Warning: Permanently added '[localhost]:22662' (ECDSA) to the list of known hosts. 2025/01/18 23:23:11 fuzzer started 2025/01/18 23:23:12 dialing manager at localhost:44245 syzkaller login: [ 77.509073] cgroup: Unknown subsys name 'net' [ 77.656565] cgroup: Unknown subsys name 'cpuset' [ 77.686297] cgroup: Unknown subsys name 'rlimit' [ 83.900301] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 94.106028] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/18 23:23:29 syscalls: 2217 2025/01/18 23:23:29 code coverage: enabled 2025/01/18 23:23:29 comparison tracing: enabled 2025/01/18 23:23:29 extra coverage: enabled 2025/01/18 23:23:29 setuid sandbox: enabled 2025/01/18 23:23:29 namespace sandbox: enabled 2025/01/18 23:23:29 Android sandbox: enabled 2025/01/18 23:23:29 fault injection: enabled 2025/01/18 23:23:29 leak checking: enabled 2025/01/18 23:23:29 net packet injection: enabled 2025/01/18 23:23:29 net device setup: enabled 2025/01/18 23:23:29 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/18 23:23:29 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/18 23:23:29 USB emulation: enabled 2025/01/18 23:23:29 hci packet injection: enabled 2025/01/18 23:23:29 wifi device emulation: enabled 2025/01/18 23:23:29 802.15.4 emulation: enabled 2025/01/18 23:23:29 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/18 23:23:29 fetching corpus: 50, signal 27348/30297 (executing program) 2025/01/18 23:23:29 fetching corpus: 100, signal 36654/40562 (executing program) 2025/01/18 23:23:29 fetching corpus: 150, signal 43477/48219 (executing program) 2025/01/18 23:23:30 fetching corpus: 200, signal 51534/56682 (executing program) 2025/01/18 23:23:30 fetching corpus: 250, signal 56414/62038 (executing program) 2025/01/18 23:23:30 fetching corpus: 300, signal 60130/66209 (executing program) 2025/01/18 23:23:30 fetching corpus: 350, signal 62558/69170 (executing program) 2025/01/18 23:23:30 fetching corpus: 400, signal 67059/73740 (executing program) 2025/01/18 23:23:31 fetching corpus: 450, signal 71092/77796 (executing program) 2025/01/18 23:23:31 fetching corpus: 500, signal 74916/81480 (executing program) 2025/01/18 23:23:31 fetching corpus: 550, signal 76957/83683 (executing program) 2025/01/18 23:23:31 fetching corpus: 600, signal 79073/85808 (executing program) 2025/01/18 23:23:31 fetching corpus: 650, signal 80575/87410 (executing program) 2025/01/18 23:23:32 fetching corpus: 700, signal 82701/89458 (executing program) 2025/01/18 23:23:32 fetching corpus: 750, signal 84514/91203 (executing program) 2025/01/18 23:23:32 fetching corpus: 800, signal 86106/92686 (executing program) 2025/01/18 23:23:32 fetching corpus: 850, signal 89504/95323 (executing program) 2025/01/18 23:23:32 fetching corpus: 900, signal 90601/96371 (executing program) 2025/01/18 23:23:32 fetching corpus: 950, signal 92892/98100 (executing program) 2025/01/18 23:23:33 fetching corpus: 1000, signal 97263/101050 (executing program) 2025/01/18 23:23:33 fetching corpus: 1050, signal 98928/102172 (executing program) 2025/01/18 23:23:33 fetching corpus: 1100, signal 100673/103323 (executing program) 2025/01/18 23:23:33 fetching corpus: 1150, signal 102111/104218 (executing program) 2025/01/18 23:23:33 fetching corpus: 1200, signal 103058/104783 (executing program) 2025/01/18 23:23:33 fetching corpus: 1250, signal 104514/105613 (executing program) 2025/01/18 23:23:34 fetching corpus: 1269, signal 104942/105883 (executing program) 2025/01/18 23:23:34 fetching corpus: 1269, signal 104942/105915 (executing program) 2025/01/18 23:23:34 fetching corpus: 1269, signal 104942/105940 (executing program) 2025/01/18 23:23:34 fetching corpus: 1269, signal 104942/105976 (executing program) 2025/01/18 23:23:34 fetching corpus: 1269, signal 104942/106012 (executing program) 2025/01/18 23:23:34 fetching corpus: 1269, signal 104942/106041 (executing program) 2025/01/18 23:23:34 fetching corpus: 1269, signal 104942/106077 (executing program) 2025/01/18 23:23:34 fetching corpus: 1269, signal 104942/106111 (executing program) 2025/01/18 23:23:34 fetching corpus: 1269, signal 104942/106136 (executing program) 2025/01/18 23:23:34 fetching corpus: 1269, signal 104942/106168 (executing program) 2025/01/18 23:23:34 fetching corpus: 1269, signal 104942/106202 (executing program) 2025/01/18 23:23:34 fetching corpus: 1269, signal 104942/106236 (executing program) 2025/01/18 23:23:34 fetching corpus: 1269, signal 104942/106277 (executing program) 2025/01/18 23:23:34 fetching corpus: 1269, signal 104942/106313 (executing program) 2025/01/18 23:23:34 fetching corpus: 1269, signal 104942/106345 (executing program) 2025/01/18 23:23:34 fetching corpus: 1269, signal 104942/106372 (executing program) 2025/01/18 23:23:34 fetching corpus: 1269, signal 104942/106405 (executing program) 2025/01/18 23:23:34 fetching corpus: 1269, signal 104942/106450 (executing program) 2025/01/18 23:23:34 fetching corpus: 1269, signal 104942/106472 (executing program) 2025/01/18 23:23:34 fetching corpus: 1269, signal 104942/106503 (executing program) 2025/01/18 23:23:34 fetching corpus: 1269, signal 104942/106536 (executing