Warning: Permanently added '[localhost]:26710' (ECDSA) to the list of known hosts. 2025/01/20 18:58:45 fuzzer started 2025/01/20 18:58:45 dialing manager at localhost:44833 syzkaller login: [ 67.662501] cgroup: Unknown subsys name 'net' [ 67.759410] cgroup: Unknown subsys name 'cpuset' [ 67.796789] cgroup: Unknown subsys name 'rlimit' [ 73.281254] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/20 18:59:02 syscalls: 2217 2025/01/20 18:59:02 code coverage: enabled 2025/01/20 18:59:02 comparison tracing: enabled 2025/01/20 18:59:02 extra coverage: enabled 2025/01/20 18:59:02 setuid sandbox: enabled 2025/01/20 18:59:02 namespace sandbox: enabled 2025/01/20 18:59:02 Android sandbox: enabled 2025/01/20 18:59:02 fault injection: enabled 2025/01/20 18:59:02 leak checking: enabled 2025/01/20 18:59:02 net packet injection: enabled 2025/01/20 18:59:02 net device setup: enabled 2025/01/20 18:59:02 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/20 18:59:02 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/20 18:59:02 USB emulation: enabled 2025/01/20 18:59:02 hci packet injection: enabled 2025/01/20 18:59:02 wifi device emulation: enabled 2025/01/20 18:59:02 802.15.4 emulation: enabled 2025/01/20 18:59:02 fetching corpus: 0, signal 0/0 (executing program) 2025/01/20 18:59:02 fetching corpus: 0, signal 0/0 (executing program) 2025/01/20 18:59:03 starting 8 fuzzer processes 18:59:03 executing program 0: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) fcntl$setstatus(r0, 0x4, 0x42000) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) r2 = syz_open_dev$tty20(0xc, 0x4, 0x1) fcntl$setstatus(r2, 0x4, 0x42000) fcntl$setstatus(r1, 0x4, 0x42000) 18:59:03 executing program 1: syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, &(0x7f0000002cc0), 0x0, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CCA_ED_LEVEL(r0, &(0x7f0000003400)={0x0, 0x0, &(0x7f00000033c0)={&(0x7f0000003340)={0x14}, 0x14}}, 0x0) 18:59:03 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x20000, 0xd, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f80000200040000300000000000000010000000000000002000000010006000000000000000000000000008000"/96, 0x60}, {&(0x7f0000010100)='RRaA\x00'/32, 0x20, 0x800}, {&(0x7f0000010200)="0000000072724161120000000b000000000000000000000000000000000055aa", 0x20, 0x9e0}, {&(0x7f0000010300)="601c6d6b646f736689254300080120000400004000f80000200040000300000000000000010000000000000002000000010006000000000000000000000000008000"/96, 0x60, 0x3000}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f0700000008000000090000000a000000ffffff0fffffff0f00"/64, 0x40, 0x10000}, {&(0x7f0000010500)="f8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f0700000008000000090000000a000000ffffff0fffffff0f00"/64, 0x40, 0x10800}, {&(0x7f0000010600)="f8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f0700000008000000090000000a000000ffffff0fffffff0f00"/64, 0x40, 0x11000}, {&(0x7f0000010700)="f8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f0700000008000000090000000a000000ffffff0fffffff0f00"/64, 0x40, 0x11800}, {&(0x7f0000010800)="53595a4b414c4c45522020080000e880325132510000e880325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100063e870325132510000e870325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200063e870325132510000e870325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200063e870325132510000e870325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200063e870325132510000e87032510b0064000000", 0x120, 0x12000}, {&(0x7f0000010a00)="2e20202020202020202020100063e870325132510000e87032510300000000002e2e202020202020202020100063e870325132510000e870325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200063e870325132510000e870325104001a040000", 0x80, 0x12800}, {&(0x7f0000010b00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x13000}, {&(0x7f0000011000)='syzkallers\x00'/32, 0x20, 0x13800}, {&(0x7f0000011100)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x16800}], 0x0, &(0x7f0000011200)) 18:59:03 executing program 3: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) r2 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x13, r2, 0x0) r3 = epoll_create1(0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r2) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000000)) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r2) 18:59:04 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000300), 0x4) 18:59:04 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x80000, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400028001000240000004f80100200040000000000000000000800029d9e437f153595a4b414c4c4552202046415431322020200e1fbe5b7cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a00", 0xc0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aaf8ffff00f0ffffffffffffff00"/64, 0x40, 0x1e0}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x400}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e780325132510000e780325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020201000c1e770325132510000e770325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c45312020202020202000c1e770325132510000e770325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c45322020202020202000c1e770325132510000e770325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c2000c1e770325132510000e7703251070064000000", 0x120, 0x600}, {&(0x7f0000010500)="2e202020202020202020201000c1e770325132510000e77032510300000000002e2e2020202020202020201000c1e770325132510000e770325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020202000c1e770325132510000e770325104001a040000", 0x80, 