Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:8663' (ECDSA) to the list of known hosts. 2025/01/18 04:18:25 fuzzer started 2025/01/18 04:18:25 dialing manager at localhost:44245 syzkaller login: [ 63.948824] cgroup: Unknown subsys name 'net' [ 64.049944] cgroup: Unknown subsys name 'cpuset' [ 64.076660] cgroup: Unknown subsys name 'rlimit' [ 70.232907] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/18 04:18:41 syscalls: 2217 2025/01/18 04:18:41 code coverage: enabled 2025/01/18 04:18:41 comparison tracing: enabled 2025/01/18 04:18:41 extra coverage: enabled 2025/01/18 04:18:41 setuid sandbox: enabled 2025/01/18 04:18:41 namespace sandbox: enabled 2025/01/18 04:18:41 Android sandbox: enabled 2025/01/18 04:18:41 fault injection: enabled 2025/01/18 04:18:41 leak checking: enabled 2025/01/18 04:18:41 net packet injection: enabled 2025/01/18 04:18:41 net device setup: enabled 2025/01/18 04:18:41 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/18 04:18:41 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/18 04:18:41 USB emulation: enabled 2025/01/18 04:18:41 hci packet injection: enabled 2025/01/18 04:18:41 wifi device emulation: enabled 2025/01/18 04:18:41 802.15.4 emulation: enabled 2025/01/18 04:18:41 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/18 04:18:42 fetching corpus: 50, signal 27239/29857 (executing program) 2025/01/18 04:18:42 fetching corpus: 100, signal 38346/41476 (executing program) 2025/01/18 04:18:42 fetching corpus: 150, signal 47013/50297 (executing program) 2025/01/18 04:18:42 fetching corpus: 200, signal 56955/59816 (executing program) 2025/01/18 04:18:42 fetching corpus: 250, signal 61534/64370 (executing program) 2025/01/18 04:18:43 fetching corpus: 300, signal 67388/69679 (executing program) 2025/01/18 04:18:43 fetching corpus: 350, signal 69791/71986 (executing program) 2025/01/18 04:18:43 fetching corpus: 400, signal 73824/75365 (executing program) 2025/01/18 04:18:43 fetching corpus: 450, signal 75448/76760 (executing program) 2025/01/18 04:18:43 fetching corpus: 500, signal 77866/78665 (executing program) 2025/01/18 04:18:43 fetching corpus: 528, signal 78927/79470 (executing program) 2025/01/18 04:18:43 fetching corpus: 528, signal 78927/79509 (executing program) 2025/01/18 04:18:43 fetching corpus: 528, signal 78927/79554 (executing program) 2025/01/18 04:18:43 fetching corpus: 528, signal 78927/79597 (executing program) 2025/01/18 04:18:43 fetching corpus: 528, signal 78927/79645 (executing program) 2025/01/18 04:18:43 fetching corpus: 528, signal 78927/79696 (executing program) 2025/01/18 04:18:43 fetching corpus: 528, signal 78927/79733 (executing program) 2025/01/18 04:18:44 fetching corpus: 528, signal 78927/79788 (executing program) 2025/01/18 04:18:44 fetching corpus: 528, signal 78927/79843 (executing program) 2025/01/18 04:18:44 fetching corpus: 528, signal 78927/79891 (executing program) 2025/01/18 04:18:44 fetching corpus: 528, signal 78927/79946 (executing program) 2025/01/18 04:18:44 fetching corpus: 528, signal 78927/80003 (executing program) 2025/01/18 04:18:44 fetching corpus: 528, signal 78927/80062 (executing program) 2025/01/18 04:18:44 fetching corpus: 528, signal 78927/80119 (executing program) 2025/01/18 04:18:44 fetching corpus: 528, signal 78927/80152 (executing program) 2025/01/18 04:18:44 fetching corpus: 528, signal 78927/80200 (executing program) 2025/01/18 04:18:44 fetching corpus: 528, signal 78927/80240 (executing program) 2025/01/18 04:18:44 fetching corpus: 528, signal 78927/80302 (executing program) 2025/01/18 04:18:44 fetching corpus: 528, signal 78927/80336 (executing program) 2025/01/18 04:18:44 fetching corpus: 528, signal 78927/80389 (executing program) 2025/01/18 04:18:44 fetching corpus: 528, signal 78927/80434 (executing program) 2025/01/18 04:18:44 fetching corpus: 528, signal 78927/80485 (executing program) 2025/01/18 04:18:44 fetching corpus: 528, signal 78927/80532 (executing program) 2025/01/18 04:18:44 fetching corpus: 528, signal 78927/80582 (executing program) 2025/01/18 04:18:44 fetching corpus: 528, signal 78927/80632 (executing program) 2025/01/18 04:18:44 fetching corpus: 528, signal 78927/80682 (executing program) 2025/01/18 04:18:44 fetching corpus: 528, signal 78927/80721 (executing program) 2025/01/18 04:18:44 fetching corpus: 528, signal 78927/80757 (executing program) 2025/01/18 04:18:44 fetching corpus: 528, signal 78927/80799 (executing program) 2025/01/18 04:18:44 fetching corpus: 528, signal 78927/80820 (executing program) 2025/01/18 04:18:44 fetching corpus: 528, signal 78927/80820 (executing program) 2025/01/18 04:18:47 starting 8 fuzzer processes 04:18:47 executing program 0: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040)) setfsuid(0x0) 