program) 2025/01/18 23:23:34 fetching corpus: 1269, signal 104942/106571 (executing program) 2025/01/18 23:23:34 fetching corpus: 1269, signal 104942/106616 (executing program) 2025/01/18 23:23:34 fetching corpus: 1269, signal 104942/106645 (executing program) 2025/01/18 23:23:34 fetching corpus: 1269, signal 104942/106677 (executing program) 2025/01/18 23:23:34 fetching corpus: 1269, signal 104942/106710 (executing program) 2025/01/18 23:23:34 fetching corpus: 1269, signal 104942/106740 (executing program) 2025/01/18 23:23:34 fetching corpus: 1269, signal 104942/106753 (executing program) 2025/01/18 23:23:34 fetching corpus: 1269, signal 104942/106753 (executing program) 2025/01/18 23:23:38 starting 8 fuzzer processes 23:23:38 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000001480)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f0000000000)=@reiserfs_6={0x18, 0xfe, {0x4}}, 0x0) 23:23:38 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000500), 0xffffffffffffffff) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000380)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x24}}, 0x0) 23:23:38 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1c50c2, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f0000000100)={{0x1, 0x1, 0x18, r0, {0x2}}, './file1\x00'}) 23:23:38 executing program 3: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_PASTESEL(r0, 0x5422, 0x0) 23:23:38 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)=[{&(0x7f0000000e80)={0x18, 0x6a, 0x101, 0x0, 0x0, "", [@typed={0xfdb1, 0x0, 0x0, 0x0, @u32}, @generic="eee47f1a4245b752734ae0de8e40a98f4395e8fe3738fd1951fe965f01504300742181fc623ebf32bc99b6c3efe85cc691d77eb63fe8f43036e5ed4657006cb725f6f136ddbbf71d8c7ff824618a14245923913d936c53191a9b1a38b9a9947bb3322cb760e3bc33b67cf8aff2da28006c68b2c6136063a13916d182d9cdf98a994cb61cfd38229a66dc1554b922eba44f7c85880a9c03bc4bdf7b0679fa1693e9e1cf131e31a06990f3b7f0995e057dfd9cea87f9438c995ef3063562dac6cf3c837a"]}, 0x18}], 0x1}, 0x0) 23:23:38 executing program 5: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xbc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = dup2(r0, r1) syncfs(r2) [ 103.197189] audit: type=1400 audit(1737242618.174:7): avc: denied { execmem } for pid=275 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 23:23:38 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xbc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 23:23:38 executing program 7: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='oom_score_adj\x00') lseek(r0, 0x0, 0x1) [ 104.499285] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 104.501134] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 104.502147] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 104.506258] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 104.507918] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 104.508927] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 104.685854] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 104.692411] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 104.703566] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 104.708704] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 104.709786] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 104.712776] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 104.713617] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 104.717523] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 104.719768] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 104.720727] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 104.724629] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 104.725812] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 104.731256] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 104.733000] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 104.734064] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 104.738510] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 104.745867] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 104.755904] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 104.757812] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 104.760639] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 104.761965] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 104.763549] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 104.764483] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 104.766053] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 104.767841] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 104.768992] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 104.771476] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 104.772873] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 104.774149] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 104.775261] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 104.776500] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 104.778797] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 104.780686] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 104.781109] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 