0x10e00}, {&(0x7f0000010600)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x20e00}, {&(0x7f0000010b00)='syzkallers\x00'/32, 0x20, 0x30e00}, {&(0x7f0000010c00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x50e00}], 0x0, &(0x7f0000010d00)) 18:59:04 executing program 6: madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x66) madvise(&(0x7f0000cef000/0x1000)=nil, 0x1000, 0x3) [ 85.808721] audit: type=1400 audit(1737399544.038:7): avc: denied { execmem } for pid=276 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 18:59:04 executing program 7: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x34, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x3a}, @val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_VENDOR_SUBCMD={0x8}, @NL80211_ATTR_VENDOR_ID={0x8}]}, 0x34}}, 0x0) [ 87.177321] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 87.180113] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 87.188059] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 87.193969] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 87.200056] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 87.204797] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 87.304467] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 87.315824] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 87.320265] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 87.323867] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 87.324268] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 87.326877] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 87.328693] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 87.329092] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 87.334270] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 87.336376] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 87.339233] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 87.343798] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 87.347577] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 87.350362] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 87.354234] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 87.354933] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 87.357361] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 87.358283] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 87.359072] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 87.359456] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 87.359938] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 87.360209] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 87.361422] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 87.363282] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 87.379741] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 87.381056] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 87.383058] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 87.383435] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 87.384971] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 87.386212] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 87.386665] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 87.392477] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 87.394400] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 87.399268] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 87.402620] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 87.405641] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 87.410006] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 87.415971] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 87.422022] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 87.430046] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 87.444788] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 87.458113] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 89.261440] Bluetooth: hci0: command tx timeout [ 89.452731] Bluetooth: hci4: command tx timeout [ 89.453068] Bluetooth: hci7: command tx timeout [ 89.453272] Bluetooth: hci5: command tx timeout [ 89.453442] Bluetooth: hci1: command tx timeout [ 89.453642] Bluetooth: hci2: command tx timeout [ 89.453795] Bluetooth: hci3: command tx timeout [ 89.517767] Bluetooth: hci6: command tx timeout [ 91.309704] Bluetooth: hci0: command tx timeout [ 91.501714] Bluetooth: hci3: command tx timeout [ 91.501829] Bluetooth: hci2: command tx timeout [ 91.501916] Bluetooth: hci1: command tx timeout [ 91.501979] Bluetooth: hci5: command tx timeout [ 91.502039] Bluetooth: hci7: command tx timeout [ 91.502100] Bluetooth: hci4: command tx timeout [ 91.566564] Bluetooth: hci6: command tx timeout [ 93.356696] Bluetooth: hci0: command tx timeout [ 93.548832] Bluetooth: hci4: command tx timeout [ 93.549156] Bluetooth: hci7: command tx timeout [ 93.549219] Bluetooth: hci5: command tx timeout [ 93.549270] Bluetooth: hci1: command tx timeout [ 93.549318] Bluetooth: hci2: command tx timeout [ 93.549367] Bluetooth: hci3: command tx timeout [ 93.613605] Bluetooth: hci6: command tx timeout [ 95.405614] Bluetooth: hci0: command tx timeout [ 95.596925] Bluetooth: hci4: command tx timeout [ 95.597130] Bluetooth: hci7: command tx timeout [ 95.597333] Bluetooth: hci3: command tx timeout [ 95.597486] Bluetooth: hci2: command tx timeout [ 95.597863] Bluetooth: hci1: command tx timeout [ 95.598015] Bluetooth: hci5: command tx timeout [ 95.661082] Bluetooth: hci6: command tx timeout [ 149.629113] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 149.636927] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 149.642303] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 