Warning: Permanently added '[localhost]:15828' (ECDSA) to the list of known hosts. 2025/01/18 18:56:33 fuzzer started 2025/01/18 18:56:34 dialing manager at localhost:44245 syzkaller login: [ 75.066604] cgroup: Unknown subsys name 'net' [ 75.177714] cgroup: Unknown subsys name 'cpuset' [ 75.215621] cgroup: Unknown subsys name 'rlimit' [ 80.013707] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 90.429026] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/18 18:56:50 syscalls: 2217 2025/01/18 18:56:50 code coverage: enabled 2025/01/18 18:56:50 comparison tracing: enabled 2025/01/18 18:56:50 extra coverage: enabled 2025/01/18 18:56:50 setuid sandbox: enabled 2025/01/18 18:56:50 namespace sandbox: enabled 2025/01/18 18:56:50 Android sandbox: enabled 2025/01/18 18:56:50 fault injection: enabled 2025/01/18 18:56:50 leak checking: enabled 2025/01/18 18:56:50 net packet injection: enabled 2025/01/18 18:56:50 net device setup: enabled 2025/01/18 18:56:50 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/18 18:56:50 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/18 18:56:50 USB emulation: enabled 2025/01/18 18:56:50 hci packet injection: enabled 2025/01/18 18:56:50 wifi device emulation: enabled 2025/01/18 18:56:50 802.15.4 emulation: enabled 2025/01/18 18:56:50 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/18 18:56:50 fetching corpus: 50, signal 19499/22786 (executing program) 2025/01/18 18:56:50 fetching corpus: 100, signal 38270/42142 (executing program) 2025/01/18 18:56:50 fetching corpus: 150, signal 45504/50160 (executing program) 2025/01/18 18:56:51 fetching corpus: 200, signal 53522/58536 (executing program) 2025/01/18 18:56:51 fetching corpus: 250, signal 58176/63641 (executing program) 2025/01/18 18:56:51 fetching corpus: 300, signal 61013/67042 (executing program) 2025/01/18 18:56:51 fetching corpus: 350, signal 64548/70876 (executing program) 2025/01/18 18:56:51 fetching corpus: 400, signal 67923/74408 (executing program) 2025/01/18 18:56:51 fetching corpus: 450, signal 70505/77268 (executing program) 2025/01/18 18:56:52 fetching corpus: 500, signal 72941/79850 (executing program) 2025/01/18 18:56:52 fetching corpus: 550, signal 77224/83750 (executing program) 2025/01/18 18:56:52 fetching corpus: 600, signal 78605/85381 (executing program) 2025/01/18 18:56:52 fetching corpus: 650, signal 81291/87884 (executing program) 2025/01/18 18:56:52 fetching corpus: 700, signal 86250/91903 (executing program) 2025/01/18 18:56:52 fetching corpus: 750, signal 87403/93141 (executing program) 2025/01/18 18:56:52 fetching corpus: 800, signal 90050/95315 (executing program) 2025/01/18 18:56:52 fetching corpus: 850, signal 92295/97075 (executing program) 2025/01/18 18:56:53 fetching corpus: 900, signal 93685/98246 (executing program) 2025/01/18 18:56:53 fetching corpus: 950, signal 95449/99597 (executing program) 2025/01/18 18:56:53 fetching corpus: 1000, signal 97112/100840 (executing program) 2025/01/18 18:56:53 fetching corpus: 1050, signal 99315/102327 (executing program) 2025/01/18 18:56:53 fetching corpus: 1100, signal 100927/103386 (executing program) 2025/01/18 18:56:53 fetching corpus: 1150, signal 102054/104131 (executing program) 2025/01/18 18:56:54 fetching corpus: 1200, signal 103146/104795 (executing program) 2025/01/18 18:56:54 fetching corpus: 1250, signal 104524/105586 (executing program) 2025/01/18 18:56:54 fetching corpus: 1268, signal 104940/105856 (executing program) 2025/01/18 18:56:54 fetching corpus: 1268, signal 104940/105884 (executing program) 2025/01/18 18:56:54 fetching corpus: 1268, signal 104940/105927 (executing program) 2025/01/18 18:56:54 fetching corpus: 1268, signal 104940/105975 (executing program) 2025/01/18 18:56:54 fetching corpus: 1268, signal 104940/106004 (executing program) 2025/01/18 18:56:54 fetching corpus: 1268, signal 104940/106040 (executing program) 2025/01/18 18:56:54 fetching corpus: 1268, signal 104940/106090 (executing program) 2025/01/18 18:56:54 fetching corpus: 1268, signal 104940/106118 (executing program) 2025/01/18 18:56:54 fetching corpus: 1268, signal 104940/106148 (executing program) 2025/01/18 18:56:54 fetching corpus: 1268, signal 104940/106179 (executing program) 2025/01/18 18:56:54 fetching corpus: 1268, signal 104940/106211 (executing program) 2025/01/18 18:56:54 fetching corpus: 1268, signal 104940/106243 (executing program) 2025/01/18 