Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:40714' (ECDSA) to the list of known hosts. 2025/01/17 21:12:13 fuzzer started 2025/01/17 21:12:13 dialing manager at localhost:44245 syzkaller login: [ 63.820953] cgroup: Unknown subsys name 'net' [ 63.902928] cgroup: Unknown subsys name 'cpuset' [ 63.929930] cgroup: Unknown subsys name 'rlimit' [ 70.083786] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 82.568633] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/17 21:12:33 syscalls: 2217 2025/01/17 21:12:33 code coverage: enabled 2025/01/17 21:12:33 comparison tracing: enabled 2025/01/17 21:12:33 extra coverage: enabled 2025/01/17 21:12:33 setuid sandbox: enabled 2025/01/17 21:12:33 namespace sandbox: enabled 2025/01/17 21:12:33 Android sandbox: enabled 2025/01/17 21:12:33 fault injection: enabled 2025/01/17 21:12:33 leak checking: enabled 2025/01/17 21:12:33 net packet injection: enabled 2025/01/17 21:12:33 net device setup: enabled 2025/01/17 21:12:33 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/17 21:12:33 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/17 21:12:33 USB emulation: enabled 2025/01/17 21:12:33 hci packet injection: enabled 2025/01/17 21:12:33 wifi device emulation: enabled 2025/01/17 21:12:33 802.15.4 emulation: enabled 2025/01/17 21:12:33 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/17 21:12:33 fetching corpus: 1, signal 573/2047 (executing program) 2025/01/17 21:12:33 fetching corpus: 1, signal 573/2047 (executing program) 2025/01/17 21:12:37 starting 8 fuzzer processes 21:12:37 executing program 0: r0 = memfd_create(&(0x7f0000000400)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9\xbb\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\xa4\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0) lseek(r0, 0x0, 0x3) 21:12:37 executing program 3: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040)) setreuid(0x0, 0x0) 21:12:37 executing program 1: syz_emit_ethernet(0xbe, &(0x7f00000001c0)={@multicast, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x88, 0x0, @empty, @empty}, {0x0, 0x0, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "cbc3e8d2c58aec8c82e118e4bc5b436e2d0189a71d463bc67cd0054af8440fdc", "b96bd92a8bec47f0f27ded178376ae7df458bdd490d676f8dcce53d572c854ce5ac2d3fb76003d389686c293c5c00cd3", "38606fa368a164ac2d82b03f63cfa6e436920b3e2c695c9a43843043", {"091d92ec355330eae0d68e2f2dd056bb", "58c47f0a8dcc4ff61e8c970e2f7d9803"}}}}}}}, 0x0) 21:12:37 executing program 2: r0 = socket$inet6(0xa, 0x3, 0xff) setsockopt$inet6_int(r0, 0x29, 0x4c, &(0x7f0000001700), 0x3) [ 87.217641] audit: type=1400 audit(1737148357.482:7): avc: denied { execmem } for pid=273 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 21:12:37 executing program 4: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, &(0x7f0000000b40)=0x1c, 0x4) 21:12:37 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000d5f4655fd6f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}], 0x0, &(0x7f0000000140)=ANY=[]) 21:12:37 executing program 6: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/kexec_crash_size', 0x7d1204c4af9dbdae, 0x9) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKINFO_GET(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)={0x14, r2, 0x805}, 0x14}}, 0x0) sendmsg$ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r2, 0x400, 0x70bd27, 0x25dfdbfd, {}, [@ETHTOOL_A_PAUSE_TX={0x5, 0x4, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4008801}, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb197}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r3 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2) write$binfmt_aout(r3, &(0x7f0000000400)=ANY=[@ANYBLOB="0200000000000000000400bf003e0008026d1d59b13c9f39d01efb4f42cb664c95d3633dc0d9172ab06dfc35f828deec8afcf8ed"], 0x125) 21:12:37 executing program 7: syz_mount_image$tmpfs(&(0x7f0000001140), &(0x7f0000001180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000018c0)={[{@nr_blocks={'nr_blocks', 0x3d, [0x6d]}}]}) [ 88.636958] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 88.642469] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 88.643370] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 88.647352] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 88.649683] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 88.653253] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 88.656448] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 