] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 93.526857] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 93.528275] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 93.530778] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 93.533380] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 93.534311] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 93.535591] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 93.548497] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 93.550310] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 93.557927] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 93.563873] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 93.576763] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 93.581966] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 93.588257] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 93.593218] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 93.594718] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 93.597798] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 93.603850] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 93.607809] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 93.613555] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 93.618362] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 93.619618] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 93.620249] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 93.630784] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 93.636813] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 93.638266] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 93.649205] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 93.660377] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 93.668343] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 93.680344] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 93.683249] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 93.689899] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 93.745105] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 93.746489] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 95.333900] Bluetooth: hci0: command tx timeout [ 95.588183] Bluetooth: hci2: command tx timeout [ 95.651141] Bluetooth: hci7: command tx timeout [ 95.651441] Bluetooth: hci1: command tx timeout [ 95.715747] Bluetooth: hci4: command tx timeout [ 95.717177] Bluetooth: hci5: command tx timeout [ 95.718582] Bluetooth: hci3: command tx timeout [ 95.843184] Bluetooth: hci6: command tx timeout [ 97.379675] Bluetooth: hci0: command tx timeout [ 97.655511] Bluetooth: hci2: command tx timeout [ 97.699170] Bluetooth: hci1: command tx timeout [ 97.699259] Bluetooth: hci7: command tx timeout [ 97.763234] Bluetooth: hci3: command tx timeout [ 97.763331] Bluetooth: hci5: command tx timeout [ 97.763800] Bluetooth: hci4: command tx timeout [ 97.891065] Bluetooth: hci6: command tx timeout [ 99.427095] Bluetooth: hci0: command tx timeout [ 99.683044] Bluetooth: hci2: command tx timeout [ 99.747177] Bluetooth: hci7: command tx timeout [ 99.747771] Bluetooth: hci1: command tx timeout [ 99.811105] Bluetooth: hci4: command tx timeout [ 99.811181] Bluetooth: hci5: command tx timeout [ 99.811260] Bluetooth: hci3: command tx timeout [ 99.939098] Bluetooth: hci6: command tx timeout [ 101.475128] Bluetooth: hci0: command tx timeout [ 101.731090] Bluetooth: hci2: command tx timeout [ 101.795142] Bluetooth: hci1: command tx timeout [ 101.795754] Bluetooth: hci7: command tx timeout [ 101.859096] Bluetooth: hci3: command tx timeout [ 101.859620] Bluetooth: hci5: command tx timeout [ 101.860327] Bluetooth: hci4: command tx timeout [ 101.987796] Bluetooth: hci6: command tx timeout [ 155.960117] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 155.962196] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 155.963721] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 155.971241] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 155.973394] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 155.975625] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 155.981439] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 155.987089] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 155.987471] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 155.993444] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 155.995274] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 156.001219] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 156.085794] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 156.100280] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 156.106389] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 156.140929] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 156.150170] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 156.160917] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 156.190280] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 156.193573] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 156.194887] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 156.214337] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 156.215860] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 156.217074] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 156.292916] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 156.303141] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 