04:18:47 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prctl$PR_SET_MM_AUXV(0x29, 0xc, 0x0, 0x0) 04:18:47 executing program 2: perf_event_open$cgroup(&(0x7f0000005700)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x600}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 04:18:47 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) socketpair(0x21, 0x0, 0x7, &(0x7f0000000100)) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$RTC_IRQP_READ(0xffffffffffffffff, 0x8008700b, 0x0) [ 85.532688] audit: type=1400 audit(1737173927.697:7): avc: denied { execmem } for pid=272 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 04:18:47 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = fsopen(&(0x7f0000000140)='devtmpfs\x00', 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) 04:18:47 executing program 5: pipe2(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$cgroup_int(r0, &(0x7f0000001200), 0xfffffffffffffdef) 04:18:47 executing program 6: prctl$PR_SET_SECUREBITS(0x1c, 0xf) setfsuid(0xee01) 04:18:47 executing program 7: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040)) open(&(0x7f0000000000)='./file0\x00', 0x10a0c0, 0x0) setxattr$incfs_id(&(0x7f0000000080)='./file0\x00', &(0x7f0000000140), 0x0, 0x0, 0x0) [ 86.948439] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 86.952606] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 86.957046] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 86.965346] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 86.969773] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 86.972011] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 87.078406] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 87.082240] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 87.084553] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 87.089442] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 87.092479] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 87.093652] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 87.099190] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 87.101005] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 87.103059] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 87.105196] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 87.112723] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 87.121623] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 87.125205] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 87.137492] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 87.143397] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 87.145672] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 87.147555] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 87.148233] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 87.154190] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 87.156698] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 87.158551] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 87.171365] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 87.179560] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 87.182348] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 87.190979] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 87.197346] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 87.200560] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 87.201258] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 87.204706] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 87.207427] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 87.208789] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 87.236914] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 87.238788] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 87.241175] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 87.244548] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 87.246497] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 87.247403] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 87.258532] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 87.259331] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 87.272827] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 87.275574] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 87.277074] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 89.041264] Bluetooth: hci0: command tx timeout [ 89.169193] Bluetooth: hci2: command tx timeout [ 89.233918] Bluetooth: hci3: command tx timeout [ 89.234105] Bluetooth: hci1: command tx timeout [ 89.297949] Bluetooth: hci7: command tx timeout [ 89.298130] Bluetooth: hci6: command tx timeout [ 89.298248] Bluetooth: hci4: command tx timeout [ 89.360997] Bluetooth: hci5: command tx timeout [ 91.089914] Bluetooth: hci0: command