Warning: Permanently added '[localhost]:17853' (ECDSA) to the list of known hosts. 2025/01/18 18:19:17 fuzzer started 2025/01/18 18:19:17 dialing manager at localhost:44245 syzkaller login: [ 77.235373] cgroup: Unknown subsys name 'net' [ 77.337400] cgroup: Unknown subsys name 'cpuset' [ 77.369391] cgroup: Unknown subsys name 'rlimit' [ 83.340079] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 93.617596] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/18 18:19:34 syscalls: 2217 2025/01/18 18:19:34 code coverage: enabled 2025/01/18 18:19:34 comparison tracing: enabled 2025/01/18 18:19:34 extra coverage: enabled 2025/01/18 18:19:34 setuid sandbox: enabled 2025/01/18 18:19:34 namespace sandbox: enabled 2025/01/18 18:19:34 Android sandbox: enabled 2025/01/18 18:19:34 fault injection: enabled 2025/01/18 18:19:34 leak checking: enabled 2025/01/18 18:19:34 net packet injection: enabled 2025/01/18 18:19:34 net device setup: enabled 2025/01/18 18:19:34 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/18 18:19:34 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/18 18:19:34 USB emulation: enabled 2025/01/18 18:19:34 hci packet injection: enabled 2025/01/18 18:19:34 wifi device emulation: enabled 2025/01/18 18:19:34 802.15.4 emulation: enabled 2025/01/18 18:19:34 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/18 18:19:34 fetching corpus: 50, signal 21087/24312 (executing program) 2025/01/18 18:19:35 fetching corpus: 100, signal 34547/38620 (executing program) 2025/01/18 18:19:35 fetching corpus: 150, signal 44194/48866 (executing program) 2025/01/18 18:19:35 fetching corpus: 200, signal 48327/53814 (executing program) 2025/01/18 18:19:35 fetching corpus: 250, signal 54048/59996 (executing program) 2025/01/18 18:19:35 fetching corpus: 300, signal 60036/66234 (executing program) 2025/01/18 18:19:35 fetching corpus: 350, signal 63577/70140 (executing program) 2025/01/18 18:19:35 fetching corpus: 400, signal 67393/74075 (executing program) 2025/01/18 18:19:36 fetching corpus: 450, signal 71026/77770 (executing program) 2025/01/18 18:19:36 fetching corpus: 500, signal 74342/81068 (executing program) 2025/01/18 18:19:36 fetching corpus: 550, signal 77973/84439 (executing program) 2025/01/18 18:19:36 fetching corpus: 600, signal 80349/86804 (executing program) 2025/01/18 18:19:36 fetching corpus: 650, signal 83061/89275 (executing program) 2025/01/18 18:19:37 fetching corpus: 700, signal 85342/91321 (executing program) 2025/01/18 18:19:37 fetching corpus: 750, signal 86804/92764 (executing program) 2025/01/18 18:19:37 fetching corpus: 800, signal 88928/94586 (executing program) 2025/01/18 18:19:37 fetching corpus: 850, signal 90989/96277 (executing program) 2025/01/18 18:19:37 fetching corpus: 900, signal 92859/97741 (executing program) 2025/01/18 18:19:38 fetching corpus: 950, signal 95165/99432 (executing program) 2025/01/18 18:19:38 fetching corpus: 1000, signal 96573/100523 (executing program) 2025/01/18 18:19:38 fetching corpus: 1050, signal 98157/101624 (executing program) 2025/01/18 18:19:38 fetching corpus: 1100, signal 99397/102508 (executing program) 2025/01/18 18:19:38 fetching corpus: 1150, signal 100665/103362 (executing program) 2025/01/18 18:19:39 fetching corpus: 1200, signal 102363/104386 (executing program) 2025/01/18 18:19:39 fetching corpus: 1250, signal 104512/105597 (executing program) 2025/01/18 18:19:39 fetching corpus: 1266, signal 104934/105827 (executing program) 2025/01/18 18:19:39 fetching corpus: 1266, signal 104934/105854 (executing program) 2025/01/18 18:19:39 fetching corpus: 1266, signal 104934/105884 (executing program) 2025/01/18 18:19:39 fetching corpus: 1266, signal 104934/105932 (executing program) 2025/01/18 18:19:39 fetching corpus: 1266, signal 104934/105956 (executing program) 2025/01/18 18:19:39 fetching corpus: 1266, signal 104934/105987 (executing program) 2025/01/18 18:19:39 fetching corpus: 1266, signal 104934/106016 (executing program) 2025/01/18 18:19:39 fetching corpus: 1266, signal 104934/106040 (executing program) 2025/01/18 18:19:39 fetching corpus: 1266, signal 104934/106077 (executing program) 2025/01/18 18:19:39 fetching corpus: 1266, signal 104934/106111 (executing program) 2025/01/18 18:19:39 fetching corpus: 1266, signal 104934/106132 (executing program) 2025/01/18 18:19:39 fetching corpus: 1266, signal 