Debian GNU/Linux 11 syzkaller ttyS0 syzkaller login: [ 67.243496] scp (238) used greatest stack depth: 22944 bytes left Warning: Permanently added '[localhost]:27468' (ECDSA) to the list of known hosts. 2025/01/18 15:31:36 fuzzer started 2025/01/18 15:31:36 dialing manager at localhost:44245 [ 70.292053] cgroup: Unknown subsys name 'net' [ 70.399402] cgroup: Unknown subsys name 'cpuset' [ 70.433839] cgroup: Unknown subsys name 'rlimit' [ 76.648401] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 87.565226] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/18 15:31:54 syscalls: 2217 2025/01/18 15:31:54 code coverage: enabled 2025/01/18 15:31:54 comparison tracing: enabled 2025/01/18 15:31:54 extra coverage: enabled 2025/01/18 15:31:54 setuid sandbox: enabled 2025/01/18 15:31:54 namespace sandbox: enabled 2025/01/18 15:31:54 Android sandbox: enabled 2025/01/18 15:31:54 fault injection: enabled 2025/01/18 15:31:54 leak checking: enabled 2025/01/18 15:31:54 net packet injection: enabled 2025/01/18 15:31:54 net device setup: enabled 2025/01/18 15:31:54 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/18 15:31:54 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/18 15:31:54 USB emulation: enabled 2025/01/18 15:31:54 hci packet injection: enabled 2025/01/18 15:31:54 wifi device emulation: enabled 2025/01/18 15:31:54 802.15.4 emulation: enabled 2025/01/18 15:31:54 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/18 15:31:54 fetching corpus: 50, signal 22001/25178 (executing program) 2025/01/18 15:31:54 fetching corpus: 100, signal 34589/38642 (executing program) 2025/01/18 15:31:54 fetching corpus: 150, signal 41346/46268 (executing program) 2025/01/18 15:31:55 fetching corpus: 200, signal 51605/56759 (executing program) 2025/01/18 15:31:55 fetching corpus: 250, signal 55642/61381 (executing program) 2025/01/18 15:31:55 fetching corpus: 300, signal 59924/66069 (executing program) 2025/01/18 15:31:55 fetching corpus: 350, signal 63589/70075 (executing program) 2025/01/18 15:31:55 fetching corpus: 400, signal 69597/75891 (executing program) 2025/01/18 15:31:55 fetching corpus: 450, signal 72271/78763 (executing program) 2025/01/18 15:31:56 fetching corpus: 500, signal 75838/82246 (executing program) 2025/01/18 15:31:56 fetching corpus: 550, signal 79043/85311 (executing program) 2025/01/18 15:31:56 fetching corpus: 600, signal 81485/87699 (executing program) 2025/01/18 15:31:56 fetching corpus: 650, signal 83529/89690 (executing program) 2025/01/18 15:31:56 fetching corpus: 700, signal 86836/92500 (executing program) 2025/01/18 15:31:56 fetching corpus: 750, signal 88566/94027 (executing program) 2025/01/18 15:31:56 fetching corpus: 800, signal 90379/95573 (executing program) 2025/01/18 15:31:57 fetching corpus: 850, signal 92594/97344 (executing program) 2025/01/18 15:31:57 fetching corpus: 900, signal 93842/98410 (executing program) 2025/01/18 15:31:57 fetching corpus: 950, signal 95615/99739 (executing program) 2025/01/18 15:31:57 fetching corpus: 1000, signal 96582/100543 (executing program) 2025/01/18 15:31:57 fetching corpus: 1050, signal 98760/101979 (executing program) 2025/01/18 15:31:58 fetching corpus: 1100, signal 100200/102971 (executing program) 2025/01/18 15:31:58 fetching corpus: 1150, signal 102182/104191 (executing program) 2025/01/18 15:31:58 fetching corpus: 1200, signal 103292/104841 (executing program) 2025/01/18 15:31:58 fetching corpus: 1250, signal 104509/105509 (executing program) 2025/01/18 15:31:58 fetching corpus: 1264, signal 104923/105768 (executing program) 2025/01/18 15:31:58 fetching corpus: 1264, signal 104923/105807 (executing program) 2025/01/18 15:31:58 fetching corpus: 1264, signal 104923/105844 (executing program) 2025/01/18 15:31:58 fetching corpus: 1264, signal 104923/105878 (executing program) 2025/01/18 15:31:58 fetching corpus: 1264, signal 104923/105903 (executing program) 2025/01/18 15:31:58 fetching corpus: 1264, signal 104923/105929 (executing program) 2025/01/18 15:31:58 fetching corpus: 1264, signal 104923/105970 (executing program) 2025/01/18 15:31:58 fetching corpus: 1264, signal 104923/106000 (executing program) 2025/01/18 15:31:58 fetching corpus: 1264, signal 104923/106033 (executing program) 2025/01/18 15:31:58 fetching corpus: 1264, signal 104923/106060 (executing program) 2025/01/18 15:31:58 fetching corpus: 1264, signal 104923/106101 (executing program) 2025/01/18 15:31:58 fetching corpus: 1264, signal 104923/106138 (executing program) 2025/01/18 15:31:58 fetching corpus: 1264, signal 104923/106165 (executing program) 2025/01/18 15:31:58 fetching corpus: 1264, signal 104923/106198 (executing program) 2025/01/18 15:31:58 fetching corpus: 1264, signal 104923/106242 (executing program) 2025/01/18 15:31:58 fetching corpus: 1264, signal 104923/106273 (executing program) 2025/01/18 15:31:58 fetching corpus: 1264, signal 104923/106314 (executing program) 2025/01/18 15:31:58 fetching corpus: 1264, signal 104923/106347 (executing program) 2025/01/18 15:31:58 fetching corpus: 1264, signal 104923/106377 (executing program) 2025/01/18 15:31:58 