tx timeout [ 91.216936] Bluetooth: hci2: command tx timeout [ 91.281048] Bluetooth: hci1: command tx timeout [ 91.281197] Bluetooth: hci3: command tx timeout [ 91.345157] Bluetooth: hci4: command tx timeout [ 91.345451] Bluetooth: hci6: command tx timeout [ 91.345541] Bluetooth: hci7: command tx timeout [ 91.409028] Bluetooth: hci5: command tx timeout [ 93.136904] Bluetooth: hci0: command tx timeout [ 93.265906] Bluetooth: hci2: command tx timeout [ 93.328943] Bluetooth: hci1: command tx timeout [ 93.329030] Bluetooth: hci3: command tx timeout [ 93.393917] Bluetooth: hci4: command tx timeout [ 93.394000] Bluetooth: hci7: command tx timeout [ 93.394084] Bluetooth: hci6: command tx timeout [ 93.458041] Bluetooth: hci5: command tx timeout [ 95.185014] Bluetooth: hci0: command tx timeout [ 95.313875] Bluetooth: hci2: command tx timeout [ 95.376922] Bluetooth: hci1: command tx timeout [ 95.377004] Bluetooth: hci3: command tx timeout [ 95.441942] Bluetooth: hci6: command tx timeout [ 95.442025] Bluetooth: hci7: command tx timeout [ 95.442106] Bluetooth: hci4: command tx timeout [ 95.505924] Bluetooth: hci5: command tx timeout [ 145.782126] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 145.782263] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 147.185991] [ 147.186244] ====================================================== [ 147.186823] WARNING: possible circular locking dependency detected [ 147.187497] 6.13.0-rc7-next-20250117 #1 Not tainted [ 147.188455] ------------------------------------------------------ [ 147.189278] kworker/u8:1/65 is trying to acquire lock: [ 147.190397] ffffffff8621b968 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 147.192032] [ 147.192032] but task is already holding lock: [ 147.192866] ffff88803a008768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 147.194269] [ 147.194269] which lock already depends on the new lock. [ 147.194269] [ 147.195830] [ 147.195830] the existing dependency chain (in reverse order) is: [ 147.196875] [ 147.196875] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 147.197818] __mutex_lock+0x13d/0xb50 [ 147.198563] wiphy_register+0x1b2e/0x25d0 [ 147.199332] ieee80211_register_hw+0x23a4/0x3d60 [ 147.200157] mac80211_hwsim_new_radio+0x2759/0x4d50 [ 147.200963] init_mac80211_hwsim+0x389/0x870 [ 147.201477] do_one_initcall+0xf9/0x640 [ 147.201965] kernel_init_freeable+0x53d/0x7a0 [ 147.202480] kernel_init+0x1e/0x2d0 [ 147.202896] ret_from_fork+0x48/0x80 [ 147.203320] ret_from_fork_asm+0x1a/0x30 [ 147.203795] [ 147.203795] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 147.204395] __lock_acquire+0x29fd/0x4580 [ 147.204876] lock_acquire+0x19b/0x520 [ 147.205318] __mutex_lock+0x13d/0xb50 [ 147.205777] unregister_netdevice_many_notify+0x1612/0x1c80 [ 147.206384] unregister_netdevice_queue+0x224/0x2e0 [ 147.206930] _cfg80211_unregister_wdev+0x57b/0x700 [ 147.207475] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 147.208025] ieee80211_unregister_hw+0x55/0x3a0 [ 147.208542] hwsim_exit_net+0x3a0/0x730 [ 147.209003] ops_exit_list+0xb3/0x180 [ 147.209444] cleanup_net+0x546/0xad0 [ 147.209892] process_one_work+0x8ee/0x1a10 [ 147.210390] worker_thread+0x674/0xe70 [ 147.210864] kthread+0x3ab/0x720 [ 147.211280] ret_from_fork+0x48/0x80 [ 147.211705] ret_from_fork_asm+0x1a/0x30 [ 147.212199] [ 147.212199] other info that might help us debug this: [ 147.212199] [ 147.212938] Possible unsafe locking scenario: [ 147.212938] [ 147.213498] CPU0 CPU1 [ 147.213956] ---- ---- [ 147.214395] lock(&rdev->wiphy.mtx); [ 147.214804] lock(rtnl_mutex); [ 147.215390] lock(&rdev->wiphy.mtx); [ 147.216020] lock(rtnl_mutex); [ 147.216431] [ 147.216431] *** DEADLOCK *** [ 147.216431] [ 147.217026] 4 locks held by kworker/u8:1/65: [ 147.217527] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 147.218575] #1: ffff88800e797d30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 147.219570] #2: ffffffff8620f810 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 147.220491] #3: ffff88803a008768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 147.221655] [ 147.221655] stack backtrace: [ 147.222111] CPU: 0 UID: 0 PID: 65 Comm: kworker/u8:1 Not tainted 6.13.0-rc7-next-20250117 #1 [ 147.223016] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 147.223846] Workqueue: netns cleanup_net [ 147.224313] Call Trace: [ 147.224597] [ 147.224844] dump_stack_lvl+0xca/0x120 [ 147.225315] print_circular_bug+0x47b/0x750 [ 147.225821] check_noncircular+0x2e9/0x3c0 [ 147.226300] ? lock_repin_lock+0x207/0x320 [ 147.226791] ? __pfx_check_noncircular+0x10/0x10 [ 147.227327] ? hlock_class+0x4e/0x130 [ 147.227753] ? mark_lock+0xac/0xed0 [ 147.228112] ? __pfx_lock_repin_lock+0x10/0x10 [ 147.228653] ? lockdep_lock+0xba/0x1b0 [ 