104.791555] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 104.796527] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 104.798532] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 104.816784] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 104.825526] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 104.851579] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 104.871531] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 104.898011] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 106.590569] Bluetooth: hci0: command tx timeout [ 106.781491] Bluetooth: hci2: command tx timeout [ 106.845786] Bluetooth: hci3: command tx timeout [ 106.845813] Bluetooth: hci4: command tx timeout [ 106.846390] Bluetooth: hci6: command tx timeout [ 106.846581] Bluetooth: hci1: command tx timeout [ 106.847023] Bluetooth: hci5: command tx timeout [ 107.037555] Bluetooth: hci7: command tx timeout [ 108.638555] Bluetooth: hci0: command tx timeout [ 108.829467] Bluetooth: hci2: command tx timeout [ 108.893659] Bluetooth: hci6: command tx timeout [ 108.894232] Bluetooth: hci1: command tx timeout [ 108.894308] Bluetooth: hci5: command tx timeout [ 108.894654] Bluetooth: hci3: command tx timeout [ 108.894724] Bluetooth: hci4: command tx timeout [ 109.085398] Bluetooth: hci7: command tx timeout [ 110.685428] Bluetooth: hci0: command tx timeout [ 110.877493] Bluetooth: hci2: command tx timeout [ 110.941514] Bluetooth: hci6: command tx timeout [ 110.941635] Bluetooth: hci4: command tx timeout [ 110.941747] Bluetooth: hci1: command tx timeout [ 110.941824] Bluetooth: hci3: command tx timeout [ 110.941899] Bluetooth: hci5: command tx timeout [ 111.133948] Bluetooth: hci7: command tx timeout [ 112.733517] Bluetooth: hci0: command tx timeout [ 112.927429] Bluetooth: hci2: command tx timeout [ 112.989766] Bluetooth: hci5: command tx timeout [ 112.990861] Bluetooth: hci3: command tx timeout [ 112.990958] Bluetooth: hci1: command tx timeout [ 112.991041] Bluetooth: hci4: command tx timeout [ 112.991123] Bluetooth: hci6: command tx timeout [ 113.182613] Bluetooth: hci7: command tx timeout [ 164.936302] syz-executor.3 (281) used greatest stack depth: 23712 bytes left [ 167.980534] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 167.983807] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 167.985891] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 167.993596] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 167.996949] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 167.998985] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 168.170541] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 168.177794] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 168.181829] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 168.181919] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 168.197546] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 168.198075] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 168.208791] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 168.209528] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 168.210883] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 168.247824] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 168.253992] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 168.257044] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 168.281754] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 168.291770] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 168.297115] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 168.302701] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 168.307510] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 168.309702] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 168.574234] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 168.576563] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 168.586807] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 168.615834] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 168.622546] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 168.639634] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 168.639843] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 168.640023] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 168.650118] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 168.656558] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 168.656814] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 168.665803] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 168.671901] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 168.680712] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 168.687442] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 168.687530] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 168.704556] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 168.709054] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 168.710977] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 168.719199] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 168.725069] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 