156.334886] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 156.344494] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 156.349302] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 156.352704] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 156.359428] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 156.360438] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 156.364568] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 156.396632] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 156.420682] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 156.428407] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 156.429829] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 156.434519] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 156.436107] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 156.437877] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 156.446408] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 156.472674] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 156.473808] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 156.474925] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 156.481528] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 156.484184] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 156.485151] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 156.543302] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 158.051185] Bluetooth: hci0: command tx timeout [ 158.051489] Bluetooth: hci1: command tx timeout [ 158.243696] Bluetooth: hci2: command tx timeout [ 158.307097] Bluetooth: hci3: command tx timeout [ 158.435140] Bluetooth: hci4: command tx timeout [ 158.499129] Bluetooth: hci7: command tx timeout [ 158.629325] Bluetooth: hci6: command tx timeout [ 158.629797] Bluetooth: hci5: command tx timeout [ 160.099185] Bluetooth: hci0: command tx timeout [ 160.099338] Bluetooth: hci1: command tx timeout [ 160.291286] Bluetooth: hci2: command tx timeout [ 160.355477] Bluetooth: hci3: command tx timeout [ 160.483171] Bluetooth: hci4: command tx timeout [ 160.547170] Bluetooth: hci7: command tx timeout [ 160.676080] Bluetooth: hci5: command tx timeout [ 160.676219] Bluetooth: hci6: command tx timeout [ 162.147112] Bluetooth: hci1: command tx timeout [ 162.147270] Bluetooth: hci0: command tx timeout [ 162.339803] Bluetooth: hci2: command tx timeout [ 162.404002] Bluetooth: hci3: command tx timeout [ 162.531038] Bluetooth: hci4: command tx timeout [ 162.597014] Bluetooth: hci7: command tx timeout [ 162.724030] Bluetooth: hci5: command tx timeout [ 162.724135] Bluetooth: hci6: command tx timeout [ 164.195139] Bluetooth: hci1: command tx timeout [ 164.195320] Bluetooth: hci0: command tx timeout [ 164.387357] Bluetooth: hci2: command tx timeout [ 164.452093] Bluetooth: hci3: command tx timeout [ 164.580068] Bluetooth: hci4: command tx timeout [ 164.643112] Bluetooth: hci7: command tx timeout [ 164.772051] Bluetooth: hci5: command tx timeout [ 164.772141] Bluetooth: hci6: command tx timeout [ 216.916868] [ 216.917146] ====================================================== [ 216.917762] WARNING: possible circular locking dependency detected [ 216.918381] 6.13.0-rc7-next-20250117 #1 Not tainted [ 216.918885] ------------------------------------------------------ [ 216.920399] kworker/u8:0/11 is trying to acquire lock: [ 216.921367] ffffffff8621b968 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 216.923305] [ 216.923305] but task is already holding lock: [ 216.924806] ffff88802f4c0768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 216.926460] [ 216.926460] which lock already depends on the new lock. [ 216.926460] [ 216.928356] [ 216.928356] the existing dependency chain (in reverse order) is: [ 216.929067] [ 216.929067] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 216.929744] __mutex_lock+0x13d/0xb50 [ 216.930216] wiphy_register+0x1b2e/0x25d0 [ 216.930716] ieee80211_register_hw+0x23a4/0x3d60 [ 216.931269] mac80211_hwsim_new_radio+0x2759/0x4d50 [ 216.931848] init_mac80211_hwsim+0x389/0x870 [ 216.932389] do_one_initcall+0xf9/0x640 [ 216.932886] kernel_init_freeable+0x53d/0x7a0 [ 216.933444] kernel_init+0x1e/0x2d0 [ 216.933873] ret_from_fork+0x48/0x80 [ 216.934316] ret_from_fork_asm+0x1a/0x30 [ 216.934797] [ 216.934797] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 216.935421] __lock_acquire+0x29fd/0x4580 [ 216.935895] lock_acquire+0x19b/0x520 [ 216.936361] __mutex_lock+0x13d/0xb50 [ 216.936842] unregister_netdevice_many_notify+0x1612/0x1c80 [ 216.937472] unregister_netdevice_queue+0x224/0x2e0 [ 216.938037] _cfg80211_unregister_wdev+0x57b/0x700 [ 216.938594] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 216.939162] ieee80211_unregister_hw+0x55/0x3a0 [ 216.939696] hwsim_exit_net+0x3a0/0x730 [ 216.940167] ops_exit_list+0xb3/0x180 [ 216.940606] cleanup_net+0x546/0xad0 [ 216.941077] process_one_work+0x8ee/0x1a10 [ 216.941585] worker_thread+0x674/0xe70 [ 216.942067] kthread+0x3ab/0x720 [ 216.942482] ret_from_fork+0x48/0x80 [ 216.942916] ret_from_fork_asm+0x1a/0x30 [ 216.943429] [ 216.943429] other info that might help us debug this: [ 216.943429] [ 216.944185] Possible unsafe locking scenario: [ 216.944185] [ 216.944761] CPU0 CPU1 [ 216.945212] ---- ---- [ 216.945670] lock(&rdev->wiphy.mtx); [ 216.946082] lock(rtnl_mutex); [ 216.946665] lock(&rdev->wiphy.mtx); [ 216.947307] lock(rtnl_mutex); [ 216.947665] [ 