147.229116] ? __pfx_lockdep_lock+0x10/0x10 [ 147.229629] __lock_acquire+0x29fd/0x4580 [ 147.230117] ? __pfx___lock_acquire+0x10/0x10 [ 147.230634] ? lock_release+0x20f/0x6f0 [ 147.231097] ? __pfx_lock_release+0x10/0x10 [ 147.231566] lock_acquire+0x19b/0x520 [ 147.231969] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 147.232627] ? __pfx_lock_acquire+0x10/0x10 [ 147.233123] ? srso_return_thunk+0x5/0x5f [ 147.233581] ? lock_release+0x20f/0x6f0 [ 147.234059] ? srso_return_thunk+0x5/0x5f [ 147.234524] ? lock_is_held_type+0x9e/0x120 [ 147.234988] ? srso_return_thunk+0x5/0x5f [ 147.235432] __mutex_lock+0x13d/0xb50 [ 147.235843] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 147.236424] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 147.237005] ? srso_return_thunk+0x5/0x5f [ 147.237442] ? synchronize_rcu_expedited+0x38a/0x420 [ 147.237975] ? __pfx___mutex_lock+0x10/0x10 [ 147.238430] ? __pfx_autoremove_wake_function+0x10/0x10 [ 147.238974] ? srso_return_thunk+0x5/0x5f [ 147.239412] ? kasan_quarantine_put+0x84/0x1e0 [ 147.239898] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 147.240356] ? srso_return_thunk+0x5/0x5f [ 147.240800] unregister_netdevice_many_notify+0x1612/0x1c80 [ 147.241366] ? __virt_addr_valid+0x2e8/0x5d0 [ 147.241838] ? __pfx_lock_release+0x10/0x10 [ 147.242290] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 147.242887] ? find_held_lock+0x2c/0x110 [ 147.243320] ? srso_return_thunk+0x5/0x5f [ 147.243759] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 147.244271] ? srso_return_thunk+0x5/0x5f [ 147.244712] ? lock_release+0x20f/0x6f0 [ 147.245127] ? __pfx_lock_release+0x10/0x10 [ 147.245566] ? srso_return_thunk+0x5/0x5f [ 147.246030] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 147.246563] ? srso_return_thunk+0x5/0x5f [ 147.247015] unregister_netdevice_queue+0x224/0x2e0 [ 147.247519] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 147.248078] ? up_write+0x195/0x520 [ 147.248478] _cfg80211_unregister_wdev+0x57b/0x700 [ 147.249060] ? srso_return_thunk+0x5/0x5f [ 147.249556] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 147.250147] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 147.250761] ? srso_return_thunk+0x5/0x5f [ 147.251260] ? srso_return_thunk+0x5/0x5f [ 147.251753] ? synchronize_rcu+0x1ff/0x260 [ 147.252244] ieee80211_unregister_hw+0x55/0x3a0 [ 147.252754] hwsim_exit_net+0x3a0/0x730 [ 147.253223] ? __pfx_hwsim_exit_net+0x10/0x10 [ 147.253711] ? srso_return_thunk+0x5/0x5f [ 147.254160] ? netdev_run_todo+0x788/0x1040 [ 147.254613] ? srso_return_thunk+0x5/0x5f [ 147.255062] ? __pfx_hwsim_exit_net+0x10/0x10 [ 147.255524] ops_exit_list+0xb3/0x180 [ 147.255931] cleanup_net+0x546/0xad0 [ 147.256329] ? __pfx_cleanup_net+0x10/0x10 [ 147.256779] process_one_work+0x8ee/0x1a10 [ 147.257224] ? __pfx_lock_acquire+0x10/0x10 [ 147.257678] ? __pfx_process_one_work+0x10/0x10 [ 147.258168] ? srso_return_thunk+0x5/0x5f [ 147.258604] ? move_linked_works+0x172/0x270 [ 147.259055] ? srso_return_thunk+0x5/0x5f [ 147.259471] ? assign_work+0x196/0x240 [ 147.259862] worker_thread+0x674/0xe70 [ 147.260254] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 147.260760] ? srso_return_thunk+0x5/0x5f [ 147.261253] ? __pfx_worker_thread+0x10/0x10 [ 147.261786] kthread+0x3ab/0x720 [ 147.262199] ? __pfx_kthread+0x10/0x10 [ 147.262673] ? srso_return_thunk+0x5/0x5f [ 147.263136] ? finish_task_switch.isra.0+0x206/0x840 [ 147.263729] ? __pfx_kthread+0x10/0x10 [ 147.264196] ret_from_fork+0x48/0x80 [ 147.264624] ? __pfx_kthread+0x10/0x10 [ 147.265096] ret_from_fork_asm+0x1a/0x30 [ 147.265605] [ 149.409424] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 149.411947] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 149.414262] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 149.417048] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 149.419023] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 149.421908] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 149.424039] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 149.430024] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 149.430702] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 149.434656] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 149.437947] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 149.440022] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 149.490388] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 149.493127] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 149.495280] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 149.512144] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 149.520930] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 149.529138] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 