18:56:54 fetching corpus: 1268, signal 104940/106278 (executing program) 2025/01/18 18:56:54 fetching corpus: 1268, signal 104940/106309 (executing program) 2025/01/18 18:56:54 fetching corpus: 1268, signal 104940/106342 (executing program) 2025/01/18 18:56:54 fetching corpus: 1268, signal 104940/106368 (executing program) 2025/01/18 18:56:54 fetching corpus: 1268, signal 104940/106394 (executing program) 2025/01/18 18:56:54 fetching corpus: 1268, signal 104940/106420 (executing program) 2025/01/18 18:56:54 fetching corpus: 1268, signal 104940/106457 (executing program) 2025/01/18 18:56:54 fetching corpus: 1268, signal 104940/106491 (executing program) 2025/01/18 18:56:54 fetching corpus: 1268, signal 104940/106518 (executing program) 2025/01/18 18:56:54 fetching corpus: 1268, signal 104940/106542 (executing program) 2025/01/18 18:56:54 fetching corpus: 1268, signal 104940/106577 (executing program) 2025/01/18 18:56:54 fetching corpus: 1268, signal 104940/106604 (executing program) 2025/01/18 18:56:54 fetching corpus: 1268, signal 104940/106632 (executing program) 2025/01/18 18:56:54 fetching corpus: 1268, signal 104940/106658 (executing program) 2025/01/18 18:56:54 fetching corpus: 1268, signal 104940/106697 (executing program) 2025/01/18 18:56:54 fetching corpus: 1268, signal 104940/106707 (executing program) 2025/01/18 18:56:54 fetching corpus: 1268, signal 104940/106707 (executing program) 2025/01/18 18:56:58 starting 8 fuzzer processes 18:56:58 executing program 0: ioperm(0x0, 0x80, 0x414b) openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) 18:56:58 executing program 1: r0 = syz_io_uring_setup(0x1117, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) clone3(&(0x7f0000000680)={0x0, 0x0, &(0x7f0000000540), 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff], 0x1}, 0x58) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000700)=[r1], 0x1) close_range(r0, 0xffffffffffffffff, 0x0) 18:56:58 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_int(r0, 0x29, 0x35, 0x0, &(0x7f0000000080)) 18:56:58 executing program 3: sendmsg$FOU_CMD_ADD(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="3800000010dc6e00000000000000e1ffffff", @ANYRES16=0x0, @ANYBLOB="000227bd7000ffdbdf2501000000050002000a000000"], 0x1c}, 0x1, 0x0, 0x0, 0x200000c0}, 0x20000000) r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r0, &(0x7f0000000140)={0x24, @short={0x2, 0x3, 0xfffc}}, 0x14) sendto(r0, &(0x7f0000000000)="e618cf", 0x3, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) fork() signalfd(0xffffffffffffffff, &(0x7f00000011c0), 0x8) r1 = dup(0xffffffffffffffff) clone3(0x0, 0x0) epoll_create1(0x0) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000080)={0x14, 0x11, 0x11, 0x16, 0x9, 0x57, 0x0, 0xeb, 0xffffffffffffffff}) syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) close(r2) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSW(r2, 0x5403, &(0x7f00000000c0)={0x10001, 0x0, 0x0, 0x0, 0x0, "f750cbd44ad15c3b38eff8103f9c915481ee9c"}) [ 99.134735] audit: type=1400 audit(1737226618.600:7): avc: denied { execmem } for pid=271 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 18:56:58 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000300)='.\x00', 0x1630009be) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) getdents64(r1, &(0x7f0000000280)=""/116, 0x74) 18:56:58 executing program 5: syz_mount_image$iso9660(0x0, &(0x7f000000b5c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDPRL(r1, 0x89f5, &(0x7f0000000180)={'sit0\x00', 0x0}) 18:56:58 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000004c0)={'wlan1\x00', &(0x7f0000000400)=@ethtool_gstrings={0x23}}) 18:56:58 executing program 7: setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) kexec_load(0x0, 0x1, &(0x7f0000000100)=[{0x0, 0x0, 0x0, 0x8000}], 0x0) [ 100.809997] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 100.815347] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 100.817571] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 100.823920] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 100.827641] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 100.830610] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 100.832577] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 100.833033] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 100.837873] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 