104934/106169 (executing program) 2025/01/18 18:19:39 fetching corpus: 1266, signal 104934/106207 (executing program) 2025/01/18 18:19:39 fetching corpus: 1266, signal 104934/106231 (executing program) 2025/01/18 18:19:39 fetching corpus: 1266, signal 104934/106260 (executing program) 2025/01/18 18:19:39 fetching corpus: 1266, signal 104934/106289 (executing program) 2025/01/18 18:19:39 fetching corpus: 1266, signal 104934/106330 (executing program) 2025/01/18 18:19:39 fetching corpus: 1266, signal 104934/106360 (executing program) 2025/01/18 18:19:39 fetching corpus: 1266, signal 104934/106401 (executing program) 2025/01/18 18:19:39 fetching corpus: 1266, signal 104934/106443 (executing program) 2025/01/18 18:19:39 fetching corpus: 1266, signal 104934/106477 (executing program) 2025/01/18 18:19:39 fetching corpus: 1266, signal 104934/106515 (executing program) 2025/01/18 18:19:39 fetching corpus: 1266, signal 104934/106547 (executing program) 2025/01/18 18:19:39 fetching corpus: 1266, signal 104934/106573 (executing program) 2025/01/18 18:19:39 fetching corpus: 1266, signal 104934/106600 (executing program) 2025/01/18 18:19:39 fetching corpus: 1266, signal 104934/106626 (executing program) 2025/01/18 18:19:39 fetching corpus: 1266, signal 104934/106658 (executing program) 2025/01/18 18:19:39 fetching corpus: 1266, signal 104934/106667 (executing program) 2025/01/18 18:19:39 fetching corpus: 1266, signal 104934/106667 (executing program) 2025/01/18 18:19:43 starting 8 fuzzer processes 18:19:43 executing program 0: mmap$IORING_OFF_SQ_RING(&(0x7f0000ff4000/0x3000)=nil, 0x7ffffffff000, 0x0, 0x30, 0xffffffffffffffff, 0x0) 18:19:43 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0003}]}) ioprio_set$pid(0x2, 0x0, 0x0) [ 102.833045] audit: type=1400 audit(1737224383.685:7): avc: denied { execmem } for pid=272 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 18:19:43 executing program 4: getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)) 18:19:43 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x4041, &(0x7f00000001c0), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/if_inet6\x00') preadv(r1, &(0x7f0000000340)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1, 0x0, 0x0) syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 18:19:43 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000340)={0x15, 0x65, 0xffff, 0x10000, 0x8, '9P2000.L'}, 0x15) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 18:19:43 executing program 5: r0 = socket$unix(0x1, 0x5, 0x0) ppoll(&(0x7f0000000040)=[{r0, 0x208}], 0x1, 0x0, 0x0, 0x0) 18:19:43 executing program 6: r0 = shmget$private(0x0, 0x2000, 0x54001b05, &(0x7f0000ffa000/0x2000)=nil) shmat(r0, &(0x7f0000400000/0xc00000)=nil, 0x7000) shmctl$SHM_LOCK(r0, 0xb) r1 = socket$inet6_udp(0xa, 0x2, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) r2 = shmget$private(0x0, 0x2000, 0x54001b05, &(0x7f0000ffa000/0x2000)=nil) shmat(r2, &(0x7f0000400000/0xc00000)=nil, 0x7000) sendmmsg$inet6(r1, &(0x7f0000003700)=[{{&(0x7f0000000000)={0xa, 0x4e24, 0x0, @private2}, 0x1c, 0x0, 0x0, &(0x7f0000000240)=[@flowinfo={{0x14, 0x29, 0xb, 0xa4d}}], 0x18}}], 0x1, 0x0) 18:19:43 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000bc0)={0x0, 0x6}, 0x14) [ 104.182849] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 104.184499] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 104.185768] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 104.189022] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 104.191213] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 104.192455] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 104.389269] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 104.395773] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 104.399877] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 104.408537] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 104.413866] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 104.418241] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 104.448707] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 104.463134] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 104.475112] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 104.488949] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 104.489666] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 