149.650024] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 149.652623] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 149.654987] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 149.699855] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 149.703964] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 149.705764] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 149.713860] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 149.716217] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 149.718309] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 149.722294] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 149.724182] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 149.725980] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 149.728392] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 149.728579] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 149.734658] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 149.735015] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 149.737809] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 149.739700] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 149.740229] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 149.741256] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 149.744547] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 149.773395] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 149.776888] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 149.779893] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 149.785858] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 149.789677] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 149.790603] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 149.842282] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 149.853604] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 149.861131] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 149.865938] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 149.869968] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 149.872075] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 149.882197] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 149.886872] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 149.902861] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 149.904883] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 149.919003] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 149.930042] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 149.941009] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 149.945895] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 149.961068] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 149.962784] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 149.970180] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 149.984719] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 151.725843] Bluetooth: hci0: command tx timeout [ 151.788700] Bluetooth: hci2: command tx timeout [ 151.789160] Bluetooth: hci1: command tx timeout [ 151.853194] Bluetooth: hci4: command tx timeout [ 151.854241] Bluetooth: hci3: command tx timeout [ 152.044690] Bluetooth: hci7: command tx timeout [ 152.047569] Bluetooth: hci5: command tx timeout [ 152.047761] Bluetooth: hci6: command tx timeout [ 153.772662] Bluetooth: hci0: command tx timeout [ 153.836744] Bluetooth: hci2: command tx timeout [ 153.836836] Bluetooth: hci1: command tx timeout [ 153.900579] Bluetooth: hci3: command tx timeout [ 153.900674] Bluetooth: hci4: command tx timeout [ 154.092751] Bluetooth: hci6: command tx timeout [ 154.092926] Bluetooth: hci5: command tx timeout [ 154.092965] Bluetooth: hci7: command tx timeout [ 155.820564] Bluetooth: hci0: command tx timeout [ 155.884647] Bluetooth: hci1: command tx timeout [ 155.884818] Bluetooth: hci2: command tx timeout [ 155.948593] Bluetooth: hci4: command tx timeout [ 155.948699] Bluetooth: hci3: command tx timeout [ 156.140755] Bluetooth: hci6: command tx timeout [ 156.141185] Bluetooth: hci7: command tx timeout [ 156.141243] Bluetooth: hci5: command tx timeout [ 157.870536] Bluetooth: hci0: command tx timeout [ 157.932718] Bluetooth: hci1: command tx timeout [ 157.933630] Bluetooth: hci2: command tx timeout [ 157.998827] Bluetooth: hci3: command tx timeout [ 157.998938] Bluetooth: hci4: command tx timeout [ 158.188674] Bluetooth: hci5: command tx timeout [ 158.188919] Bluetooth: hci7: command tx timeout [ 158.188974] Bluetooth: hci6: command tx timeout [ 212.275638] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 212.276723] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 212.277607] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 212.280193] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 212.281808] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 212.284757] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 212.472218] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 212.475890] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 212.479946] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 212.487648] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 212.489698] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 212.493166] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 212.719392] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 212.726538] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 212.729625] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 212.731357] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 212.736898] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 