100.850880] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 100.869374] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 100.873593] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 100.991386] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 100.998295] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 101.012422] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 101.016094] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 101.020599] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 101.022259] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 101.031525] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 101.036432] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 101.038118] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 101.054035] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 101.058444] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 101.060726] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 101.063057] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 101.065713] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 101.069934] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 101.070654] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 101.071591] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 101.084524] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 101.087413] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 101.108463] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 101.120494] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 101.136727] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 101.137749] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 101.141016] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 101.141442] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 101.146699] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 101.150374] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 101.150636] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 101.151025] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 101.178422] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 101.187564] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 101.194565] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 101.197931] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 101.200374] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 101.203558] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 101.206354] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 102.881672] Bluetooth: hci0: command tx timeout [ 102.945661] Bluetooth: hci1: command tx timeout [ 103.137502] Bluetooth: hci3: command tx timeout [ 103.137823] Bluetooth: hci2: command tx timeout [ 103.201381] Bluetooth: hci5: command tx timeout [ 103.201774] Bluetooth: hci4: command tx timeout [ 103.265644] Bluetooth: hci7: command tx timeout [ 103.267016] Bluetooth: hci6: command tx timeout [ 104.930316] Bluetooth: hci0: command tx timeout [ 104.993288] Bluetooth: hci1: command tx timeout [ 105.186420] Bluetooth: hci2: command tx timeout [ 105.186512] Bluetooth: hci3: command tx timeout [ 105.250663] Bluetooth: hci4: command tx timeout [ 105.250750] Bluetooth: hci5: command tx timeout [ 105.314210] Bluetooth: hci6: command tx timeout [ 105.314736] Bluetooth: hci7: command tx timeout [ 106.977286] Bluetooth: hci0: command tx timeout [ 107.041249] Bluetooth: hci1: command tx timeout [ 107.233505] Bluetooth: hci3: command tx timeout [ 107.234022] Bluetooth: hci2: command tx timeout [ 107.298303] Bluetooth: hci5: command tx timeout [ 107.298458] Bluetooth: hci4: command tx timeout [ 107.362320] Bluetooth: hci6: command tx timeout [ 107.362477] Bluetooth: hci7: command tx timeout [ 109.025677] Bluetooth: hci0: command tx timeout [ 109.090362] Bluetooth: hci1: command tx timeout [ 109.282748] Bluetooth: hci2: command tx timeout [ 109.283753] Bluetooth: hci3: command tx timeout [ 109.345234] Bluetooth: hci4: command tx timeout [ 109.345759] Bluetooth: hci5: command tx timeout [ 109.409236] Bluetooth: hci7: command tx timeout [ 109.409312] Bluetooth: hci6: command tx timeout [ 162.873391] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 162.874341] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 162.874755] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 162.877294] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 