104.490100] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 104.503542] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 104.508631] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 104.511310] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 104.522704] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 104.523592] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 104.524164] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 104.526871] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 104.528390] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 104.532172] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 104.538142] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 104.538838] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 104.540341] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 104.541398] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 104.542026] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 104.542591] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 104.552593] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 104.558561] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 104.561039] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 104.568297] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 104.569398] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 104.576071] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 104.578523] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 104.582415] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 104.600081] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 104.600971] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 104.606975] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 104.609417] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 104.613278] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 104.614041] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 104.614437] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 106.273455] Bluetooth: hci0: command tx timeout [ 106.464994] Bluetooth: hci1: command tx timeout [ 106.529015] Bluetooth: hci2: command tx timeout [ 106.593116] Bluetooth: hci3: command tx timeout [ 106.657029] Bluetooth: hci7: command tx timeout [ 106.657074] Bluetooth: hci5: command tx timeout [ 106.657303] Bluetooth: hci4: command tx timeout [ 106.658125] Bluetooth: hci6: command tx timeout [ 108.321868] Bluetooth: hci0: command tx timeout [ 108.513908] Bluetooth: hci1: command tx timeout [ 108.577935] Bluetooth: hci2: command tx timeout [ 108.640896] Bluetooth: hci3: command tx timeout [ 108.705111] Bluetooth: hci6: command tx timeout [ 108.705259] Bluetooth: hci4: command tx timeout [ 108.706506] Bluetooth: hci5: command tx timeout [ 108.706656] Bluetooth: hci7: command tx timeout [ 110.369909] Bluetooth: hci0: command tx timeout [ 110.562006] Bluetooth: hci1: command tx timeout [ 110.625940] Bluetooth: hci2: command tx timeout [ 110.691915] Bluetooth: hci3: command tx timeout [ 110.753011] Bluetooth: hci7: command tx timeout [ 110.753116] Bluetooth: hci4: command tx timeout [ 110.754027] Bluetooth: hci6: command tx timeout [ 110.754096] Bluetooth: hci5: command tx timeout [ 112.417237] Bluetooth: hci0: command tx timeout [ 112.608941] Bluetooth: hci1: command tx timeout [ 112.673871] Bluetooth: hci2: command tx timeout [ 112.738630] Bluetooth: hci3: command tx timeout [ 112.801091] Bluetooth: hci5: command tx timeout [ 112.801790] Bluetooth: hci6: command tx timeout [ 112.801895] Bluetooth: hci4: command tx timeout [ 112.801985] Bluetooth: hci7: command tx timeout [ 167.022910] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 167.027098] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 167.032568] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 167.038388] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 167.044027] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 167.046645] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 167.141466] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 167.146399] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 167.150755] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 167.157257] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 167.160708] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 167.170658] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 