216.947665] *** DEADLOCK *** [ 216.947665] [ 216.948281] 4 locks held by kworker/u8:0/11: [ 216.948724] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 216.949771] #1: ffff8880095dfd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 216.950787] #2: ffffffff8620f810 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 216.951724] #3: ffff88802f4c0768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 216.952767] [ 216.952767] stack backtrace: [ 216.953213] CPU: 0 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.13.0-rc7-next-20250117 #1 [ 216.954043] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 216.954842] Workqueue: netns cleanup_net [ 216.955279] Call Trace: [ 216.955539] [ 216.955770] dump_stack_lvl+0xca/0x120 [ 216.956202] print_circular_bug+0x47b/0x750 [ 216.956659] check_noncircular+0x2e9/0x3c0 [ 216.957126] ? lock_repin_lock+0x207/0x320 [ 216.957585] ? __pfx_check_noncircular+0x10/0x10 [ 216.958083] ? hlock_class+0x4e/0x130 [ 216.958466] ? mark_lock+0xac/0xed0 [ 216.958839] ? __pfx_lock_repin_lock+0x10/0x10 [ 216.959344] ? lockdep_lock+0xba/0x1b0 [ 216.959766] ? __pfx_lockdep_lock+0x10/0x10 [ 216.960285] __lock_acquire+0x29fd/0x4580 [ 216.960832] ? __pfx___lock_acquire+0x10/0x10 [ 216.961340] ? lock_release+0x20f/0x6f0 [ 216.961753] ? __pfx_lock_release+0x10/0x10 [ 216.962201] lock_acquire+0x19b/0x520 [ 216.962593] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 216.963177] ? __pfx_lock_acquire+0x10/0x10 [ 216.963629] ? srso_return_thunk+0x5/0x5f [ 216.964069] ? lock_release+0x20f/0x6f0 [ 216.964487] ? srso_return_thunk+0x5/0x5f [ 216.964936] ? lock_is_held_type+0x9e/0x120 [ 216.965408] ? srso_return_thunk+0x5/0x5f [ 216.965857] __mutex_lock+0x13d/0xb50 [ 216.966274] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 216.966855] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 216.967447] ? srso_return_thunk+0x5/0x5f [ 216.967889] ? synchronize_rcu_expedited+0x38a/0x420 [ 216.968425] ? __pfx___mutex_lock+0x10/0x10 [ 216.968880] ? __pfx_autoremove_wake_function+0x10/0x10 [ 216.969422] ? srso_return_thunk+0x5/0x5f [ 216.969859] ? kasan_quarantine_put+0x84/0x1e0 [ 216.970354] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 216.970809] ? srso_return_thunk+0x5/0x5f [ 216.971280] unregister_netdevice_many_notify+0x1612/0x1c80 [ 216.971866] ? __virt_addr_valid+0x2e8/0x5d0 [ 216.972338] ? __pfx_lock_release+0x10/0x10 [ 216.972796] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 216.973397] ? find_held_lock+0x2c/0x110 [ 216.973826] ? srso_return_thunk+0x5/0x5f [ 216.974269] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 216.974773] ? srso_return_thunk+0x5/0x5f [ 216.975214] ? lock_release+0x20f/0x6f0 [ 216.975623] ? __pfx_lock_release+0x10/0x10 [ 216.976086] ? srso_return_thunk+0x5/0x5f [ 216.976524] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 216.977066] ? srso_return_thunk+0x5/0x5f [ 216.977514] unregister_netdevice_queue+0x224/0x2e0 [ 216.978030] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 216.978581] ? up_write+0x195/0x520 [ 216.978966] _cfg80211_unregister_wdev+0x57b/0x700 [ 216.979492] ? srso_return_thunk+0x5/0x5f [ 216.979924] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 216.980438] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 216.981001] ? srso_return_thunk+0x5/0x5f [ 216.981455] ? srso_return_thunk+0x5/0x5f [ 216.981886] ? synchronize_rcu+0x1ff/0x260 [ 216.982325] ieee80211_unregister_hw+0x55/0x3a0 [ 216.982798] hwsim_exit_net+0x3a0/0x730 [ 216.983211] ? __pfx_hwsim_exit_net+0x10/0x10 [ 216.983669] ? srso_return_thunk+0x5/0x5f [ 216.984110] ? netdev_run_todo+0x788/0x1040 [ 216.984552] ? srso_return_thunk+0x5/0x5f [ 216.985012] ? __pfx_hwsim_exit_net+0x10/0x10 [ 216.985483] ops_exit_list+0xb3/0x180 [ 216.985874] cleanup_net+0x546/0xad0 [ 216.986264] ? __pfx_cleanup_net+0x10/0x10 [ 216.986696] process_one_work+0x8ee/0x1a10 [ 216.987157] ? __pfx_lock_acquire+0x10/0x10 [ 216.987587] ? __pfx_process_one_work+0x10/0x10 [ 216.988071] ? srso_return_thunk+0x5/0x5f [ 216.988501] ? move_linked_works+0x172/0x270 [ 216.988948] ? srso_return_thunk+0x5/0x5f [ 216.989393] ? assign_work+0x196/0x240 [ 216.989802] worker_thread+0x674/0xe70 [ 216.990210] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 216.990740] ? __pfx_worker_thread+0x10/0x10 [ 216.991207] kthread+0x3ab/0x720 [ 216.991580] ? __pfx_kthread+0x10/0x10 [ 216.991974] ? srso_return_thunk+0x5/0x5f [ 216.992411] ? finish_task_switch.isra.0+0x206/0x840 [ 216.992939] ? __pfx_kthread+0x10/0x10 [ 216.993378] ret_from_fork+0x48/0x80 [ 216.993738] ? __pfx_kthread+0x10/0x10 [ 216.994165] ret_from_fork_asm+0x1a/0x30 [ 216.994604] [ 218.605692] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 218.606661] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 218.607767] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 218.610321] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 218.613464] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 218.614381] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 218.731029] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 218.733401] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 218.735184] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 218.744021] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 218.749068] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 218.752030] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 