168.769250] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 168.773488] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 168.835501] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 170.078460] Bluetooth: hci0: command tx timeout [ 170.269484] Bluetooth: hci1: command tx timeout [ 170.333417] Bluetooth: hci2: command tx timeout [ 170.398420] Bluetooth: hci3: command tx timeout [ 170.781512] Bluetooth: hci7: command tx timeout [ 170.783521] Bluetooth: hci6: command tx timeout [ 170.973522] Bluetooth: hci5: command tx timeout [ 170.973552] Bluetooth: hci4: command tx timeout [ 172.125579] Bluetooth: hci0: command tx timeout [ 172.317725] Bluetooth: hci1: command tx timeout [ 172.381479] Bluetooth: hci2: command tx timeout [ 172.445797] Bluetooth: hci3: command tx timeout [ 172.829553] Bluetooth: hci6: command tx timeout [ 172.829579] Bluetooth: hci7: command tx timeout [ 173.021474] Bluetooth: hci5: command tx timeout [ 173.022840] Bluetooth: hci4: command tx timeout [ 174.173542] Bluetooth: hci0: command tx timeout [ 174.366351] Bluetooth: hci1: command tx timeout [ 174.429471] Bluetooth: hci2: command tx timeout [ 174.493565] Bluetooth: hci3: command tx timeout [ 174.878770] Bluetooth: hci6: command tx timeout [ 174.878792] Bluetooth: hci7: command tx timeout [ 175.069469] Bluetooth: hci4: command tx timeout [ 175.070066] Bluetooth: hci5: command tx timeout [ 176.221631] Bluetooth: hci0: command tx timeout [ 176.413475] Bluetooth: hci1: command tx timeout [ 176.479396] Bluetooth: hci2: command tx timeout [ 176.541699] Bluetooth: hci3: command tx timeout [ 176.927443] Bluetooth: hci6: command tx timeout [ 176.927606] Bluetooth: hci7: command tx timeout [ 177.117531] Bluetooth: hci5: command tx timeout [ 177.118741] Bluetooth: hci4: command tx timeout [ 229.805150] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 229.808019] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 229.809847] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 229.817070] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 229.820880] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 229.822609] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 229.932036] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 229.933580] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 229.934854] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 229.938709] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 229.940654] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 229.943533] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 230.078242] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 230.080177] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 230.082542] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 230.087467] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 230.092520] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 230.096533] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 230.196066] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 230.200742] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 230.202712] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 230.210695] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 230.219978] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 230.223977] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 230.225229] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 230.225671] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 230.226358] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 230.227551] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 230.229934] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 230.231804] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 230.232192] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 230.250019] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 230.257695] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 230.292444] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 230.300626] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 230.313606] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 230.327971] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 230.331778] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 230.337561] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 230.339122] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 230.345946] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 230.347619] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 230.391043] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 230.395666] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 230.396635] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 230.409446] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 230.411183] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 230.413551] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 231.837551] Bluetooth: hci0: command tx timeout [ 231.965437] Bluetooth: hci1: command tx timeout [ 232.159369] Bluetooth: hci2: command tx timeout [ 232.285482] Bluetooth: hci4: command tx timeout [ 232.414493] Bluetooth: hci7: command tx timeout [ 232.543376] Bluetooth: hci6: command tx timeout [ 232.543801] Bluetooth: hci3: command tx timeout [ 232.605431] Bluetooth: hci5: command tx timeout [ 233.887343] Bluetooth: hci0: command tx timeout [ 234.013525] Bluetooth: hci1: command tx timeout [ 234.206460] Bluetooth: hci2: command tx timeout [ 234.335194] Bluetooth: hci4: command tx timeout [ 234.461753] Bluetooth: hci7: command tx timeout [ 234.589371] Bluetooth: hci6: command tx timeout [ 234.589483] Bluetooth: hci3: command tx timeout [ 234.653367] Bluetooth: hci5: command tx timeout [ 235.934367] Bluetooth: hci0: command tx timeout [ 236.061383] Bluetooth: hci1: command tx timeout [ 236.254362] Bluetooth: hci2: command tx timeout [ 236.382925] Bluetooth: hci4: command tx timeout [ 236.511698] Bluetooth: hci7: command tx timeout [ 236.638821] Bluetooth: hci6: command tx timeout [ 236.638932] Bluetooth: hci3: command tx timeout [ 236.702372] Bluetooth: hci5: command tx timeout [ 237.982480] Bluetooth: hci0: command tx timeout [ 238.109499] Bluetooth: hci1: command tx timeout [ 238.301601] Bluetooth: hci2: command tx timeout [ 238.429998] Bluetooth: hci4: command tx timeout [ 238.557651] Bluetooth: hci7: command tx timeout [ 238.685752] Bluetooth: hci6: command tx timeout [ 238.685883] Bluetooth: hci3: command tx timeout [ 238.749384] Bluetooth: hci5: command tx timeout [ 292.718633] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 292.724873] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 292.736568] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 292.743694] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 292.750257] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 292.754687] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 292.801011] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 292.806543] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 292.809007] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 292.818454] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 292.823724] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 292.834788] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 292.937182] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 292.944556] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 292.947041] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 292.954576] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 292.965505] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 292.969713] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 293.241667] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 293.248796] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 293.251704] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 293.261551] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 293.276803] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 293.294207] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 293.335740] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 293.356857] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 293.362967] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 293.389155] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 293.404499] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 293.410878] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 293.425640] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 293.434566] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 293.451573] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 293.457406] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 293.463138] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 293.465612] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 293.474113] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 293.474902] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 293.478912] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 293.486213] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 293.488846] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 293.491913] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 293.505161] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 293.519017] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 293.521246] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 293.613585] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 293.626581] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 293.629627] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 294.814598] Bluetooth: hci0: command tx timeout [ 294.877403] Bluetooth: hci1: command tx timeout [ 295.006452] Bluetooth: hci2: command tx timeout [ 295.390992] Bluetooth: hci3: command tx timeout [ 295.583737] Bluetooth: hci5: command tx timeout [ 295.710375] Bluetooth: hci7: command tx timeout [ 295.711572] Bluetooth: hci4: command tx timeout [ 295.711635] Bluetooth: hci6: command tx timeout [ 296.861763] Bluetooth: hci0: command tx timeout [ 296.925420] Bluetooth: hci1: command tx timeout [ 297.053580] Bluetooth: hci2: command tx timeout [ 297.437621] Bluetooth: hci3: command tx timeout [ 297.629558] Bluetooth: hci5: command