fetching corpus: 1264, signal 104923/106415 (executing program) 2025/01/18 15:31:58 fetching corpus: 1264, signal 104923/106446 (executing program) 2025/01/18 15:31:58 fetching corpus: 1264, signal 104923/106473 (executing program) 2025/01/18 15:31:58 fetching corpus: 1264, signal 104923/106503 (executing program) 2025/01/18 15:31:58 fetching corpus: 1264, signal 104923/106538 (executing program) 2025/01/18 15:31:59 fetching corpus: 1264, signal 104923/106570 (executing program) 2025/01/18 15:31:59 fetching corpus: 1264, signal 104923/106599 (executing program) 2025/01/18 15:31:59 fetching corpus: 1264, signal 104923/106642 (executing program) 2025/01/18 15:31:59 fetching corpus: 1264, signal 104923/106655 (executing program) 2025/01/18 15:31:59 fetching corpus: 1264, signal 104923/106655 (executing program) 2025/01/18 15:32:03 starting 8 fuzzer processes 15:32:03 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_rxfh_indir={0x38}}) 15:32:03 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$MON_IOCT_RING_SIZE(r1, 0x9204, 0x0) 15:32:03 executing program 2: arch_prctl$ARCH_SET_CPUID(0x1012, 0x0) 15:32:03 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xfc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) request_key(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000240)={'syz', 0x1}, &(0x7f0000000280)='syz', 0x0) 15:32:03 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sysfs$3(0x3) 15:32:03 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x203}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff9000/0x3000)=nil, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)) ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f00000000c0)) [ 97.103396] audit: type=1400 audit(1737214323.654:7): avc: denied { execmem } for pid=272 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 15:32:03 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) rename(&(0x7f00000002c0)='./file1\x00', &(0x7f0000000300)='./file1\x00') 15:32:03 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fstat(r1, &(0x7f0000000000)) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r3 = dup(r2) bind$bt_hci(r3, &(0x7f0000000500)={0x1f, 0x0, 0x3}, 0x6) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r3, 0x4008240b, &(0x7f0000000240)={0x5, 0x80, 0x0, 0x7, 0x7f, 0x7f, 0x0, 0x1f, 0x0, 0x5, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x3, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x5, 0x2, @perf_bp={&(0x7f0000000200), 0x4}, 0x4, 0x4, 0x567, 0x5, 0x4, 0x7, 0x7, 0x0, 0x1}) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x5, 0xd6c2}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) socket$nl_route(0x10, 0x3, 0x0) [ 98.709738] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 98.712912] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 98.714580] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 98.715941] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 98.719352] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 98.721133] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 98.724474] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 98.730035] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 98.735272] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 98.737036] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 98.743487] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 98.745988] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 98.748463] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 98.749721] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 98.754515] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 98.757440] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 98.766402] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 98.774639] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 98.836382] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 98.841027] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 98.845977] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 98.850759] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 98.851052] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 98.853687] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 98.866748] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 98.873155] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 98.885766] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 98.892151] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 98.895484] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 98.904740] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 98.907039] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 98.909968] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 98.911912] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 98.914651] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 98.919146] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 98.921415] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 98.933471] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 98.941738] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 