167.173898] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 167.175356] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 167.179317] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 167.179759] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 167.184083] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 167.190052] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 167.195650] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 167.198165] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 167.201637] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 167.204263] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 167.208179] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 167.210562] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 167.220149] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 167.231874] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 167.232221] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 167.233734] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 167.234384] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 167.237235] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 167.237886] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 167.242168] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 167.246246] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 167.249129] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 167.251751] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 167.254391] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 167.265650] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 167.283256] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 167.289597] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 167.291994] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 167.317071] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 167.319317] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 167.351536] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 167.363047] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 167.368204] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 167.375661] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 167.378650] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 167.381269] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 169.121002] Bluetooth: hci0: command tx timeout [ 169.312913] Bluetooth: hci1: command tx timeout [ 169.313357] Bluetooth: hci4: command tx timeout [ 169.376958] Bluetooth: hci3: command tx timeout [ 169.377609] Bluetooth: hci5: command tx timeout [ 169.377777] Bluetooth: hci2: command tx timeout [ 169.441378] Bluetooth: hci6: command tx timeout [ 169.504984] Bluetooth: hci7: command tx timeout [ 171.169867] Bluetooth: hci0: command tx timeout [ 171.360997] Bluetooth: hci4: command tx timeout [ 171.361336] Bluetooth: hci1: command tx timeout [ 171.425001] Bluetooth: hci2: command tx timeout [ 171.425652] Bluetooth: hci5: command tx timeout [ 171.425700] Bluetooth: hci3: command tx timeout [ 171.488929] Bluetooth: hci6: command tx timeout [ 171.553099] Bluetooth: hci7: command tx timeout [ 173.216863] Bluetooth: hci0: command tx timeout [ 173.408893] Bluetooth: hci1: command tx timeout [ 173.408987] Bluetooth: hci4: command tx timeout [ 173.474843] Bluetooth: hci3: command tx timeout [ 173.474937] Bluetooth: hci2: command tx timeout [ 173.475001] Bluetooth: hci5: command tx timeout [ 173.536891] Bluetooth: hci6: command tx timeout [ 173.600854] Bluetooth: hci7: command tx timeout [ 175.264875] Bluetooth: hci0: command tx timeout [ 175.456964] Bluetooth: hci4: command tx timeout [ 175.457080] Bluetooth: hci1: command tx timeout [ 175.520924] Bluetooth: hci5: command tx timeout [ 175.521024] Bluetooth: hci2: command tx timeout [ 175.521120] Bluetooth: hci3: command tx timeout [ 175.586009] Bluetooth: hci6: command tx timeout [ 175.649822] Bluetooth: hci7: command tx timeout [ 225.071188] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 225.071312] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 225.358977] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 225.359065] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 225.714647] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 225.714730] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 