88.662885] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 88.664910] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 88.665644] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 88.673628] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 88.684447] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 88.690212] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 88.699448] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 88.700281] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 88.703600] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 88.716664] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 88.718867] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 88.724526] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 88.724753] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 88.726174] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 88.741531] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 88.754699] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 88.755849] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 88.756299] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 88.760720] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 88.762453] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 88.766182] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 88.766555] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 88.767982] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 88.768901] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 88.769015] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 88.769800] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 88.774960] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 88.775910] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 88.776326] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 88.823157] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 88.825217] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 88.831571] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 88.834386] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 88.836541] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 88.836873] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 88.842555] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 88.844477] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 88.846773] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 88.848960] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 88.850857] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 88.852759] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 90.717944] Bluetooth: hci1: command tx timeout [ 90.718386] Bluetooth: hci0: command tx timeout [ 90.782303] Bluetooth: hci2: command tx timeout [ 90.847340] Bluetooth: hci4: command tx timeout [ 90.847730] Bluetooth: hci3: command tx timeout [ 90.847879] Bluetooth: hci5: command tx timeout [ 90.909187] Bluetooth: hci6: command tx timeout [ 90.909454] Bluetooth: hci7: command tx timeout [ 92.765390] Bluetooth: hci1: command tx timeout [ 92.766276] Bluetooth: hci0: command tx timeout [ 92.829287] Bluetooth: hci2: command tx timeout [ 92.895160] Bluetooth: hci5: command tx timeout [ 92.895195] Bluetooth: hci3: command tx timeout [ 92.895265] Bluetooth: hci4: command tx timeout [ 92.957258] Bluetooth: hci7: command tx timeout [ 92.957871] Bluetooth: hci6: command tx timeout [ 94.813150] Bluetooth: hci0: command tx timeout [ 94.813189] Bluetooth: hci1: command tx timeout [ 94.879119] Bluetooth: hci2: command tx timeout [ 94.941175] Bluetooth: hci4: command tx timeout [ 94.942253] Bluetooth: hci5: command tx timeout [ 94.942805] Bluetooth: hci3: command tx timeout [ 95.005162] Bluetooth: hci6: command tx timeout [ 95.005195] Bluetooth: hci7: command tx timeout [ 96.861154] Bluetooth: hci0: command tx timeout [ 96.861255] Bluetooth: hci1: command tx timeout [ 96.926130] Bluetooth: hci2: command tx timeout [ 96.989150] Bluetooth: hci3: command tx timeout [ 96.989239] Bluetooth: hci5: command tx timeout [ 96.989264] Bluetooth: hci4: command tx timeout [ 97.054333] Bluetooth: hci7: command tx timeout [ 97.054552] Bluetooth: hci6: command tx timeout [ 148.383910] syz-executor.4 (283) used greatest stack depth: 24144 bytes left [ 151.107003] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 151.109934] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 151.112332] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 