212.740522] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 212.743304] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 212.746225] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 212.747278] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 212.775019] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 212.778268] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 212.780332] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 212.794383] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 212.797181] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 212.799782] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 212.805710] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 212.805997] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 212.809954] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 212.816682] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 212.835878] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 212.836993] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 212.839179] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 212.839654] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 212.841011] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 212.924905] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 212.932874] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 212.960599] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 212.977620] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 212.982313] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 212.985233] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 213.009008] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 213.017251] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 213.019577] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 213.040953] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 213.044991] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 213.046581] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 214.316626] Bluetooth: hci0: command tx timeout [ 214.572674] Bluetooth: hci1: command tx timeout [ 214.828675] Bluetooth: hci3: command tx timeout [ 214.828766] Bluetooth: hci2: command tx timeout [ 214.892625] Bluetooth: hci4: command tx timeout [ 214.956642] Bluetooth: hci5: command tx timeout [ 215.084626] Bluetooth: hci6: command tx timeout [ 215.148983] Bluetooth: hci7: command tx timeout [ 216.365615] Bluetooth: hci0: command tx timeout [ 216.621712] Bluetooth: hci1: command tx timeout [ 216.877371] Bluetooth: hci3: command tx timeout [ 216.877393] Bluetooth: hci2: command tx timeout [ 216.941618] Bluetooth: hci4: command tx timeout [ 217.005664] Bluetooth: hci5: command tx timeout [ 217.132655] Bluetooth: hci6: command tx timeout [ 217.199542] Bluetooth: hci7: command tx timeout [ 218.412574] Bluetooth: hci0: command tx timeout [ 218.669627] Bluetooth: hci1: command tx timeout [ 218.924563] Bluetooth: hci3: command tx timeout [ 218.924656] Bluetooth: hci2: command tx timeout [ 218.988557] Bluetooth: hci4: command tx timeout [ 219.052586] Bluetooth: hci5: command tx timeout [ 219.180627] Bluetooth: hci6: command tx timeout [ 219.245083] Bluetooth: hci7: command tx timeout [ 220.462172] Bluetooth: hci0: command tx timeout [ 220.717514] Bluetooth: hci1: command tx timeout [ 220.972582] Bluetooth: hci2: command tx timeout [ 220.972676] Bluetooth: hci3: command tx timeout [ 221.036668] Bluetooth: hci4: command tx timeout [ 221.101546] Bluetooth: hci5: command tx timeout [ 221.230531] Bluetooth: hci6: command tx timeout [ 221.293589] Bluetooth: hci7: command tx timeout [ 274.368429] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 274.371730] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 274.379235] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 274.391152] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 274.400065] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 274.404087] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 274.488166] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 274.491005] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 274.493337] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 274.498166] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 274.502393] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 274.504541] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 274.739564] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 274.743878] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 274.747216] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 274.752046] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 274.754883] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 274.757332] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 274.829138] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 274.835585] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 274.837299] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 274.839920] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 274.845037] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 274.849212] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 274.853413] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 274.863666] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 274.870410] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 274.898838] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 274.901709] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 274.910737] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 274.912056] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 