225.967511] [ 225.967740] ====================================================== [ 225.968323] WARNING: possible circular locking dependency detected [ 225.968912] 6.13.0-rc7-next-20250117 #1 Not tainted [ 225.969385] ------------------------------------------------------ [ 225.970394] kworker/u8:0/11 is trying to acquire lock: [ 225.971659] ffffffff8621b968 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 225.973675] [ 225.973675] but task is already holding lock: [ 225.975345] ffff88801b118768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 225.977270] [ 225.977270] which lock already depends on the new lock. [ 225.977270] [ 225.979036] [ 225.979036] the existing dependency chain (in reverse order) is: [ 225.979743] [ 225.979743] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 225.980399] __mutex_lock+0x13d/0xb50 [ 225.980861] wiphy_register+0x1b2e/0x25d0 [ 225.981349] ieee80211_register_hw+0x23a4/0x3d60 [ 225.981879] mac80211_hwsim_new_radio+0x2759/0x4d50 [ 225.982456] init_mac80211_hwsim+0x389/0x870 [ 225.982979] do_one_initcall+0xf9/0x640 [ 225.983469] kernel_init_freeable+0x53d/0x7a0 [ 225.983993] kernel_init+0x1e/0x2d0 [ 225.984404] ret_from_fork+0x48/0x80 [ 225.984824] ret_from_fork_asm+0x1a/0x30 [ 225.985299] [ 225.985299] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 225.985904] __lock_acquire+0x29fd/0x4580 [ 225.986378] lock_acquire+0x19b/0x520 [ 225.986813] __mutex_lock+0x13d/0xb50 [ 225.987264] unregister_netdevice_many_notify+0x1612/0x1c80 [ 225.987874] unregister_netdevice_queue+0x224/0x2e0 [ 225.988423] _cfg80211_unregister_wdev+0x57b/0x700 [ 225.988976] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 225.989527] ieee80211_unregister_hw+0x55/0x3a0 [ 225.990043] hwsim_exit_net+0x3a0/0x730 [ 225.990501] ops_exit_list+0xb3/0x180 [ 225.990942] cleanup_net+0x546/0xad0 [ 225.991387] process_one_work+0x8ee/0x1a10 [ 225.991892] worker_thread+0x674/0xe70 [ 225.992364] kthread+0x3ab/0x720 [ 225.992787] ret_from_fork+0x48/0x80 [ 225.993213] ret_from_fork_asm+0x1a/0x30 [ 225.993696] [ 225.993696] other info that might help us debug this: [ 225.993696] [ 225.994442] Possible unsafe locking scenario: [ 225.994442] [ 225.995004] CPU0 CPU1 [ 225.995448] ---- ---- [ 225.995889] lock(&rdev->wiphy.mtx); [ 225.996289] lock(rtnl_mutex); [ 225.996869] lock(&rdev->wiphy.mtx); [ 225.997470] lock(rtnl_mutex); [ 225.997815] [ 225.997815] *** DEADLOCK *** [ 225.997815] [ 225.998370] 4 locks held by kworker/u8:0/11: [ 225.998806] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 225.999797] #1: ffff8880095dfd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 226.000756] #2: ffffffff8620f810 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 226.001646] #3: ffff88801b118768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 226.002664] [ 226.002664] stack backtrace: [ 226.003094] CPU: 0 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.13.0-rc7-next-20250117 #1 [ 226.003895] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 226.004669] Workqueue: netns cleanup_net [ 226.005082] Call Trace: [ 226.005332] [ 226.005556] dump_stack_lvl+0xca/0x120 [ 226.005971] print_circular_bug+0x47b/0x750 [ 226.006411] check_noncircular+0x2e9/0x3c0 [ 226.006833] ? srso_return_thunk+0x5/0x5f [ 226.007263] ? __pfx_check_noncircular+0x10/0x10 [ 226.007722] ? hlock_class+0x4e/0x130 [ 226.008097] ? mark_lock+0xac/0xed0 [ 226.008471] ? __pfx___resched_curr+0x10/0x10 [ 226.008933] ? lockdep_lock+0xba/0x1b0 [ 226.009348] ? __pfx_lockdep_lock+0x10/0x10 [ 226.009801] __lock_acquire+0x29fd/0x4580 [ 226.010234] ? __pfx___lock_acquire+0x10/0x10 [ 226.010688] ? lock_release+0x20f/0x6f0 [ 226.011096] ? __pfx_lock_release+0x10/0x10 [ 226.011534] lock_acquire+0x19b/0x520 [ 226.011931] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 226.012508] ? __pfx_lock_acquire+0x10/0x10 [ 226.012941] ? srso_return_thunk+0x5/0x5f [ 226.013361] ? lock_release+0x20f/0x6f0 [ 226.013762] ? srso_return_thunk+0x5/0x5f [ 226.014186] ? lock_is_held_type+0x9e/0x120 [ 226.014622] ? srso_return_thunk+0x5/0x5f [ 226.015049] __mutex_lock+0x13d/0xb50 [ 226.015447] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 226.016003] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 226.016575] ? srso_return_thunk+0x5/0x5f [ 226.017011] ? synchronize_rcu_expedited+0x38a/0x420 [ 226.017510] ? __pfx___mutex_lock+0x10/0x10 [ 226.017945] ? __pfx_autoremove_wake_function+0x10/0x10 [ 226.018472] ? srso_return_thunk+0x5/0x5f [ 226.018893] ? kasan_quarantine_put+0x84/0x1e0 [ 226.019372] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 226.019811] ? srso_return_thunk+0x5/0x5f [ 226.020237] unregister_netdevice_many_notify+0x1612/0x1c80 [ 226.020776] ? __virt_addr_valid+0x2e8/0x5d0 [ 226.021219] ? __pfx_lock_release+0x10/0x10 [ 226.021656] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 226.022241] ? find_held_lock+0x2c/0x110 [ 226.022662] ? srso_return_thunk+0x5/0x5f [ 226.023101] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 226.023620] ? srso_return_thunk+0x5/0x5f [ 226.024064] ? lock_release+0x20f/0x6f0 [ 226.024484] ? __pfx_lock_release+0x10/0x10 [ 226.024917] ? srso_return_thunk+0x5/0x5f [ 226.025368] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 226.025904] ? srso_return_thunk+0x5/0x5f [ 226.026331] unregister_netdevice_queue+0x224/0x2e0 [ 226.026826] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 226.027373] ? up_write+0x195/0x520 [ 226.027762] _cfg80211_unregister_wdev+0x57b/0x700 [ 226.028259] ? srso_return_thunk+0x5/0x5f [ 226.028695] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 226.029191] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 226.029734] ? srso_return_thunk+0x5/0x5f [ 226.030166] ? srso_return_thunk+0x5/0x5f [ 226.030597] ? synchronize_rcu+0x1ff/0x260 [ 226.031026] ieee80211_unregister_hw+0x55/0x3a0 [ 226.031505] hwsim_exit_net+0x3a0/0x730 [ 226.031912] ? __pfx_hwsim_exit_net+0x10/0x10 [ 226.032357] ? srso_return_thunk+0x5/0x5f [ 226.032776] ? netdev_run_todo+0x788/0x1040 [ 226.033214] ? __pfx_hwsim_exit_net+0x10/0x10 [ 226.033667] ops_exit_list+0xb3/0x180 [ 226.034057] cleanup_net+0x546/0xad0 [ 226.034443] ? __pfx_cleanup_net+0x10/0x10 [ 226.034879] process_one_work+0x8ee/0x1a10 [ 226.035322] ? __pfx_lock_acquire+0x10/0x10 [ 226.035749] ? __pfx_process_one_work+0x10/0x10 [ 226.036220] ? srso_return_thunk+0x5/0x5f [ 226.036640] ? move_linked_works+0x172/0x270 [ 226.037081] ? srso_return_thunk+0x5/0x5f [ 226.037512] ? assign_work+0x196/0x240 [ 226.037921] worker_thread+0x674/0xe70 [ 226.038340] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 226.038854] ? __pfx_worker_thread+0x10/0x10 [ 226.039323] kthread+0x3ab/0x720 [ 226.039687] ? __pfx_kthread+0x10/0x10 [ 226.040096] ? srso_return_thunk+0x5/0x5f [ 226.040516] ? finish_task_switch.isra.0+0x206/0x840 [ 226.041017] ? __pfx_kthread+0x10/0x10 [ 226.041418] ret_from_fork+0x48/0x80 [ 226.041782] ? __pfx_kthread+0x10/0x10 [ 226.042183] ret_from_fork_asm+0x1a/0x30 [ 226.042615] [ 228.143503] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 228.149565] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 228.151810] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 228.157155] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 228.166920] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 228.170373] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 228.335372] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 228.339046] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 228.339685] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 228.349609] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 228.351371] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 228.352600] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 228.526535] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 228.531032] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 228.531653] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 228.539051] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 228.540210] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 228.540760] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 228.664419] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 228.666684] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 228.673321] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 228.679046] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 228.680860] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 228.687120] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 228.693718] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 228.696140] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 228.700183] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 