98.945871] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 98.958451] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 98.958762] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 98.963633] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 98.966483] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 99.016932] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 99.018282] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 99.028540] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 99.031137] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 99.035049] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 100.786608] Bluetooth: hci0: command tx timeout [ 100.849531] Bluetooth: hci1: command tx timeout [ 100.849920] Bluetooth: hci2: command tx timeout [ 100.977502] Bluetooth: hci4: command tx timeout [ 101.041434] Bluetooth: hci3: command tx timeout [ 101.041850] Bluetooth: hci6: command tx timeout [ 101.042448] Bluetooth: hci5: command tx timeout [ 101.105717] Bluetooth: hci7: command tx timeout [ 102.834040] Bluetooth: hci0: command tx timeout [ 102.897418] Bluetooth: hci2: command tx timeout [ 102.897554] Bluetooth: hci1: command tx timeout [ 103.025388] Bluetooth: hci4: command tx timeout [ 103.090348] Bluetooth: hci5: command tx timeout [ 103.090462] Bluetooth: hci6: command tx timeout [ 103.090524] Bluetooth: hci3: command tx timeout [ 103.153524] Bluetooth: hci7: command tx timeout [ 104.882416] Bluetooth: hci0: command tx timeout [ 104.945410] Bluetooth: hci1: command tx timeout [ 104.945516] Bluetooth: hci2: command tx timeout [ 105.073489] Bluetooth: hci4: command tx timeout [ 105.137523] Bluetooth: hci3: command tx timeout [ 105.137791] Bluetooth: hci6: command tx timeout [ 105.137842] Bluetooth: hci5: command tx timeout [ 105.202692] Bluetooth: hci7: command tx timeout [ 106.930374] Bluetooth: hci0: command tx timeout [ 106.995401] Bluetooth: hci2: command tx timeout [ 106.995430] Bluetooth: hci1: command tx timeout [ 107.122411] Bluetooth: hci4: command tx timeout [ 107.187363] Bluetooth: hci3: command tx timeout [ 107.187410] Bluetooth: hci5: command tx timeout [ 107.187488] Bluetooth: hci6: command tx timeout [ 107.249580] Bluetooth: hci7: command tx timeout [ 161.877725] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 161.880126] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 161.880592] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 161.882648] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 161.891658] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 161.891913] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 161.892836] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 161.897313] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 161.899531] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 161.914700] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 161.930243] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 161.934458] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 161.938666] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 161.941013] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 161.944720] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 161.947057] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 161.950715] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 161.951574] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 161.965020] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 161.969140] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 161.974804] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 161.976191] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 161.979417] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 161.979624] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 161.985052] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 161.986610] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 161.986946] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 162.000505] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 162.007677] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 162.010055] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 162.010530] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 162.014836] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 162.019762] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 162.024406] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 162.027513] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 162.029170] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 162.031087] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 162.031591] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 162.035957] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 162.040008] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 162.055916] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 162.060093] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 162.066710] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 162.074968] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 