151.117674] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 151.121946] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 151.123226] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 151.208802] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 151.210894] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 151.213590] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 151.216392] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 151.218788] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 151.220021] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 151.281954] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 151.282678] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 151.290824] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 151.295479] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 151.296942] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 151.297556] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 151.299100] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 151.304865] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 151.306622] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 151.315459] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 151.316973] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 151.322426] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 151.323650] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 151.337379] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 151.342966] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 151.345566] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 151.349414] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 151.349404] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 151.358533] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 151.361966] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 151.362103] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 151.368466] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 151.388584] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 151.393166] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 151.419501] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 151.433407] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 151.448671] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 151.452783] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 151.454418] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 151.455735] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 151.512216] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 151.527562] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 151.532503] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 151.618478] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 151.622153] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 151.662778] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 153.181170] Bluetooth: hci0: command tx timeout [ 153.245223] Bluetooth: hci1: command tx timeout [ 153.373161] Bluetooth: hci4: command tx timeout [ 153.439179] Bluetooth: hci5: command tx timeout [ 153.439202] Bluetooth: hci2: command tx timeout [ 153.439588] Bluetooth: hci3: command tx timeout [ 153.501297] Bluetooth: hci7: command tx timeout [ 153.757284] Bluetooth: hci6: command tx timeout [ 155.230356] Bluetooth: hci0: command tx timeout [ 155.295172] Bluetooth: hci1: command tx timeout [ 155.422351] Bluetooth: hci4: command tx timeout [ 155.485279] Bluetooth: hci3: command tx timeout [ 155.488110] Bluetooth: hci5: command tx timeout [ 155.488198] Bluetooth: hci2: command tx timeout [ 155.549148] Bluetooth: hci7: command tx timeout [ 155.807183] Bluetooth: hci6: command tx timeout [ 157.277151] Bluetooth: hci0: command tx timeout [ 157.341534] Bluetooth: hci1: command tx timeout [ 157.469448] Bluetooth: hci4: command tx timeout [ 157.533304] Bluetooth: hci2: command tx timeout [ 157.534592] Bluetooth: hci5: command tx timeout [ 157.534618] Bluetooth: hci3: command tx timeout [ 157.598340] Bluetooth: hci7: command tx timeout [ 157.854821] Bluetooth: hci6: command tx timeout [ 159.325249] Bluetooth: hci0: command tx timeout [ 159.389211] Bluetooth: hci1: command tx timeout [ 159.517371] Bluetooth: hci4: command tx timeout [ 159.581340] Bluetooth: hci2: command tx timeout [ 159.581847] Bluetooth: hci5: command tx timeout [ 159.582226] Bluetooth: hci3: command tx timeout [ 159.645240] Bluetooth: hci7: command tx timeout [ 159.901274] Bluetooth: hci6: command tx timeout [ 211.764486] [ 211.764751] ====================================================== [ 211.765366] WARNING: possible circular locking dependency detected [ 211.765962] 6.13.0-rc7-next-20250117 #1 Not tainted [ 211.766475] ------------------------------------------------------ [ 211.767900] kworker/u8:1/65 is trying to acquire lock: [ 211.769036] ffffffff8621b968 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 211.771042] [ 211.771042] but task is already holding lock: [ 211.772598] ffff88802c2a0768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 211.774416] [ 211.774416] which lock already depends on the new lock. [ 211.774416] [ 211.775882] [ 211.775882] the existing dependency chain (in reverse order) is: [ 211.777002] [ 211.777002] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 211.777681] __mutex_lock+0x13d/0xb50 [ 211.778160] wiphy_register+0x1b2e/0x25d0 [ 211.778662] ieee80211_register_hw+0x23a4/0x3d60 [ 211.779198] mac80211_hwsim_new_radio+0x2759/0x4d50 [ 211.779775] init_mac80211_hwsim+0x389/0x870 [ 211.780310] do_one_initcall+0xf9/0x640 [ 211.780800] kernel_init_freeable+0x53d/0x7a0 [ 211.781341] kernel_init+0x1e/0x2d0 [ 211.781770] ret_from_fork+0x48/0x80 [ 211.782224] ret_from_fork_asm+0x1a/0x30 [ 211.782726] [ 211.782726] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 211.783361] __lock_acquire+0x29fd/0x4580 [ 211.783846] lock_acquire+0x19b/0x520 [ 211.784305] __mutex_lock+0x13d/0xb50 [ 211.784765] unregister_netdevice_many_notify+0x1612/0x1c80 [ 211.785471] unregister_netdevice_queue+0x224/0x2e0 [ 211.786155] _cfg80211_unregister_wdev+0x57b/0x700 [ 211.786826] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 211.787400] ieee80211_unregister_hw+0x55/0x3a0 [ 211.787928] hwsim_exit_net+0x3a0/0x730 [ 211.788411] ops_exit_list+0xb3/0x180 [ 211.788859] cleanup_net+0x546/0xad0 [ 211.789310] process_one_work+0x8ee/0x1a10 [ 211.789821] worker_thread+0x674/0xe70 [ 211.790317] kthread+0x3ab/0x720 [ 211.790739] ret_from_fork+0x48/0x80 [ 211.791172] ret_from_fork_asm+0x1a/0x30 [ 211.791667] [ 211.791667] other info that might help us debug this: [ 211.791667] [ 211.792422] Possible unsafe locking scenario: [ 211.792422] [ 211.792993] CPU0 CPU1 [ 211.793448] ---- ---- [ 211.793894] lock(&rdev->wiphy.mtx); [ 211.794320] lock(rtnl_mutex); [ 211.794899] lock(&rdev->wiphy.mtx); [ 211.795530] lock(rtnl_mutex); [ 211.795888] [ 211.795888] *** DEADLOCK *** [ 211.795888] [ 211.796464] 4 locks held by kworker/u8:1/65: [ 211.796907] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 211.797929] #1: ffff88800eb7fd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 211.798932] #2: ffffffff8620f810 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 211.799850] #3: ffff88802c2a0768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 211.800882] [ 211.800882] stack backtrace: [ 211.801332] CPU: 1 UID: 0 PID: 65 Comm: kworker/u8:1 Not tainted 6.13.0-rc7-next-20250117 #1 [ 211.802156] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 211.802937] Workqueue: netns cleanup_net [ 211.803369] Call Trace: [ 211.803625] [ 211.803852] dump_stack_lvl+0xca/0x120 [ 211.804279] print_circular_bug+0x47b/0x750 [ 211.804727] check_noncircular+0x2e9/0x3c0 [ 211.805155] ? lock_repin_lock+0x207/0x320 [ 211.805615] ? __pfx_check_noncircular+0x10/0x10 [ 211.806103] ? hlock_class+0x4e/0x130 [ 211.806502] ? mark_lock+0xac/0xed0 [ 211.806884] ? __pfx_lock_repin_lock+0x10/0x10 [ 211.807382] ? lockdep_lock+0xba/0x1b0 [ 211.807800] ? __pfx_lockdep_lock+0x10/0x10 [ 211.808267] __lock_acquire+0x29fd/0x4580 [ 211.808713] ? __pfx___lock_acquire+0x10/0x10 [ 211.809172] ? lock_release+0x20f/0x6f0 [ 211.809605] ? __pfx_lock_release+0x10/0x10 [ 211.810054] lock_acquire+0x19b/0x520 [ 211.810491] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 211.811080] ? __pfx_lock_acquire+0x10/0x10 [ 211.811576] ? srso_return_thunk+0x5/0x5f [ 211.812017] ? lock_release+0x20f/0x6f0 [ 211.812435] ? srso_return_thunk+0x5/0x5f [ 211.812875] ? lock_is_held_type+0x9e/0x120 [ 211.813345] ? srso_return_thunk+0x5/0x5f [ 211.813795] __mutex_lock+0x13d/0xb50 [ 211.814217] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 211.814822] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 211.815416] ? srso_return_thunk+0x5/0x5f [ 211.815856] ? synchronize_rcu_expedited+0x38a/0x420 [ 211.816372] ? __pfx___mutex_lock+0x10/0x10 [ 211.816826] ? __pfx_autoremove_wake_function+0x10/0x10 [ 211.817382] ? srso_return_thunk+0x5/0x5f [ 211.817827] ? kasan_quarantine_put+0x84/0x1e0 [ 211.818339] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 211.818801] ? srso_return_thunk+0x5/0x5f [ 211.819246] unregister_netdevice_many_notify+0x1612/0x1c80 [ 211.819817] ? __virt_addr_valid+0x2e8/0x5d0 [ 211.820287] ? __pfx_lock_release+0x10/0x10 [ 211.820732] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 211.821333] ? find_held_lock+0x2c/0x110 [ 211.821767] ? srso_return_thunk+0x5/0x5f [ 211.822218] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 211.822746] ? srso_return_thunk+0x5/0x5f [ 211.823188] ? lock_release+0x20f/0x6f0 [ 211.823610] ? __pfx_lock_release+0x10/0x10 [ 211.824055] ? srso_return_thunk+0x5/0x5f [ 211.824494] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 211.825025] ? srso_return_thunk+0x5/0x5f [ 211.825478] unregister_netdevice_queue+0x224/0x2e0 [ 211.825979] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 211.826552] ? up_write+0x195/0x520 [ 211.826948] _cfg80211_unregister_wdev+0x57b/0x700 [ 211.827456] ? srso_return_thunk+0x5/0x5f [ 211.827902] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 211.828412] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 211.828960] ? srso_return_thunk+0x5/0x5f [ 211.829409] ? srso_return_thunk+0x5/0x5f [ 211.829849] ? synchronize_rcu+0x1ff/0x260 [ 211.830304] ieee80211_unregister_hw+0x55/0x3a0 [ 211.830773] hwsim_exit_net+0x3a0/0x730 [ 211.831181] ? __pfx_hwsim_exit_net+0x10/0x10 [ 211.831639] ? srso_return_thunk+0x5/0x5f [ 211.832078] ? netdev_run_todo+0x788/0x1040 [ 211.832530] ? __pfx_hwsim_exit_net+0x10/0x10 [ 211.832991] ops_exit_list+0xb3/0x180 [ 211.833392] cleanup_net+0x546/0xad0 [ 211.833786] ? __pfx_cleanup_net+0x10/0x10 [ 211.834255] process_one_work+0x8ee/0x1a10 [ 211.834727] ? __pfx_lock_acquire+0x10/0x10 [ 211.835171] ? __pfx_process_one_work+0x10/0x10 [ 211.835668] ? srso_return_thunk+0x5/0x5f [ 211.836109] ? move_linked_works+0x172/0x270 [ 211.836565] ? srso_return_thunk+0x5/0x5f [ 211.837004] ? assign_work+0x196/0x240 [ 211.837433] worker_thread+0x674/0xe70 [ 211.837853] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 211.838411] ? srso_return_thunk+0x5/0x5f [ 211.838851] ? __pfx_worker_thread+0x10/0x10 [ 211.839327] kthread+0x3ab/0x720 [ 211.839704] ? __pfx_kthread+0x10/0x10 [ 211.840114] ? srso_return_thunk+0x5/0x5f [ 211.840558] ? finish_task_switch.isra.0+0x206/0x840 [ 211.841078] ? __pfx_kthread+0x10/0x10 [ 211.841499] ret_from_fork+0x48/0x80 [ 211.841882] ? __pfx_kthread+0x10/0x10 [ 211.842317] ret_from_fork_asm+0x1a/0x30 [ 211.842769] [ 213.372909] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 213.374156] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 213.376285] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 213.382281] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 213.385466] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 213.386879] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 213.433471] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 213.434588] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 213.440811] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 213.444705] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 213.447604] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 213.452885] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 213.455452] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 213.457105] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 213.461381] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 213.470518] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 213.476290] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 213.489404] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 213.546540] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 213.554492] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 213.557721] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 213.567652] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 213.569507] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 213.573394] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 213.576408] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 213.580839] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 213.584789] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 213.589028] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 213.591488] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 