162.878082] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 162.878775] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 162.892647] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 162.895450] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 162.896847] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 162.899715] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 162.901311] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 162.902377] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 162.999222] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 163.005565] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 163.012516] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 163.029877] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 163.040812] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 163.044254] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 163.127857] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 163.135452] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 163.149965] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 163.204871] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 163.214010] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 163.232792] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 163.233336] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 163.247763] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 163.248196] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 163.248752] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 163.292549] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 163.313658] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 163.314683] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 163.316644] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 163.321819] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 163.329411] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 163.337311] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 163.348284] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 163.447066] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 163.456058] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 163.467344] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 163.522187] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 163.528973] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 163.531340] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 163.539941] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 163.577062] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 163.578793] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 163.625544] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 163.634574] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 163.638576] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 164.897321] Bluetooth: hci1: command tx timeout [ 164.962347] Bluetooth: hci0: command tx timeout [ 165.090333] Bluetooth: hci2: command tx timeout [ 165.346517] Bluetooth: hci3: command tx timeout [ 165.410399] Bluetooth: hci4: command tx timeout [ 165.602222] Bluetooth: hci7: command tx timeout [ 165.730281] Bluetooth: hci5: command tx timeout [ 165.730670] Bluetooth: hci6: command tx timeout [ 166.946684] Bluetooth: hci1: command tx timeout [ 167.009242] Bluetooth: hci0: command tx timeout [ 167.137252] Bluetooth: hci2: command tx timeout [ 167.393455] Bluetooth: hci3: command tx timeout [ 167.457287] Bluetooth: hci4: command tx timeout [ 167.650210] Bluetooth: hci7: command tx timeout [ 167.777510] Bluetooth: hci5: command tx timeout [ 167.778261] Bluetooth: hci6: command tx timeout [ 168.994255] Bluetooth: hci1: command tx timeout [ 169.057221] Bluetooth: hci0: command tx timeout [ 169.187290] Bluetooth: hci2: command tx timeout [ 169.441225] Bluetooth: hci3: command tx timeout [ 169.506176] Bluetooth: hci4: command tx timeout [ 169.697333] Bluetooth: hci7: command tx timeout [ 169.826195] Bluetooth: hci5: command tx timeout [ 169.826282] Bluetooth: hci6: command tx timeout [ 171.041434] Bluetooth: hci1: command tx timeout [ 171.105483] Bluetooth: hci0: command tx timeout [ 171.233259] Bluetooth: hci2: command tx timeout [ 171.489501] Bluetooth: hci3: command tx timeout [ 171.553217] Bluetooth: hci4: command tx timeout [ 171.746251] Bluetooth: hci7: command tx timeout [ 171.874234] Bluetooth: hci5: command tx timeout [ 171.874370] Bluetooth: hci6: command tx timeout [ 223.239466] [ 223.239717] ====================================================== [ 223.240307] WARNING: possible circular locking dependency detected [ 223.240898] 6.13.0-rc7-next-20250117 #1 Not tainted [ 223.241728] ------------------------------------------------------ [ 223.243017] kworker/u8:0/11 is trying to acquire lock: [ 223.244055] ffffffff8621b968 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 223.245886] [ 223.245886] but task is already holding lock: [ 223.247477] ffff88803d420768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 223.249391] [ 223.249391] which lock already depends on the new lock. [ 223.249391] [ 223.250691] [ 223.250691] the existing dependency chain (in reverse order) is: [ 223.251410] [ 223.251410] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 223.252081] __mutex_lock+0x13d/0xb50 [ 223.252557] wiphy_register+0x1b2e/0x25d0 [ 223.253055] ieee80211_register_hw+0x23a4/0x3d60 [ 223.253592] mac80211_hwsim_new_radio+0x2759/0x4d50 [ 223.254178] init_mac80211_hwsim+0x389/0x870 [ 223.254705] do_one_initcall+0xf9/0x640 [ 223.255193] kernel_init_freeable+0x53d/0x7a0 [ 223.255712] kernel_init+0x1e/0x2d0 [ 223.256135] ret_from_fork+0x48/0x80 [ 223.256566] ret_from_fork_asm+0x1a/0x30 [ 223.257064] [ 223.257064] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 223.257681] __lock_acquire+0x29fd/0x4580 [ 223.258169] lock_acquire+0x19b/0x520 [ 223.258625] __mutex_lock+0x13d/0xb50 [ 223.259098] unregister_netdevice_many_notify+0x1612/0x1c80 [ 223.259705] unregister_netdevice_queue+0x224/0x2e0 [ 223.260252] _cfg80211_unregister_wdev+0x57b/0x700 [ 223.260812] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 223.261359] ieee80211_unregister_hw+0x55/0x3a0 [ 223.261882] hwsim_exit_net+0x3a0/0x730 [ 223.262353] ops_exit_list+0xb3/0x180 [ 223.262791] cleanup_net+0x546/0xad0 [ 223.263227] process_one_work+0x8ee/0x1a10 [ 223.263749] worker_thread+0x674/0xe70 [ 223.264217] kthread+0x3ab/0x720 [ 223.264637] ret_from_fork+0x48/0x80 [ 223.265067] ret_from_fork_asm+0x1a/0x30 [ 223.265556] [ 223.265556] other info that might help us debug this: [ 223.265556] [ 223.266308] Possible unsafe locking scenario: [ 223.266308] [ 223.266878] CPU0 CPU1 [ 223.267332] ---- ---- [ 223.267783] lock(&rdev->wiphy.mtx); [ 223.268180] lock(rtnl_mutex); [ 223.268749] lock(&rdev->wiphy.mtx); [ 223.269366] lock(rtnl_mutex); [ 223.269728] [ 223.269728] *** DEADLOCK *** [ 223.269728] [ 223.270311] 4 locks held by kworker/u8:0/11: [ 223.270758] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 223.271757] #1: ffff8880095dfd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 223.272722] #2: ffffffff8620f810 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 223.273620] #3: ffff88803d420768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 223.274640] [ 223.274640] stack backtrace: [ 223.275072] CPU: 0 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.13.0-rc7-next-20250117 #1 [ 223.275861] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 223.276625] Workqueue: netns cleanup_net [ 223.277034] Call Trace: [ 223.277285] [ 223.277510] dump_stack_lvl+0xca/0x120 [ 223.277937] print_circular_bug+0x47b/0x750 [ 223.278384] check_noncircular+0x2e9/0x3c0 [ 223.278820] ? lock_repin_lock+0x207/0x320 [ 223.279268] ? __pfx_check_noncircular+0x10/0x10 [ 223.279735] ? hlock_class+0x4e/0x130 [ 223.280116] ? mark_lock+0xac/0xed0 [ 223.280494] ? __pfx_lock_repin_lock+0x10/0x10 [ 223.280984] ? lockdep_lock+0xba/0x1b0 [ 223.281396] ? __pfx_lockdep_lock+0x10/0x10 [ 223.281851] __lock_acquire+0x29fd/0x4580 [ 223.282290] ? __pfx___lock_acquire+0x10/0x10 [ 223.282757] ? lock_release+0x20f/0x6f0 [ 223.283170] ? __pfx_lock_release+0x10/0x10 [ 223.283610] lock_acquire+0x19b/0x520 [ 223.284009] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 223.284607] ? __pfx_lock_acquire+0x10/0x10 [ 223.285057] ? srso_return_thunk+0x5/0x5f [ 223.285502] ? lock_release+0x20f/0x6f0 [ 223.285913] ? srso_return_thunk+0x5/0x5f [ 223.286377] ? lock_is_held_type+0x9e/0x120 [ 223.286854] ? srso_return_thunk+0x5/0x5f [ 223.287305] __mutex_lock+0x13d/0xb50 [ 223.287707] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 223.288294] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 223.288877] ? srso_return_thunk+0x5/0x5f [ 223.289315] ? synchronize_rcu_expedited+0x38a/0x420 [ 