tx timeout [ 297.757548] Bluetooth: hci7: command tx timeout [ 297.757696] Bluetooth: hci6: command tx timeout [ 297.757875] Bluetooth: hci4: command tx timeout [ 298.909357] Bluetooth: hci0: command tx timeout [ 298.973381] Bluetooth: hci1: command tx timeout [ 299.102669] Bluetooth: hci2: command tx timeout [ 299.485349] Bluetooth: hci3: command tx timeout [ 299.679415] Bluetooth: hci5: command tx timeout [ 299.805466] Bluetooth: hci4: command tx timeout [ 299.805823] Bluetooth: hci6: command tx timeout [ 299.805905] Bluetooth: hci7: command tx timeout [ 300.957380] Bluetooth: hci0: command tx timeout [ 301.021465] Bluetooth: hci1: command tx timeout [ 301.151215] Bluetooth: hci2: command tx timeout [ 301.533418] Bluetooth: hci3: command tx timeout [ 301.726419] Bluetooth: hci5: command tx timeout [ 301.853373] Bluetooth: hci7: command tx timeout [ 301.853915] Bluetooth: hci6: command tx timeout [ 301.855211] Bluetooth: hci4: command tx timeout [ 349.595745] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 349.595996] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 349.977587] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 349.977673] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 23:27:46 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000500), 0xffffffffffffffff) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000380)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x24}}, 0x0) [ 352.059941] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 352.060020] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 23:27:47 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000500), 0xffffffffffffffff) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000380)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x24}}, 0x0) 23:27:47 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000500), 0xffffffffffffffff) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000380)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x24}}, 0x0) 23:27:47 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) fadvise64(r0, 0x0, 0x0, 0x5) [ 352.695678] audit: type=1400 audit(1737242867.673:8): avc: denied { open } for pid=13665 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 352.695862] audit: type=1400 audit(1737242867.673:9): avc: denied { kernel } for pid=13665 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 23:27:47 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) fadvise64(r0, 0x0, 0x0, 0x5) 23:27:47 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) fadvise64(r0, 0x0, 0x0, 0x5) [ 352.982568] [ 352.982860] ====================================================== [ 352.983553] WARNING: possible circular locking dependency detected [ 352.984261] 6.13.0-rc7-next-20250117 #1 Not tainted [ 352.984797] ------------------------------------------------------ [ 352.986424] kworker/u8:0/11 is trying to acquire lock: [ 352.987451] ffffffff8621b968 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 352.989763] [ 352.989763] but task is already holding lock: [ 352.991186] ffff88803aab8768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 352.992825] [ 352.992825] which lock already depends on the new lock. [ 352.992825] [ 352.994150] [ 352.994150] the existing dependency chain (in reverse order) is: [ 352.995413] [ 352.995413] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 352.996431] __mutex_lock+0x13d/0xb50 [ 352.997327] wiphy_register+0x1b2e/0x25d0 [ 352.997907] ieee80211_register_hw+0x23a4/0x3d60 [ 352.998533] mac80211_hwsim_new_radio+0x2759/0x4d50 [ 352.999200] init_mac80211_hwsim+0x389/0x870 [ 352.999799] do_one_initcall+0xf9/0x640 [ 353.000373] kernel_init_freeable+0x53d/0x7a0 [ 353.001001] kernel_init+0x1e/0x2d0 [ 353.001503] ret_from_fork+0x48/0x80 [ 353.002016] ret_from_fork_asm+0x1a/0x30 [ 353.002599] [ 353.002599] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 353.003317] __lock_acquire+0x29fd/0x4580 [ 353.003854] lock_acquire+0x19b/0x520 [ 353.004353] __mutex_lock+0x13d/0xb50 [ 353.004861] unregister_netdevice_many_notify+0x1612/0x1c80 [ 353.005596] unregister_netdevice_queue+0x224/0x2e0 [ 353.006258] _cfg80211_unregister_wdev+0x57b/0x700 [ 353.006936] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 353.007596] ieee80211_unregister_hw+0x55/0x3a0 [ 353.008222] hwsim_exit_net+0x3a0/0x730 [ 353.008775] ops_exit_list+0xb3/0x180 [ 353.009309] cleanup_net+0x546/0xad0 [ 353.009831] process_one_work+0x8ee/0x1a10 [ 353.010431] worker_thread+0x674/0xe70 [ 353.010997] kthread+0x3ab/0x720 [ 353.011498] ret_from_fork+0x48/0x80 [ 353.012003] ret_from_fork_asm+0x1a/0x30 [ 353.012586] [ 353.012586] other info that might help us debug this: [ 353.012586] [ 353.013467] Possible unsafe locking scenario: [ 353.013467] [ 353.014093] CPU0 CPU1 [ 353.014587] ---- ---- [ 353.015116] lock(&rdev->wiphy.mtx); [ 353.015598] lock(rtnl_mutex); [ 353.016292] lock(&rdev->wiphy.mtx); [ 353.017027] lock(rtnl_mutex); [ 353.017453] [ 353.017453] *** DEADLOCK *** [ 353.017453] [ 353.018099] 4 locks held by kworker/u8:0/11: [ 353.018580] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 353.019712] #1: ffff8880095dfd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 353.020792] #2: ffffffff8620f810 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 353.021801] #3: ffff88803aab8768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 353.023026] [ 353.023026] stack backtrace: [ 353.023524] CPU: 1 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.13.0-rc7-next-20250117 #1 [ 353.024398] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 353.025182] Workqueue: netns cleanup_net [ 353.025653] Call Trace: [ 353.025977] [ 353.026228] dump_stack_lvl+0xca/0x120 [ 353.026665] print_circular_bug+0x47b/0x750 [ 353.027143] check_noncircular+0x2e9/0x3c0 [ 353.027577] ? __pfx_check_noncircular+0x10/0x10 [ 353.028059] ? srso_return_thunk+0x5/0x5f [ 353.028504] ? lockdep_lock+0xba/0x1b0 [ 353.028932] ? __pfx_lockdep_lock+0x10/0x10 [ 353.029409] __lock_acquire+0x29fd/0x4580 [ 353.029853] ? __pfx___lock_acquire+0x10/0x10 [ 353.030320] ? lock_release+0x20f/0x6f0 [ 353.030734] ? __pfx_lock_release+0x10/0x10 [ 353.031196] lock_acquire+0x19b/0x520 [ 353.031599] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 353.032193] ? __pfx_lock_acquire+0x10/0x10 [ 353.032645] ? srso_return_thunk+0x5/0x5f [ 353.033086] ? lock_release+0x20f/0x6f0 [ 353.033506] ? srso_return_thunk+0x5/0x5f [ 353.033953] ? lock_is_held_type+0x9e/0x120 [ 353.034417] ? srso_return_thunk+0x5/0x5f [ 353.034883] __mutex_lock+0x13d/0xb50 [ 353.035339] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 353.035941] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 353.036548] ? srso_return_thunk+0x5/0x5f [ 353.037005] ? synchronize_rcu_expedited+0x38a/0x420 [ 353.037540] ? __pfx___mutex_lock+0x10/0x10 [ 353.038010] ? __pfx_autoremove_wake_function+0x10/0x10 [ 353.038573] ? srso_return_thunk+0x5/0x5f [ 353.039039] ? kasan_quarantine_put+0x84/0x1e0 [ 353.039548] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 353.040023] ? srso_return_thunk+0x5/0x5f [ 353.040486] unregister_netdevice_many_notify+0x1612/0x1c80 [ 353.041074] ? __virt_addr_valid+0x2e8/0x5d0 [ 353.041557] ? __pfx_lock_release+0x10/0x10 [ 353.042029] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 353.042645] ? find_held_lock+0x2c/0x110 [ 353.043106] ? srso_return_thunk+0x5/0x5f [ 353.043571] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 353.044104] ? srso_return_thunk+0x5/0x5f [ 353.044561] ? lock_release+0x20f/0x6f0 [ 353.044993] ? __pfx_lock_release+0x10/0x10 [ 353.045461] ? srso_return_thunk+0x5/0x5f [ 353.045916] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 353.046466] ? srso_return_thunk+0x5/0x5f [ 353.046938] unregister_netdevice_queue+0x224/0x2e0 [ 353.047462] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 353.048022] ? up_write+0x195/0x520 [ 353.048388] _cfg80211_unregister_wdev+0x57b/0x700 [ 353.048895] ? srso_return_thunk+0x5/0x5f [ 353.049360] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 353.049866] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 353.050369] ? srso_return_thunk+0x5/0x5f [ 353.058542] ? srso_return_thunk+0x5/0x5f [ 353.058994] ? synchronize_rcu+0x1ff/0x260 [ 353.059413] ieee80211_unregister_hw+0x55/0x3a0 [ 353.059894] hwsim_exit_net+0x3a0/0x730 [ 353.060295] ? __pfx_hwsim_exit_net+0x10/0x10 [ 353.060764] ? srso_return_thunk+0x5/0x5f [ 353.061198] ? netdev_run_todo+0x788/0x1040 [ 353.061623] ? __pfx_hwsim_exit_net+0x10/0x10 [ 353.062066] ops_exit_list+0xb3/0x180 [ 353.062432] cleanup_net+0x546/0xad0 [ 353.062860] ? __pfx_cleanup_net+0x10/0x10 [ 353.063312] process_one_work+0x8ee/0x1a10 [ 353.063778] ? __pfx_process_one_work+0x10/0x10 [ 353.064261] ? srso_return_thunk+0x5/0x5f [ 353.064701] ? srso_return_thunk+0x5/0x5f [ 353.065161] ? move_linked_works+0x172/0x270 [ 353.065611] ? srso_return_thunk+0x5/0x5f [ 353.066057] ? assign_work+0x196/0x240 [ 353.066460] worker_thread+0x674/0xe70 [ 353.066912] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 353.067475] ? __pfx_worker_thread+0x10/0x10 [ 353.068029] kthread+0x3ab/0x720 [ 353.068468] ? __pfx_kthread+0x10/0x10 [ 353.068951] ? srso_return_thunk+0x5/0x5f [ 353.069407] ? finish_task_switch.isra.0+0x206/0x840 [ 353.069899] ? __pfx_kthread+0x10/0x10 [ 353.070300] ret_from_fork+0x48/0x80 [ 353.070663] ? __pfx_kthread+0x10/0x10 [ 353.071061] ret_from_fork_asm+0x1a/0x30 [ 353.071481] 23:27:48 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) fadvise64(r0, 0x0, 0x0, 0x5) 23:27:48 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) fadvise64(r0, 0x0, 0x0, 0x5) [ 354.534776] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 354.536622] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 354.541214] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 354.547197] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 354.550141] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 354.552560] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 354.663603] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 354.665741] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 354.670993] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 354.675142] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 