274.915054] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 274.916232] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 274.919334] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 274.927384] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 274.945198] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 274.949713] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 274.950221] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 274.965707] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 274.971838] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 274.975064] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 274.983280] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 274.989643] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 274.991310] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 274.999841] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 275.016642] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 275.036718] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 275.050638] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 276.460623] Bluetooth: hci0: command tx timeout [ 276.525730] Bluetooth: hci1: command tx timeout [ 276.781547] Bluetooth: hci2: command tx timeout [ 276.908552] Bluetooth: hci3: command tx timeout [ 276.972801] Bluetooth: hci5: command tx timeout [ 277.036551] Bluetooth: hci7: command tx timeout [ 277.036606] Bluetooth: hci4: command tx timeout [ 277.228698] Bluetooth: hci6: command tx timeout [ 278.509765] Bluetooth: hci0: command tx timeout [ 278.574523] Bluetooth: hci1: command tx timeout [ 278.828865] Bluetooth: hci2: command tx timeout [ 278.957526] Bluetooth: hci3: command tx timeout [ 279.022508] Bluetooth: hci5: command tx timeout [ 279.084525] Bluetooth: hci4: command tx timeout [ 279.086135] Bluetooth: hci7: command tx timeout [ 279.277530] Bluetooth: hci6: command tx timeout [ 280.556919] Bluetooth: hci0: command tx timeout [ 280.620822] Bluetooth: hci1: command tx timeout [ 280.876552] Bluetooth: hci2: command tx timeout [ 281.005550] Bluetooth: hci3: command tx timeout [ 281.068713] Bluetooth: hci5: command tx timeout [ 281.132564] Bluetooth: hci7: command tx timeout [ 281.132638] Bluetooth: hci4: command tx timeout [ 281.325544] Bluetooth: hci6: command tx timeout [ 282.604789] Bluetooth: hci0: command tx timeout [ 282.670195] Bluetooth: hci1: command tx timeout [ 282.924590] Bluetooth: hci2: command tx timeout [ 283.052563] Bluetooth: hci3: command tx timeout [ 283.116560] Bluetooth: hci5: command tx timeout [ 283.180550] Bluetooth: hci4: command tx timeout [ 283.184075] Bluetooth: hci7: command tx timeout [ 283.373020] Bluetooth: hci6: command tx timeout [ 336.511609] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 336.516763] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 336.519171] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 336.524198] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 336.527923] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 336.530318] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 336.887264] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 336.896909] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 336.899752] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 336.904940] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 336.913068] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 336.915838] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 336.918717] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 336.919030] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 336.922792] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 336.929065] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 336.950192] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 336.961859] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 336.966943] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 336.982348] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 336.990797] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 337.022397] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 337.031353] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 337.035918] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 337.092601] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 337.111831] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 337.125311] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 337.126201] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 337.132814] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 337.135089] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 337.139071] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 337.142005] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 337.146996] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 337.171363] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 337.176070] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 337.176110] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 337.181824] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 337.182688] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 337.190365] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 337.196389] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 337.204386] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 337.205515] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 337.208203] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 337.214905] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 337.215249] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 