218.816195] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 218.818489] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 218.819418] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 218.821517] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 218.822554] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 218.823648] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 218.824902] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 218.825816] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 218.826784] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 218.827814] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 218.828436] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 218.832147] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 218.877393] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 218.882203] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 218.883106] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 218.900927] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 218.901623] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 218.907643] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 218.923266] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 218.936047] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 218.953189] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 218.986068] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 219.001602] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 219.013061] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 219.017045] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 219.020346] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 219.027278] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 219.032332] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 219.035474] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 219.043124] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 219.045011] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 219.046064] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 219.047491] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 219.070484] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 219.094165] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 219.098247] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 220.643088] Bluetooth: hci0: command tx timeout [ 220.771219] Bluetooth: hci1: command tx timeout [ 220.899209] Bluetooth: hci3: command tx timeout [ 220.899550] Bluetooth: hci2: command tx timeout [ 220.963187] Bluetooth: hci4: command tx timeout [ 221.091111] Bluetooth: hci5: command tx timeout [ 221.091696] Bluetooth: hci7: command tx timeout [ 221.155084] Bluetooth: hci6: command tx timeout [ 222.691040] Bluetooth: hci0: command tx timeout [ 222.820093] Bluetooth: hci1: command tx timeout [ 222.947058] Bluetooth: hci2: command tx timeout [ 222.947140] Bluetooth: hci3: command tx timeout [ 223.011986] Bluetooth: hci4: command tx timeout [ 223.139080] Bluetooth: hci7: command tx timeout [ 223.139710] Bluetooth: hci5: command tx timeout [ 223.203223] Bluetooth: hci6: command tx timeout [ 224.739029] Bluetooth: hci0: command tx timeout [ 224.867116] Bluetooth: hci1: command tx timeout [ 224.998124] Bluetooth: hci3: command tx timeout [ 224.998260] Bluetooth: hci2: command tx timeout [ 225.059062] Bluetooth: hci4: command tx timeout [ 225.187420] Bluetooth: hci7: command tx timeout [ 225.187410] Bluetooth: hci5: command tx timeout [ 225.251981] Bluetooth: hci6: command tx timeout [ 226.787073] Bluetooth: hci0: command tx timeout [ 226.915018] Bluetooth: hci1: command tx timeout VM DIAGNOSIS: 15:13:02 Registers: info registers vcpu 0 RAX=000000000000006b RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8283cdc5 RDI=ffffffff886930a0 RBP=ffffffff88693060 RSP=ffff8880095debb8 R8 =0000000000000001 R9 =ffffed10012bbd67 R10=000000000000006b R11=3a6b636f6c206762 R12=000000000000006b R13=0000000000000001 R14=ffff888008fea027 R15=ffff8880095deeb8 RIP=ffffffff8283ce1d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f0b8d2ef1d8 CR3=00000000163ea000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=2032303a33313a3531203831206e614a XMM01=6f4c2064657472617453203a5d315b64 XMM02=6c6c694b20465220657661532f64616f XMM03=65747379732072656c6c616b7a797320 XMM04=2037353a30313a3531203831206e614a XMM05=65636f72703d7373616c63742030733a XMM06=733a755f6d65747379733d747865746e XMM07=725f6d65747379733a755f6d65747379 XMM08=7475636578652d7a7973223d6d6d6f63 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=ffff88800f7f8d80 RBX=ffff88800f814000 RCX=ffffffff81429a4a RDX=ffff88800f7f8d20 RSI=0000000000000001 RDI=ffff88800f7f8d80 RBP=ffff88800f7f8d80 RSP=ffff88800efcfda0 R8 =0000000000000000 R9 =ffffed1001d00f00 R10=ffff88800e807807 R11=ffff88800ea0bc38 R12=ffff88800f813e48 R13=ffff88800f814000 R14=ffff88800ea0b780 R15=0000000000000082 RIP=ffffffff81aeced0 RFL=00000086 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffd9d1c0000 CR3=000000000e53c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=7465677261742e79636e656772656d65 XMM02=616e696d726574203f3d72646461203f XMM03=79732f646d65747379732f62696c2f72 XMM04=2e2e2e2e2e2e2e2e2e2e2e2e2e2e2e2e XMM05=000055e4bab4b500000055e4baae96f0 XMM06=697665640030006563697665642e3669 XMM07=00000000000000000000000000000000 XMM08=63612073253d706f0000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000