223.289831] ? __pfx___mutex_lock+0x10/0x10 [ 223.290289] ? __pfx_autoremove_wake_function+0x10/0x10 [ 223.290843] ? srso_return_thunk+0x5/0x5f [ 223.291285] ? kasan_quarantine_put+0x84/0x1e0 [ 223.291776] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 223.292237] ? srso_return_thunk+0x5/0x5f [ 223.292680] unregister_netdevice_many_notify+0x1612/0x1c80 [ 223.293247] ? __virt_addr_valid+0x2e8/0x5d0 [ 223.293714] ? __pfx_lock_release+0x10/0x10 [ 223.294152] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 223.294735] ? find_held_lock+0x2c/0x110 [ 223.295161] ? srso_return_thunk+0x5/0x5f [ 223.295605] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 223.296120] ? srso_return_thunk+0x5/0x5f [ 223.296559] ? lock_release+0x20f/0x6f0 [ 223.296971] ? __pfx_lock_release+0x10/0x10 [ 223.297415] ? srso_return_thunk+0x5/0x5f [ 223.297853] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 223.298377] ? srso_return_thunk+0x5/0x5f [ 223.298810] unregister_netdevice_queue+0x224/0x2e0 [ 223.299301] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 223.299836] ? up_write+0x195/0x520 [ 223.300221] _cfg80211_unregister_wdev+0x57b/0x700 [ 223.300718] ? srso_return_thunk+0x5/0x5f [ 223.301151] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 223.301648] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 223.302192] ? srso_return_thunk+0x5/0x5f [ 223.302633] ? srso_return_thunk+0x5/0x5f [ 223.303069] ? synchronize_rcu+0x1ff/0x260 [ 223.303502] ieee80211_unregister_hw+0x55/0x3a0 [ 223.303975] hwsim_exit_net+0x3a0/0x730 [ 223.304382] ? __pfx_hwsim_exit_net+0x10/0x10 [ 223.304838] ? srso_return_thunk+0x5/0x5f [ 223.305275] ? netdev_run_todo+0x788/0x1040 [ 223.305719] ? srso_return_thunk+0x5/0x5f [ 223.306169] ? __pfx_hwsim_exit_net+0x10/0x10 [ 223.306629] ops_exit_list+0xb3/0x180 [ 223.307021] cleanup_net+0x546/0xad0 [ 223.307402] ? __pfx_cleanup_net+0x10/0x10 [ 223.307837] process_one_work+0x8ee/0x1a10 [ 223.308289] ? __pfx_lock_acquire+0x10/0x10 [ 223.308724] ? __pfx_process_one_work+0x10/0x10 [ 223.309215] ? srso_return_thunk+0x5/0x5f [ 223.309651] ? move_linked_works+0x172/0x270 [ 223.310103] ? srso_return_thunk+0x5/0x5f [ 223.310531] ? assign_work+0x196/0x240 [ 223.310947] worker_thread+0x674/0xe70 [ 223.311358] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 223.311890] ? __pfx_worker_thread+0x10/0x10 [ 223.312361] kthread+0x3ab/0x720 [ 223.312732] ? __pfx_kthread+0x10/0x10 [ 223.313146] ? srso_return_thunk+0x5/0x5f [ 223.313586] ? finish_task_switch.isra.0+0x206/0x840 [ 223.314110] ? __pfx_kthread+0x10/0x10 [ 223.314524] ret_from_fork+0x48/0x80 [ 223.314903] ? __pfx_kthread+0x10/0x10 [ 223.315326] ret_from_fork_asm+0x1a/0x30 [ 223.315766] [ 225.069712] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 225.074727] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 225.084753] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 225.088954] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 225.093891] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 225.095664] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 225.195765] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 225.198913] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 225.200909] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 225.208931] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 225.212290] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 225.214561] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 225.264654] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 225.277010] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 225.279365] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 225.301442] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 225.309979] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 225.313361] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 225.481627] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 225.484925] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 225.486885] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 225.497481] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 225.501062] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 225.503746] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 225.532925] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 225.537245] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 