337.248289] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 337.269342] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 337.272864] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 338.605626] Bluetooth: hci0: command tx timeout [ 338.989638] Bluetooth: hci1: command tx timeout [ 339.052627] Bluetooth: hci2: command tx timeout [ 339.117578] Bluetooth: hci3: command tx timeout [ 339.310621] Bluetooth: hci5: command tx timeout [ 339.436625] Bluetooth: hci7: command tx timeout [ 339.437805] Bluetooth: hci4: command tx timeout [ 339.438334] Bluetooth: hci6: command tx timeout [ 340.652847] Bluetooth: hci0: command tx timeout [ 341.036584] Bluetooth: hci1: command tx timeout [ 341.100581] Bluetooth: hci2: command tx timeout [ 341.164554] Bluetooth: hci3: command tx timeout [ 341.356654] Bluetooth: hci5: command tx timeout [ 341.485607] Bluetooth: hci6: command tx timeout [ 341.485716] Bluetooth: hci7: command tx timeout [ 341.485769] Bluetooth: hci4: command tx timeout [ 342.700627] Bluetooth: hci0: command tx timeout [ 343.084687] Bluetooth: hci1: command tx timeout [ 343.148551] Bluetooth: hci2: command tx timeout [ 343.212595] Bluetooth: hci3: command tx timeout [ 343.404624] Bluetooth: hci5: command tx timeout [ 343.532555] Bluetooth: hci4: command tx timeout [ 343.532649] Bluetooth: hci7: command tx timeout [ 343.532731] Bluetooth: hci6: command tx timeout [ 344.748624] Bluetooth: hci0: command tx timeout [ 345.132525] Bluetooth: hci1: command tx timeout [ 345.196752] Bluetooth: hci2: command tx timeout [ 345.260633] Bluetooth: hci3: command tx timeout [ 345.453657] Bluetooth: hci5: command tx timeout [ 345.580563] Bluetooth: hci4: command tx timeout [ 345.580656] Bluetooth: hci6: command tx timeout [ 345.580747] Bluetooth: hci7: command tx timeout [ 393.060630] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 393.060751] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 393.471019] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 393.471103] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 394.176072] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 394.176153] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 394.513533] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 394.513616] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 394.907342] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 394.907621] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 19:04:13 executing program 6: madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x66) madvise(&(0x7f0000cef000/0x1000)=nil, 0x1000, 0x3) [ 395.173648] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 395.173738] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 19:04:13 executing program 6: madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x66) madvise(&(0x7f0000cef000/0x1000)=nil, 0x1000, 0x3) [ 395.291667] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 395.291753] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 19:04:13 executing program 6: madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x66) madvise(&(0x7f0000cef000/0x1000)=nil, 0x1000, 0x3) [ 395.486400] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 395.486780] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 19:04:13 executing program 6: madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x66) madvise(&(0x7f0000cef000/0x1000)=nil, 0x1000, 0x3) [ 395.741015] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 395.741104] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 19:04:13 executing program 6: madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x66) madvise(&(0x7f0000cef000/0x1000)=nil, 0x1000, 0x3) 19:04:14 executing program 6: madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x66) madvise(&(0x7f0000cef000/0x1000)=nil, 0x1000, 0x3) 19:04:14 executing program 6: syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x163008, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext2\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0xaa, &(0x7f0000000280)={[{@data_writeback}]}) [ 396.114394] [ 396.114639] ====================================================== [ 396.115238] WARNING: possible circular locking dependency detected [ 396.115915] 6.13.0-rc7-next-20250120 #1 Not tainted [ 396.116752] ------------------------------------------------------ ** replaying previous printk message ** [ 396.118062] EXT4-fs: Cannot change data mode on remount [ 396.120531] kworker/u8:2/16742 is trying to acquire lock: [ 396.121948] ffffffff8621eb28 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 396.123841] [ 396.123841] but task is already holding lock: [ 396.124901] ffff88802d3b8768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 396.126587] [ 396.126587] which lock already depends on the new lock. [ 396.126587] [ 396.127508] [ 396.127508] the existing dependency chain (in reverse order) is: [ 396.128355] [ 396.128355] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 396.129156] __mutex_lock+0x13d/0xb50 [ 396.129713] wiphy_register+0x1b2e/0x25d0 [ 396.130298] ieee80211_register_hw+0x23a4/0x3d60 [ 396.130948] mac80211_hwsim_new_radio+0x2759/0x4d60 [ 396.131625] init_mac80211_hwsim+0x389/0x870 [ 396.132249] do_one_initcall+0xf9/0x640 [ 396.132830] kernel_init_freeable+0x53d/0x7a0 [ 396.133473] kernel_init+0x1e/0x2d0 [ 396.133986] ret_from_fork+0x48/0x80 [ 396.134510] ret_from_fork_asm+0x1a/0x30 [ 396.135096] [ 396.135096] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 396.135837] __lock_acquire+0x29fd/0x4580 [ 396.136410] lock_acquire+0x19b/0x520 [ 396.136927] __mutex_lock+0x13d/0xb50 [ 