162.075618] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 162.079375] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 162.094364] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 162.114430] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 163.953460] Bluetooth: hci0: command tx timeout [ 164.017545] Bluetooth: hci1: command tx timeout [ 164.082917] Bluetooth: hci4: command tx timeout [ 164.082992] Bluetooth: hci2: command tx timeout [ 164.145487] Bluetooth: hci3: command tx timeout [ 164.209429] Bluetooth: hci5: command tx timeout [ 164.209625] Bluetooth: hci7: command tx timeout [ 164.211347] Bluetooth: hci6: command tx timeout [ 166.003314] Bluetooth: hci0: command tx timeout [ 166.066519] Bluetooth: hci1: command tx timeout [ 166.130381] Bluetooth: hci2: command tx timeout [ 166.130476] Bluetooth: hci4: command tx timeout [ 166.193646] Bluetooth: hci3: command tx timeout [ 166.257409] Bluetooth: hci6: command tx timeout [ 166.257447] Bluetooth: hci7: command tx timeout [ 166.257518] Bluetooth: hci5: command tx timeout [ 168.050599] Bluetooth: hci0: command tx timeout [ 168.114313] Bluetooth: hci1: command tx timeout [ 168.177468] Bluetooth: hci4: command tx timeout [ 168.178395] Bluetooth: hci2: command tx timeout [ 168.242346] Bluetooth: hci3: command tx timeout [ 168.305768] Bluetooth: hci7: command tx timeout [ 168.305814] Bluetooth: hci5: command tx timeout [ 168.305904] Bluetooth: hci6: command tx timeout [ 170.098354] Bluetooth: hci0: command tx timeout [ 170.161485] Bluetooth: hci1: command tx timeout [ 170.226812] Bluetooth: hci2: command tx timeout [ 170.226957] Bluetooth: hci4: command tx timeout [ 170.290366] Bluetooth: hci3: command tx timeout [ 170.353382] Bluetooth: hci7: command tx timeout [ 170.353481] Bluetooth: hci6: command tx timeout [ 170.353532] Bluetooth: hci5: command tx timeout [ 223.800706] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 223.806510] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 223.807842] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 223.810342] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 223.810359] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 223.812383] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 223.817464] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 223.820811] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 223.826485] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 223.827639] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 223.831756] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 223.831785] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 223.867935] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 223.872635] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 223.877118] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 223.884141] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 223.886900] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 223.888792] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 223.994194] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 223.997388] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 224.003093] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 224.009993] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 224.019562] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 224.020682] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 224.043121] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 224.047552] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 224.049841] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 224.053451] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 224.061485] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 224.076400] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 224.079686] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 224.088848] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 224.097547] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 224.099626] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 224.103545] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 224.124703] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 224.196713] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 224.200666] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 224.201896] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 224.206983] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 224.210311] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 224.211836] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 224.280972] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 224.289683] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 224.293867] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 224.333646] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 224.342590] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 224.343813] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 225.906596] Bluetooth: hci0: command tx timeout [ 225.906957] Bluetooth: hci1: command tx timeout [ 225.969378] Bluetooth: hci2: command tx timeout [ 226.097468] Bluetooth: hci3: command tx timeout [ 226.226311] Bluetooth: hci5: command tx timeout [ 226.226713] Bluetooth: hci4: command tx timeout [ 226.291354] Bluetooth: hci6: command tx timeout [ 226.418361] Bluetooth: hci7: command tx timeout [ 227.954414] Bluetooth: hci0: command tx timeout [ 227.954534] Bluetooth: hci1: command tx timeout [ 228.018364] Bluetooth: hci2: command tx timeout [ 228.146486] Bluetooth: hci3: command tx timeout [ 228.273556] Bluetooth: hci5: command tx timeout [ 228.273720] Bluetooth: hci4: command tx timeout [ 228.337480] Bluetooth: hci6: command tx timeout [ 228.465393] Bluetooth: hci7: command tx timeout [ 230.003324] Bluetooth: hci0: command tx timeout [ 230.003423] Bluetooth: hci1: command tx timeout [ 230.065381] Bluetooth: hci2: command tx timeout [ 230.194393] Bluetooth: hci3: command tx timeout [ 230.322384] Bluetooth: hci4: command tx timeout [ 230.322487] Bluetooth: hci5: command tx timeout [ 230.386348] Bluetooth: hci6: command tx timeout [ 230.514323] Bluetooth: hci7: command tx timeout [ 232.049784] Bluetooth: hci1: command tx timeout [ 232.050192] Bluetooth: hci0: command tx timeout [ 232.113624] Bluetooth: hci2: command tx timeout [ 232.241530] Bluetooth: hci3: command tx timeout [ 232.369444] Bluetooth: hci4: command tx timeout [ 232.369631] Bluetooth: hci5: command tx timeout [ 232.433396] Bluetooth: hci6: command tx timeout [ 232.561527] Bluetooth: hci7: command tx timeout [ 285.823782] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 285.829750] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 285.832088] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 285.839350] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 285.845352] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 285.850132] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 286.023832] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 286.026547] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 286.031680] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 286.038060] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 286.043107] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 286.045648] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 286.097350] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 286.104820] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 286.108941] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 286.114215] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 286.117038] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 286.119676] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 286.232705] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 286.242668] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 286.248482] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 286.258778] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 286.266811] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 286.269713] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 286.324601] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 286.329445] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 286.332944] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 286.335656] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 286.350683] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 286.354850] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 286.360528] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 286.365892] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 286.379751] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 286.427968] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 286.442339] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 286.451918] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 286.459695] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 286.478604] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 286.481879] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 286.485616] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 286.502839] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 286.506684] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 286.520704] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 286.530714] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 286.538474] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 286.579093] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 286.581773] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 286.582890] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 287.921435] Bluetooth: hci0: command tx timeout [ 288.114453] Bluetooth: hci1: command tx timeout [ 288.177496] Bluetooth: hci2: command tx timeout [ 288.369374] Bluetooth: hci3: command tx timeout [ 288.433378] Bluetooth: hci4: command tx timeout [ 288.562375] Bluetooth: hci5: command tx timeout [ 288.753517] Bluetooth: hci7: command tx timeout [ 288.753940] Bluetooth: hci6: command tx timeout [ 289.969332] Bluetooth: hci0: command tx timeout [ 290.161406] Bluetooth: hci1: command tx timeout [ 290.226466] Bluetooth: hci2: command tx timeout [ 290.419292] Bluetooth: hci3: command tx timeout [ 290.481317] Bluetooth: hci4: command tx timeout [ 290.610334] Bluetooth: hci5: command tx timeout [ 290.802463] Bluetooth: hci6: command tx timeout [ 290.802678] Bluetooth: hci7: command tx timeout [ 292.020290] Bluetooth: hci0: command tx timeout [ 292.209744] Bluetooth: hci1: command tx timeout [ 292.273340] Bluetooth: hci2: command tx timeout [ 292.466722] Bluetooth: hci3: command tx timeout [ 292.529454] Bluetooth: hci4: command tx timeout [ 292.659287] Bluetooth: hci5: command tx timeout [ 292.850533] Bluetooth: hci6: command tx timeout [ 292.851511] Bluetooth: hci7: command tx timeout [ 294.066485] Bluetooth: hci0: command tx timeout [ 294.257392] Bluetooth: hci1: command tx timeout [ 294.321586] Bluetooth: hci2: command tx timeout [ 294.516283] Bluetooth: hci3: command tx timeout [ 294.577485] Bluetooth: hci4: command tx timeout [ 294.705690] Bluetooth: hci5: command tx timeout [ 294.897482] Bluetooth: hci7: command tx timeout [ 294.897824] Bluetooth: hci6: command tx timeout [ 343.107562] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 343.107697] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 343.466551] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 343.466656] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 344.561791] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 344.561884] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 344.770113] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 344.770197] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 345.074042] audit: type=1400 audit(1737214571.620:8): avc: denied { open } for pid=13859 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 345.074388] audit: type=1400 audit(1737214571.621:9): avc: denied { kernel } for pid=13859 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 15:36:11 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sysfs$3(0x3) 15:36:12 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sysfs$3(0x3) 15:36:12 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sysfs$3(0x3) 15:36:12 executing program 3: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$PTP_PEROUT_REQUEST(r0, 0x40383d03, 0x0) 15:36:12 executing program 3: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$PTP_PEROUT_REQUEST(r0, 0x40383d03, 0x0) 15:36:12 executing program 3: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$PTP_PEROUT_REQUEST(r0, 0x40383d03, 0x0) 15:36:12 executing program 3: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$PTP_PEROUT_REQUEST(r0, 0x40383d03, 0x0) 15:36:12 executing program 3: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$PTP_PEROUT_REQUEST(r0, 0x40383d03, 0x0) [ 346.325377] [ 346.325623] ====================================================== [ 346.326234] WARNING: possible circular locking dependency detected [ 346.326839] 6.13.0-rc7-next-20250117 #1 Not tainted [ 346.327322] ------------------------------------------------------ [ 346.328970] kworker/u8:1/65 is trying to acquire lock: [ 346.330085] ffffffff8621b968 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 346.332520] [ 346.332520] but task is already holding lock: [ 346.333635] ffff88803b258768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 346.335445] [ 346.335445] which lock already depends on the new lock. [ 346.335445] [ 346.336783] [ 346.336783] the existing dependency chain (in reverse order) is: [ 346.337454] [ 346.337454] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 346.338106] __mutex_lock+0x13d/0xb50 [ 346.338570] wiphy_register+0x1b2e/0x25d0 [ 346.339057] ieee80211_register_hw+0x23a4/0x3d60 [ 346.339567] mac80211_hwsim_new_radio+0x2759/0x4d50 [ 346.340107] init_mac80211_hwsim+0x389/0x870 [ 346.340621] do_one_initcall+0xf9/0x640 [ 346.341097] kernel_init_freeable+0x53d/0x7a0 [ 346.341624] kernel_init+0x1e/0x2d0 [ 346.342042] ret_from_fork+0x48/0x80 [ 346.342478] ret_from_fork_asm+0x1a/0x30 [ 346.342966] [ 346.342966] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 346.343579] __lock_acquire+0x29fd/0x4580 [ 346.344057] lock_acquire+0x19b/0x520 [ 346.344483] __mutex_lock+0x13d/0xb50 [ 346.344916] unregister_netdevice_many_notify+0x1612/0x1c80 [ 346.345499] unregister_netdevice_queue+0x224/0x2e0 [ 346.346020] _cfg80211_unregister_wdev+0x57b/0x700 [ 346.346571] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 346.347085] ieee80211_unregister_hw+0x55/0x3a0 [ 346.347583] hwsim_exit_net+0x3a0/0x730 [ 346.348015] ops_exit_list+0xb3/0x180 [ 346.348458] cleanup_net+0x546/0xad0 [ 346.348896] process_one_work+0x8ee/0x1a10 [ 346.349417] worker_thread+0x674/0xe70 [ 346.349889] kthread+0x3ab/0x720 [ 346.350316] ret_from_fork+0x48/0x80 [ 346.350757] ret_from_fork_asm+0x1a/0x30 [ 346.351243] [ 346.351243] other info that might help us debug this: [ 346.351243] [ 346.351948] Possible unsafe locking scenario: [ 346.351948] [ 346.352505] CPU0 CPU1 [ 346.352921] ---- ---- [ 346.353354] lock(&rdev->wiphy.mtx); [ 346.353756] lock(rtnl_mutex); [ 346.354338] lock(&rdev->wiphy.mtx); [ 