213.600639] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 213.695378] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 213.696536] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 213.697452] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 213.699635] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 213.701755] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 213.703314] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 213.712190] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 213.722557] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 213.728652] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 213.753890] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 213.756795] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 213.777342] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 213.798212] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 213.801977] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 213.808110] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 213.817426] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 213.825356] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 213.836433] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 215.454094] Bluetooth: hci0: command tx timeout [ 215.518374] Bluetooth: hci1: command tx timeout [ 215.582151] Bluetooth: hci2: command tx timeout [ 215.646195] Bluetooth: hci4: command tx timeout [ 215.646343] Bluetooth: hci3: command tx timeout [ 215.774078] Bluetooth: hci5: command tx timeout [ 215.838835] Bluetooth: hci6: command tx timeout [ 215.902658] Bluetooth: hci7: command tx timeout [ 217.502113] Bluetooth: hci0: command tx timeout [ 217.567076] Bluetooth: hci1: command tx timeout [ 217.630120] Bluetooth: hci2: command tx timeout [ 217.694130] Bluetooth: hci4: command tx timeout [ 217.694218] Bluetooth: hci3: command tx timeout [ 217.822120] Bluetooth: hci5: command tx timeout [ 217.887232] Bluetooth: hci6: command tx timeout [ 217.950475] Bluetooth: hci7: command tx timeout [ 219.549106] Bluetooth: hci0: command tx timeout [ 219.613953] Bluetooth: hci1: command tx timeout [ 219.678160] Bluetooth: hci2: command tx timeout [ 219.741173] Bluetooth: hci4: command tx timeout [ 219.741328] Bluetooth: hci3: command tx timeout [ 219.870073] Bluetooth: hci5: command tx timeout [ 219.933125] Bluetooth: hci6: command tx timeout [ 219.997192] Bluetooth: hci7: command tx timeout [ 221.598116] Bluetooth: hci0: command tx timeout [ 221.663079] Bluetooth: hci1: command tx timeout [ 221.726140] Bluetooth: hci2: command tx timeout VM DIAGNOSIS: 21:14:42 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=ffff88800e3eb780 RCX=ffffffff81429a0f RDX=ffff88800e3eb780 RSI=0000000000000000 RDI=0000000000000005 RBP=0000000000200000 RSP=ffff88800f1c7db8 R8 =0000000000000000 R9 =ffffed1001d74d80 R10=0000000000200000 R11=ffff88800e3ebc38 R12=ffffffff85f4eff9 R13=ffff888008c50378 R14=ffff88800e3eb780 R15=0000000000000086 RIP=ffffffff81429a13 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fff5b977000 CR3=000000000b4ce000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=6576652d7372656b726f772d6c6c696b XMM02=ffffff0f0e0d0c0b0a09080706050403 XMM03=696e656420737365636341002f737973 XMM04=0000000200000000000056509322d830 XMM05=00000000000000000000000000000000 XMM06=000056509322d890ffffffff00000002 XMM07=00000000000000000000000000000000 XMM08=2f74656e2f73666e2f73662f7379732f XMM09=00000000000000000000000000000000 XMM10=00000020000000000000002000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=dffffc0000000005 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9 RSI=ffffffff8283cd30 RDI=ffffffff886930a0 RBP=ffffffff88693060 RSP=ffff88800eb7ebc0 R8 =0000000000000001 R9 =ffffed1001d6fd67 R10=0000000000000001 R11=7369786520656874 R12=ffffffff886930b0 R13=ffff88800eb7eeb8 R14=ffffffff88693320 R15=0000000000000000 RIP=ffffffff8283cd85 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fb9e53ec280 CR3=0000000035312000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=ffffffffffffff00ffff0000ff000000 XMM02=ffffff0f0e0d0c0b0a09080706050403 XMM03=696e656420737365636341002f737973 XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=0000565093222f50000056509323c5c0 XMM06=000056509320cc200000000300000004 XMM07=00000000000000000000000000000000 XMM08=2f74656e2f73666e2f73662f7379732f XMM09=00000000000000000000000000000000 XMM10=00000020000000000000002000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000