396.137489] unregister_netdevice_many_notify+0x1612/0x1c80 [ 396.138227] unregister_netdevice_queue+0x224/0x2e0 [ 396.138903] _cfg80211_unregister_wdev+0x57b/0x700 [ 396.139580] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 396.140240] ieee80211_unregister_hw+0x55/0x3a0 [ 396.140874] hwsim_exit_net+0x3a0/0x730 [ 396.141478] ops_exit_list+0xb3/0x180 [ 396.142018] cleanup_net+0x546/0xad0 [ 396.142552] process_one_work+0x8ee/0x1a10 [ 396.143167] worker_thread+0x674/0xe70 [ 396.143735] kthread+0x3ab/0x720 [ 396.144244] ret_from_fork+0x48/0x80 [ 396.144764] ret_from_fork_asm+0x1a/0x30 [ 396.145360] [ 396.145360] other info that might help us debug this: [ 396.145360] [ 396.146263] Possible unsafe locking scenario: [ 396.146263] [ 396.147010] CPU0 CPU1 [ 396.147523] ---- ---- [ 396.148054] lock(&rdev->wiphy.mtx); [ 396.148523] lock(rtnl_mutex); [ 396.149203] lock(&rdev->wiphy.mtx); [ 396.149911] lock(rtnl_mutex); [ 396.150321] [ 396.150321] *** DEADLOCK *** [ 396.150321] [ 396.150979] 4 locks held by kworker/u8:2/16742: [ 396.151518] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 396.152721] #1: ffff888033ca7d30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 396.153924] #2: ffffffff86212b50 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 396.155041] #3: ffff88802d3b8768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 396.156294] [ 396.156294] stack backtrace: [ 396.156842] CPU: 1 UID: 0 PID: 16742 Comm: kworker/u8:2 Not tainted 6.13.0-rc7-next-20250120 #1 [ 396.157863] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 396.158812] Workqueue: netns cleanup_net [ 396.159323] Call Trace: [ 396.159635] [ 396.159914] dump_stack_lvl+0xca/0x120 [ 396.160421] print_circular_bug+0x47b/0x750 [ 396.160929] check_noncircular+0x2e9/0x3c0 [ 396.161437] ? srso_return_thunk+0x5/0x5f [ 396.161947] ? __pfx_check_noncircular+0x10/0x10 [ 396.162497] ? hlock_class+0x4e/0x130 [ 396.162935] ? mark_lock+0xac/0xed0 [ 396.163356] ? srso_return_thunk+0x5/0x5f [ 396.163825] ? sched_clock+0x37/0x60 [ 396.164341] ? lockdep_lock+0xba/0x1b0 [ 396.165006] ? __pfx_lockdep_lock+0x10/0x10 [ 396.165541] __lock_acquire+0x29fd/0x4580 [ 396.166031] ? __pfx___lock_acquire+0x10/0x10 [ 396.166525] ? lock_release+0x20f/0x6f0 [ 396.166987] ? __pfx_lock_release+0x10/0x10 [ 396.167480] lock_acquire+0x19b/0x520 [ 396.167927] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 396.168564] ? __pfx_lock_acquire+0x10/0x10 [ 396.169043] ? srso_return_thunk+0x5/0x5f [ 396.169518] ? lock_release+0x20f/0x6f0 [ 396.169948] ? srso_return_thunk+0x5/0x5f [ 396.170429] ? lock_is_held_type+0x9e/0x120 [ 396.170918] ? srso_return_thunk+0x5/0x5f [ 396.171367] __mutex_lock+0x13d/0xb50 [ 396.171809] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 396.172441] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 396.173101] ? srso_return_thunk+0x5/0x5f [ 396.173586] ? synchronize_rcu_expedited+0x38a/0x420 [ 396.174142] ? __pfx___mutex_lock+0x10/0x10 [ 396.174657] ? __pfx_autoremove_wake_function+0x10/0x10 [ 396.175242] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 396.175734] unregister_netdevice_many_notify+0x1612/0x1c80 [ 396.176269] ? __virt_addr_valid+0x2e8/0x5d0 [ 396.176694] ? __pfx_lock_release+0x10/0x10 [ 396.177109] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 396.177712] ? find_held_lock+0x2c/0x110 [ 396.178210] ? srso_return_thunk+0x5/0x5f [ 396.178720] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 396.179314] ? srso_return_thunk+0x5/0x5f [ 396.179818] ? lock_release+0x20f/0x6f0 [ 396.180294] ? __pfx_lock_release+0x10/0x10 [ 396.180795] ? srso_return_thunk+0x5/0x5f [ 396.181308] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 396.181928] ? srso_return_thunk+0x5/0x5f [ 396.182447] unregister_netdevice_queue+0x224/0x2e0 [ 396.183027] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 396.183652] ? up_write+0x195/0x520 [ 396.184109] _cfg80211_unregister_wdev+0x57b/0x700 [ 396.184694] ? srso_return_thunk+0x5/0x5f [ 396.185222] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 396.185805] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 396.186440] ? srso_return_thunk+0x5/0x5f [ 396.186954] ? srso_return_thunk+0x5/0x5f [ 396.187458] ? synchronize_rcu+0x1ff/0x260 [ 396.187924] ieee80211_unregister_hw+0x55/0x3a0 [ 396.188458] hwsim_exit_net+0x3a0/0x730 [ 396.188939] ? __pfx_hwsim_exit_net+0x10/0x10 [ 396.189449] ? srso_return_thunk+0x5/0x5f [ 396.189942] ? netdev_run_todo+0x788/0x1040 [ 396.190450] ? __pfx_hwsim_exit_net+0x10/0x10 [ 396.190967] ops_exit_list+0xb3/0x180 [ 396.191402] cleanup_net+0x546/0xad0 [ 396.191851] ? __pfx_cleanup_net+0x10/0x10 [ 396.192354] process_one_work+0x8ee/0x1a10 [ 396.192881] ? __pfx_lock_acquire+0x10/0x10 [ 396.193376] ? __pfx_process_one_work+0x10/0x10 [ 396.193891] ? srso_return_thunk+0x5/0x5f [ 396.194365] ? move_linked_works+0x172/0x270 [ 396.194855] ? srso_return_thunk+0x5/0x5f [ 396.195314] ? assign_work+0x196/0x240 [ 396.195751] worker_thread+0x674/0xe70 [ 396.196219] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 396.196823] ? srso_return_thunk+0x5/0x5f [ 396.197309] ? __pfx_worker_thread+0x10/0x10 [ 396.197811] kthread+0x3ab/0x720 [ 396.198180] ? __pfx_kthread+0x10/0x10 [ 396.198620] ? srso_return_thunk+0x5/0x5f [ 396.199075] ? finish_task_switch.isra.0+0x206/0x840 [ 396.199625] ? __pfx_kthread+0x10/0x10 [ 396.200078] ret_from_fork+0x48/0x80 [ 396.200483] ? __pfx_kthread+0x10/0x10 [ 396.200941] ret_from_fork_asm+0x1a/0x30 [ 396.201426] [ 396.221371] EXT4-fs: Cannot change data mode on remount 19:04:14 executing program 6: syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x163008, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext2\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0xaa, &(0x7f0000000280)={[{@data_writeback}]}) [ 396.301955] EXT4-fs: Cannot change data mode on remount [ 398.199914] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 398.204784] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 398.205621] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 398.220778] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 398.225166] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 398.226981] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 398.338615] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 398.350989] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 398.353076] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 398.353947] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 398.355113] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 398.355912] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 398.358238] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 398.359953] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 398.360786] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 398.376610] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 398.383782] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 398.385902] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 398.858205] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 398.859863] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 398.860582] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 398.870935] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 398.876711] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 398.878289] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 398.878867] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 398.886037] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 398.886826] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 398.890131] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 398.904703] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 398.905318] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 398.939030] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 398.939406] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 398.954858] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 398.956519] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 398.956810] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 398.964954] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 399.011047] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 399.012910] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 399.018553] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 399.028868] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 399.048002] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 399.065105] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 400.301537] Bluetooth: hci1: command tx timeout [ 400.428918] Bluetooth: hci2: command tx timeout [ 400.429052] Bluetooth: hci3: command tx timeout [ 400.940562] Bluetooth: hci4: command tx timeout [ 401.004626] Bluetooth: hci5: command tx timeout [ 401.132576] Bluetooth: hci7: command tx timeout [ 401.132700] Bluetooth: hci6: command tx timeout [ 402.349555] Bluetooth: hci1: command tx timeout [ 402.476549] Bluetooth: hci3: command tx timeout [ 402.476621] Bluetooth: hci2: command tx timeout [ 402.988592] Bluetooth: hci4: command tx timeout [ 403.053455] Bluetooth: hci5: command tx timeout [ 403.180521] Bluetooth: hci6: command tx timeout [ 403.180594] Bluetooth: hci7: command tx timeout [ 404.397565] Bluetooth: hci1: command tx timeout [ 404.525478] Bluetooth: hci3: command tx timeout [ 404.525560] Bluetooth: hci2: command tx timeout [ 405.036573] Bluetooth: hci4: command tx timeout [ 405.100553] Bluetooth: hci5: command tx timeout [ 405.228477] Bluetooth: hci7: command tx timeout [ 405.229038] Bluetooth: hci6: command tx timeout VM DIAGNOSIS: 19:04:14 Registers: info registers vcpu 0 RAX=ffffffff864fe3c0 RBX=ffffffff864fe3b4 RCX=ffffffff81d6e29f RDX=0000000000000000 RSI=ffffffff8688d8e4 RDI=ffffffff864fe3a8 RBP=ffffffff864fe3b8 RSP=ffff88802a2967b0 R8 =ffffffff8688d8e4 R9 =ffff88802a2968a8 R10=000000000003ab6c R11=000000000002ef3c R12=ffffffff864fe3c0 R13=ffffffff864fe3a8 R14=ffffffff864fe3b4 R15=dffffc0000000000 RIP=ffffffff813484da RFL=00000283 [--S---C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000555566206400 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f711c743000 CR3=000000002a6c8000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=65756e69746e6f633d73726f7272652c XMM01=00000000000000000000000000000000 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=ff000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000066 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8283e2e5 RDI=ffffffff886990a0 RBP=ffffffff88699060 RSP=ffff888033ca6b28 R8 =0000000000000001 R9 =ffffed1006794d55 R10=0000000000000066 R11=3038383866666666 R12=0000000000000066 R13=0000000000000001 R14=ffff888008fea012 R15=ffff888033ca6e28 RIP=ffffffff8283e33d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000001b2ef24000 CR3=000000000bcb6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=ffffffffffffff00ffffffffffffffff XMM02=00000000000000210000000000000000 XMM03=7269762f736563697665642f7379732f XMM04=0000000200000000000055f041e91200 XMM05=000055f041ea6bf0000055f041e910d0 XMM06=000055f041e57d000000000000000000 XMM07=00000004ffffffff000055f041e910f0 XMM08=2f63697361622f6372732f2e2e000d0a XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000