354.677834] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 354.681156] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 354.798450] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 354.802794] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 354.804661] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 354.807692] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 354.810347] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 354.812535] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 354.948836] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 354.951402] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 354.954662] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 354.966732] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 354.967432] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 354.978960] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 354.989188] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 355.002612] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 355.020711] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 355.022547] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 355.027829] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 355.034207] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 355.037350] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 355.039166] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 355.046537] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 355.141689] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 355.146621] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 355.151584] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 355.157835] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 355.165947] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 355.166525] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 355.169754] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 355.170204] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 355.171657] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 356.573352] Bluetooth: hci0: command tx timeout [ 356.701483] Bluetooth: hci1: command tx timeout [ 356.829688] Bluetooth: hci3: command tx timeout [ 357.085628] Bluetooth: hci6: command tx timeout [ 357.150297] Bluetooth: hci5: command tx timeout [ 357.277439] Bluetooth: hci7: command tx timeout [ 357.277609] Bluetooth: hci4: command tx timeout [ 358.621331] Bluetooth: hci0: command tx timeout [ 358.749572] Bluetooth: hci1: command tx timeout [ 358.879309] Bluetooth: hci3: command tx timeout [ 359.133793] Bluetooth: hci6: command tx timeout [ 359.197355] Bluetooth: hci5: command tx timeout [ 359.326293] Bluetooth: hci7: command tx timeout [ 359.326366] Bluetooth: hci4: command tx timeout [ 360.669355] Bluetooth: hci0: command tx timeout [ 360.798331] Bluetooth: hci1: command tx timeout [ 360.925874] Bluetooth: hci3: command tx timeout [ 361.181330] Bluetooth: hci6: command tx timeout [ 361.245379] Bluetooth: hci5: command tx timeout [ 361.373899] Bluetooth: hci7: command tx timeout [ 361.374056] Bluetooth: hci4: command tx timeout [ 362.717981] Bluetooth: hci0: command tx timeout [ 362.845352] Bluetooth: hci1: command tx timeout [ 362.974320] Bluetooth: hci3: command tx timeout VM DIAGNOSIS: 23:27:48 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=ffff88806cf41280 RCX=ffffffff816641b2 RDX=ffff88803a543780 RSI=0000000000000000 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff88803b3c7828 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000003 R12=ffffed100d9e8251 R13=ffff88806cf41288 R14=0000000000000001 R15=dffffc0000000000 RIP=ffffffff8171a150 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000055556dc82400 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f796c2ae3a4 CR3=000000002a5fc000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=03ccc1d586e654a0524ade8cf0c6d756 XMM02=5e5c10884646930b00000000000fbb78 XMM03=aabf2c55a4f4e76300000000000fbc28 XMM04=e34582465edbcd8800000000000ae988 XMM05=75b108e43fc9fa040000000000163228 XMM06=0b6edabfa1302a930000000000162f70 XMM07=1b8efe73b25115f60000000000162d68 XMM08=d6ad57d02453f0d200000000000fbfa8 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000200000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000001 RBX=ffff8880095dec08 RCX=ffffffff81533329 RDX=ffff8880095c3780 RSI=ffffffff815332fe RDI=0000000000000001 RBP=0000000000000052 RSP=ffff8880095deba0 R8 =0000000000000000 R9 =fffffbfff0be1544 R10=0000000000000000 R11=5f20202020202020 R12=0000000000000001 R13=0000000000000000 R14=0000000000000002 R15=0000000000000002 RIP=ffffffff81533301 RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f2f2b9e4ae0 CR3=000000003ab2c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000003ffffffff000055c973803520 XMM02=ffffff0f0e0d0c0b0a09080706050403 XMM03=696e656420737365636341002f737973 XMM04=353d44455a494c414954494e495f4345 XMM05=3d5145534b534944006b7369643d4550 XMM06=3d454d414e56454400303d444955555f XMM07=59534255530031706f6f6c2f6b636f6c XMM08=49006d756e203c2069000a313a56000a XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000