228.701551] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 228.707430] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 228.707692] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 228.750841] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 228.775230] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 228.791126] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 228.791337] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 228.791529] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 228.794122] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 228.801014] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 228.802382] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 228.804997] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 228.818419] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 228.843991] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 228.861254] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 228.862526] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 228.862717] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 228.886061] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 228.890003] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 228.899103] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 228.900125] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 230.240863] Bluetooth: hci0: command tx timeout [ 230.368850] Bluetooth: hci1: command tx timeout [ 230.625019] Bluetooth: hci2: command tx timeout [ 230.817878] Bluetooth: hci3: command tx timeout [ 230.817910] Bluetooth: hci4: command tx timeout [ 230.945900] Bluetooth: hci6: command tx timeout [ 230.945980] Bluetooth: hci7: command tx timeout [ 231.010352] Bluetooth: hci5: command tx timeout [ 232.290935] Bluetooth: hci0: command tx timeout [ 232.417001] Bluetooth: hci1: command tx timeout [ 232.673219] Bluetooth: hci2: command tx timeout [ 232.865841] Bluetooth: hci4: command tx timeout [ 232.865962] Bluetooth: hci3: command tx timeout [ 232.992835] Bluetooth: hci7: command tx timeout [ 232.992898] Bluetooth: hci6: command tx timeout [ 233.056981] Bluetooth: hci5: command tx timeout [ 234.337950] Bluetooth: hci0: command tx timeout [ 234.465805] Bluetooth: hci1: command tx timeout [ 234.721841] Bluetooth: hci2: command tx timeout [ 234.914799] Bluetooth: hci3: command tx timeout [ 234.914866] Bluetooth: hci4: command tx timeout [ 235.040968] Bluetooth: hci6: command tx timeout [ 235.041053] Bluetooth: hci7: command tx timeout [ 235.105845] Bluetooth: hci5: command tx timeout VM DIAGNOSIS: 18:21:47 Registers: info registers vcpu 0 RAX=0000000000000079 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8283cdc5 RDI=ffffffff886930a0 RBP=ffffffff88693060 RSP=ffff8880095debb8 R8 =0000000000000001 R9 =ffffed10012bbd67 R10=0000000000000079 R11=3a6b636f6c206762 R12=0000000000000079 R13=0000000000000001 R14=ffff888008fea032 R15=ffff8880095deeb8 RIP=ffffffff8283ce1d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055af1d47c490 CR3=0000000009f38000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=0000000000000000411b890000000000 XMM03=0000ff00000000000000000000000000 XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962 XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=8000000000000007 RCX=ffffffff819989d0 RDX=80000000360b4007 RSI=ffffffff819989de RDI=0000000000000005 RBP=0000000000000101 RSP=ffff888036ebf660 R8 =0000000000000000 R9 =fffff940001b059e R10=0000000000000001 R11=0000000000000000 R12=0000000000000001 R13=00007f7978cff000 R14=ffff888036ebfad8 R15=ffff888036efd7f8 RIP=ffffffff819989e2 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000562112cb5bf0 CR3=0000000009f38000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=0043016c6c6f502e726567616e614d0c XMM02=682e29646e616d6d6f632a282e637069 XMM03=00000000000000000000000000000000 XMM04=000000c00037f220000000c000403bc8 XMM05=000000c000403be0000000c00037f240 XMM06=000000c000403bf0000000c000403be8 XMM07=000000c000403c00000000c0004053b0 XMM08=000000c000405420000000c000405410 XMM09=000000c000405430000000c000403c58 XMM10=000000c000403c70000000c000405440 XMM11=000000c000403c80000000c000405450 XMM12=000000c000405470000000c000405460 XMM13=000000c000405490000000c00037f2c0 XMM14=000000c0004054b0000000c0004054a0 XMM15=000000c0004054d0000000c0004054c0