149.543067] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 149.545506] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 149.545940] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 149.547614] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 149.551395] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 149.554511] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 149.557051] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 149.558974] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 149.574301] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 149.594220] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 149.600275] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 149.603084] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 149.606932] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 149.608397] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 149.608978] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 149.613214] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 149.616340] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 149.618542] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 149.624125] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 149.630549] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 149.632715] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 149.638363] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 149.647853] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 149.652056] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 149.683218] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 149.702901] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 149.728985] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 149.736764] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 149.744439] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 149.747917] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 151.504888] Bluetooth: hci0: command tx timeout [ 151.504958] Bluetooth: hci1: command tx timeout [ 151.634849] Bluetooth: hci3: command tx timeout [ 151.634939] Bluetooth: hci2: command tx timeout [ 151.696922] Bluetooth: hci5: command tx timeout [ 151.697037] Bluetooth: hci6: command tx timeout [ 151.697150] Bluetooth: hci4: command tx timeout [ 151.824946] Bluetooth: hci7: command tx timeout [ 153.554869] Bluetooth: hci1: command tx timeout [ 153.554904] Bluetooth: hci0: command tx timeout [ 153.681011] Bluetooth: hci2: command tx timeout [ 153.681038] Bluetooth: hci3: command tx timeout [ 153.745034] Bluetooth: hci4: command tx timeout [ 153.745057] Bluetooth: hci6: command tx timeout [ 153.745143] Bluetooth: hci5: command tx timeout [ 153.873075] Bluetooth: hci7: command tx timeout [ 155.601022] Bluetooth: hci1: command tx timeout [ 155.601066] Bluetooth: hci0: command tx timeout [ 155.729939] Bluetooth: hci3: command tx timeout [ 155.729950] Bluetooth: hci2: command tx timeout [ 155.792933] Bluetooth: hci5: command tx timeout [ 155.793022] Bluetooth: hci4: command tx timeout [ 155.793117] Bluetooth: hci6: command tx timeout [ 155.920952] Bluetooth: hci7: command tx timeout VM DIAGNOSIS: 04:19:49 Registers: info registers vcpu 0 RAX=0000000000000069 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8283cdc5 RDI=ffffffff886930a0 RBP=ffffffff88693060 RSP=ffff88800e796bb8 R8 =0000000000000001 R9 =ffffed1001cf2d67 R10=0000000000000069 R11=6f6c206863696877 R12=0000000000000069 R13=0000000000000001 R14=ffff888008fea022 R15=ffff88800e796eb8 RIP=ffffffff8283ce1d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000001f27f60 CR3=000000001908e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=0000000000000000417af59600000000 XMM03=0000ff00000000000000000000000000 XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962 XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=ffff88800e64d340 RCX=ffffffff81429a0f RDX=ffff88800e64d340 RSI=ffffffff81429a18 RDI=0000000000000005 RBP=0000000000200000 RSP=ffff88800f52fdb0 R8 =0000000000000000 R9 =ffffed1001d00180 R10=0000000000200000 R11=ffff88800e64d7f8 R12=ffff88807b6e7ff9 R13=ffffffff8864e0e8 R14=ffff88800e64d340 R15=0000000000000086 RIP=ffffffff8171a158 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f4903d78ba0 CR3=000000000f7da000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=7e03af1035dc1ab6164753ee4a1e46ac XMM02=d12871896912de2d00000000000fd4e8 XMM03=f9980df3bdc2dbad0000000000132918 XMM04=68da7582d11a2b5c00000000000ae988 XMM05=9f165a4fe6c971ad0000000000138390 XMM06=7c8d2a4f1e787a9800000000001382f0 XMM07=b13e0fc33ea6d3c40000000000132970 XMM08=68a8aee3740b9fad00000000000fd600 XMM09=00000000000000000000000000000000 XMM10=20000000000000002000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000