225.542496] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 225.544526] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 225.547052] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 225.549948] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 225.552811] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 225.554793] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 225.569722] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 225.576349] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 225.586632] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 225.598812] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 225.605253] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 225.612382] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 225.618359] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 225.620295] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 225.621389] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 225.624466] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 225.625615] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 225.634408] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 225.636243] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 225.640949] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 225.681917] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 225.688078] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 227.169252] Bluetooth: hci0: command tx timeout [ 227.233162] Bluetooth: hci1: command tx timeout [ 227.361168] Bluetooth: hci2: command tx timeout [ 227.617212] Bluetooth: hci3: command tx timeout [ 227.617260] Bluetooth: hci6: command tx timeout [ 227.746736] Bluetooth: hci7: command tx timeout [ 227.809178] Bluetooth: hci5: command tx timeout [ 227.873213] Bluetooth: hci4: command tx timeout [ 229.217206] Bluetooth: hci0: command tx timeout [ 229.284146] Bluetooth: hci1: command tx timeout [ 229.409245] Bluetooth: hci2: command tx timeout [ 229.665820] Bluetooth: hci6: command tx timeout [ 229.665864] Bluetooth: hci3: command tx timeout [ 229.794196] Bluetooth: hci7: command tx timeout [ 229.858838] Bluetooth: hci5: command tx timeout [ 229.921730] Bluetooth: hci4: command tx timeout [ 231.265817] Bluetooth: hci0: command tx timeout [ 231.330141] Bluetooth: hci1: command tx timeout [ 231.457233] Bluetooth: hci2: command tx timeout [ 231.713439] Bluetooth: hci3: command tx timeout [ 231.713464] Bluetooth: hci6: command tx timeout [ 231.841144] Bluetooth: hci7: command tx timeout [ 231.905160] Bluetooth: hci5: command tx timeout [ 231.969151] Bluetooth: hci4: command tx timeout VM DIAGNOSIS: 18:59:03 Registers: info registers vcpu 0 RAX=000000000000005b RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8283cdc5 RDI=ffffffff886930a0 RBP=ffffffff88693060 RSP=ffff8880095debb8 R8 =0000000000000001 R9 =ffffed10012bbd67 R10=000000000000005b R11=3a6b636f6c206762 R12=000000000000005b R13=0000000000000001 R14=ffff888008fea001 R15=ffff8880095deeb8 RIP=ffffffff8283ce1d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055dea18f4408 CR3=0000000016aec000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000000000000000000000 XMM03=000000c00001de20000000c00072c080 XMM04=000000c00072cb00000000c00072c8c0 XMM05=000000c00072d2c0000000c00072cdc0 XMM06=000000c00072d4c0000000c00072d440 XMM07=000000c00079acf0000000c00079ac60 XMM08=00000000004643c60000000000000000 XMM09=0000000000000000000000c0000800a0 XMM10=000000c000f6828000000000004643c1 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=000000c000146660000000c000146630 XMM14=000000c0001466c0000000c000146690 XMM15=000000c0000e7080000000c0001466f0 info registers vcpu 1 RAX=0000000000000007 RBX=ffff88800ac55340 RCX=ffffffff81429a0f RDX=0000000000000000 RSI=0000000000200000 RDI=0000000000000000 RBP=0000000000200000 RSP=ffff88800bda7db0 R8 =0000000000000000 R9 =ffffed1001984f80 R10=ffff88800cc27c07 R11=ffff88800ac557f8 R12=ffff88801a5d4e79 R13=ffff88803c2a75c8 R14=ffff88800ac55340 R15=0000000000000082 RIP=ffffffff81719c48 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe4f00000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fc1c2e4d6f8 CR3=0000000016aec000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=0000000000000000411ccd6000000000 XMM03=0000ff00000000000000000000000000 XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962 XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000