346.354967] lock(rtnl_mutex); [ 346.355330] [ 346.355330] *** DEADLOCK *** [ 346.355330] [ 346.355901] 4 locks held by kworker/u8:1/65: [ 346.356314] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 346.357293] #1: ffff88800b89fd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 346.358261] #2: ffffffff8620f810 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 346.359113] #3: ffff88803b258768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 346.360116] [ 346.360116] stack backtrace: [ 346.360557] CPU: 1 UID: 0 PID: 65 Comm: kworker/u8:1 Not tainted 6.13.0-rc7-next-20250117 #1 [ 346.361358] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 346.362123] Workqueue: netns cleanup_net [ 346.362535] Call Trace: [ 346.362787] [ 346.363014] dump_stack_lvl+0xca/0x120 [ 346.363428] print_circular_bug+0x47b/0x750 [ 346.363854] check_noncircular+0x2e9/0x3c0 [ 346.364257] ? __pfx_check_noncircular+0x10/0x10 [ 346.364700] ? hlock_class+0x4e/0x130 [ 346.365056] ? srso_return_thunk+0x5/0x5f [ 346.365471] ? mark_lock+0xac/0xed0 [ 346.365854] ? lockdep_lock+0xba/0x1b0 [ 346.366287] ? __pfx_lockdep_lock+0x10/0x10 [ 346.366750] __lock_acquire+0x29fd/0x4580 [ 346.367190] ? __pfx___lock_acquire+0x10/0x10 [ 346.367652] ? lock_release+0x20f/0x6f0 [ 346.368062] ? __pfx_lock_release+0x10/0x10 [ 346.368500] ? srso_return_thunk+0x5/0x5f [ 346.368936] lock_acquire+0x19b/0x520 [ 346.369351] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 346.369939] ? __pfx_lock_acquire+0x10/0x10 [ 346.370389] ? __pfx_lock_release+0x10/0x10 [ 346.370834] ? __pfx_try_to_wake_up+0x10/0x10 [ 346.371290] ? srso_return_thunk+0x5/0x5f [ 346.371700] ? lock_is_held_type+0x9e/0x120 [ 346.372122] ? srso_return_thunk+0x5/0x5f [ 346.372539] __mutex_lock+0x13d/0xb50 [ 346.372915] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 346.373465] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 346.374002] ? srso_return_thunk+0x5/0x5f [ 346.374409] ? synchronize_rcu_expedited+0x38a/0x420 [ 346.374889] ? __pfx___mutex_lock+0x10/0x10 [ 346.375311] ? srso_return_thunk+0x5/0x5f [ 346.375726] ? srso_return_thunk+0x5/0x5f [ 346.376138] ? kasan_quarantine_put+0x84/0x1e0 [ 346.376619] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 346.377076] ? srso_return_thunk+0x5/0x5f [ 346.377509] unregister_netdevice_many_notify+0x1612/0x1c80 [ 346.378030] ? lock_release+0x20f/0x6f0 [ 346.378414] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 346.378967] ? srso_return_thunk+0x5/0x5f [ 346.379392] ? srso_return_thunk+0x5/0x5f [ 346.379831] ? wake_up_q+0x9e/0x140 [ 346.380209] ? srso_return_thunk+0x5/0x5f [ 346.380646] ? rwsem_wake.isra.0+0xc3/0x110 [ 346.381095] ? __pfx_rwsem_wake.isra.0+0x10/0x10 [ 346.381599] ? srso_return_thunk+0x5/0x5f [ 346.382051] unregister_netdevice_queue+0x224/0x2e0 [ 346.382558] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 346.383099] ? up_write+0x208/0x520 [ 346.383495] _cfg80211_unregister_wdev+0x57b/0x700 [ 346.383993] ? srso_return_thunk+0x5/0x5f [ 346.384426] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 346.384902] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 346.385455] ? srso_return_thunk+0x5/0x5f [ 346.385889] ? srso_return_thunk+0x5/0x5f [ 346.386325] ? synchronize_rcu+0x1ff/0x260 [ 346.386750] ieee80211_unregister_hw+0x55/0x3a0 [ 346.387190] hwsim_exit_net+0x3a0/0x730 [ 346.387599] ? __pfx_hwsim_exit_net+0x10/0x10 [ 346.388059] ? srso_return_thunk+0x5/0x5f [ 346.388501] ? netdev_run_todo+0x788/0x1040 [ 346.388934] ? srso_return_thunk+0x5/0x5f [ 346.389352] ? __pfx_hwsim_exit_net+0x10/0x10 [ 346.389820] ops_exit_list+0xb3/0x180 [ 346.390218] cleanup_net+0x546/0xad0 [ 346.390611] ? __pfx_cleanup_net+0x10/0x10 [ 346.391054] process_one_work+0x8ee/0x1a10 [ 346.391522] ? __pfx_lock_acquire+0x10/0x10 [ 346.391967] ? __pfx_process_one_work+0x10/0x10 [ 346.392423] ? srso_return_thunk+0x5/0x5f [ 346.392850] ? move_linked_works+0x172/0x270 [ 346.393311] ? srso_return_thunk+0x5/0x5f [ 346.393739] ? assign_work+0x196/0x240 [ 346.394128] worker_thread+0x674/0xe70 [ 346.394526] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 346.395056] ? srso_return_thunk+0x5/0x5f [ 346.395495] ? __pfx_worker_thread+0x10/0x10 [ 346.395957] kthread+0x3ab/0x720 [ 346.396327] ? __pfx_kthread+0x10/0x10 [ 346.396737] ? srso_return_thunk+0x5/0x5f [ 346.397167] ? finish_task_switch.isra.0+0x206/0x840 [ 346.397699] ? __pfx_kthread+0x10/0x10 [ 346.398100] ret_from_fork+0x48/0x80 [ 346.398455] ? __pfx_kthread+0x10/0x10 [ 346.398842] ret_from_fork_asm+0x1a/0x30 [ 346.399256] [ 348.098053] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 348.102481] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 348.105196] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 348.107303] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 348.109205] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 348.111390] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 348.113870] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 348.116294] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 348.117039] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 348.124626] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 348.128069] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 348.130041] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 348.238281] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 348.248654] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 348.257623] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 348.258045] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 348.261781] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 348.273703] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 348.284672] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 348.288289] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 348.290863] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 348.293617] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 348.297864] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 348.302984] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 348.305541] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 348.310671] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 348.310910] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 348.314315] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 348.330388] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 348.341163] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 348.455686] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 348.456366] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 348.457131] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 348.459539] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 348.461180] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 348.462402] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 348.463731] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 348.484792] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 348.527471] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 348.533434] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 348.535823] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 348.551457] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 350.193484] Bluetooth: hci1: command tx timeout [ 350.194135] Bluetooth: hci0: command tx timeout [ 350.385338] Bluetooth: hci3: command tx timeout [ 350.385358] Bluetooth: hci2: command tx timeout [ 350.385416] Bluetooth: hci4: command tx timeout [ 350.577316] Bluetooth: hci7: command tx timeout [ 350.641434] Bluetooth: hci5: command tx timeout [ 352.243272] Bluetooth: hci1: command tx timeout [ 352.243308] Bluetooth: hci0: command tx timeout [ 352.434260] Bluetooth: hci3: command tx timeout [ 352.434291] Bluetooth: hci4: command tx timeout [ 352.434346] Bluetooth: hci2: command tx timeout [ 352.625291] Bluetooth: hci7: command tx timeout [ 352.689288] Bluetooth: hci5: command tx timeout [ 354.291289] Bluetooth: hci1: command tx timeout [ 354.291316] Bluetooth: hci0: command tx timeout [ 354.481342] Bluetooth: hci2: command tx timeout [ 354.481368] Bluetooth: hci3: command tx timeout [ 354.481422] Bluetooth: hci4: command tx timeout [ 354.673284] Bluetooth: hci7: command tx timeout [ 354.737272] Bluetooth: hci5: command tx timeout VM DIAGNOSIS: 15:36:13 Registers: info registers vcpu 0 RAX=ffff88802fee0001 RBX=0000000000000001 RCX=0000000000000001 RDX=ffff88802fedfa01 RSI=ffff88802fedfa38 RDI=ffff88802fedf9a8 RBP=ffff88802fedf9f0 RSP=ffff88802fedf8d8 R8 =ffffffff86789dd4 R9 =ffff88802fedf9d8 R10=000000000003ab4d R11=000000000000433c R12=ffff88802fedf9f8 R13=ffff88802fedf9e0 R14=ffff88802fedfa40 R15=ffff88802fedf998 RIP=ffffffff813498b0 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f6ab84f58c0 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f6ab7bb9344 CR3=000000000d55e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000000000000000000000 XMM03=ff0000000000ff00000000ff000000ff XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=000000050000000900005555dbec4950 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=2064616572206f742064656c69614600 XMM09=00000000000000000000000000000000 XMM10=00000000000020000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000033 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8283cdc5 RDI=ffffffff886930a0 RBP=ffffffff88693060 RSP=ffff88800b89ebb8 R8 =0000000000000001 R9 =ffffed1001713d67 R10=0000000000000033 R11=6f6c206863696877 R12=0000000000000033 R13=0000000000000001 R14=ffff888008fea018 R15=ffff88800b89eeb8 RIP=ffffffff8283ce1d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00005555dbea1070 CR3=000000001b5d8000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00ffffffffffffffffff000000000000 XMM01=7522004f544f47202c0065766f6d6572 XMM02=ffffff0f0e0d0c0b0a09080706050403 XMM03=696e656420737365636341002f737973 XMM04=00005555dbec4c4000005555dbee9bf0 XMM05=0100ff00ff00020200000000ffffffff XMM06=000000020000000400005555dbebe860 XMM07=00000000000000000000000000000000 XMM08=2f63697361622f6372732f2e2e000d0a XMM09=00000000000000000000000000000000 XMM10=00000000000020000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000