syzkaller login: [ 67.473635] sshd (232) used greatest stack depth: 24216 bytes left Warning: Permanently added '[localhost]:49023' (ECDSA) to the list of known hosts. 2025/01/18 13:32:34 fuzzer started 2025/01/18 13:32:34 dialing manager at localhost:44245 [ 70.165948] cgroup: Unknown subsys name 'net' [ 70.231887] cgroup: Unknown subsys name 'cpuset' [ 70.250153] cgroup: Unknown subsys name 'rlimit' [ 76.719195] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 87.336279] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/18 13:32:52 syscalls: 2217 2025/01/18 13:32:52 code coverage: enabled 2025/01/18 13:32:52 comparison tracing: enabled 2025/01/18 13:32:52 extra coverage: enabled 2025/01/18 13:32:52 setuid sandbox: enabled 2025/01/18 13:32:52 namespace sandbox: enabled 2025/01/18 13:32:52 Android sandbox: enabled 2025/01/18 13:32:52 fault injection: enabled 2025/01/18 13:32:52 leak checking: enabled 2025/01/18 13:32:52 net packet injection: enabled 2025/01/18 13:32:52 net device setup: enabled 2025/01/18 13:32:52 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/18 13:32:52 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/18 13:32:52 USB emulation: enabled 2025/01/18 13:32:52 hci packet injection: enabled 2025/01/18 13:32:52 wifi device emulation: enabled 2025/01/18 13:32:52 802.15.4 emulation: enabled 2025/01/18 13:32:52 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/18 13:32:52 fetching corpus: 50, signal 26478/29471 (executing program) 2025/01/18 13:32:52 fetching corpus: 100, signal 37101/40952 (executing program) 2025/01/18 13:32:52 fetching corpus: 150, signal 43052/47741 (executing program) 2025/01/18 13:32:52 fetching corpus: 200, signal 49536/54789 (executing program) 2025/01/18 13:32:53 fetching corpus: 250, signal 53321/59185 (executing program) 2025/01/18 13:32:53 fetching corpus: 300, signal 56969/63348 (executing program) 2025/01/18 13:32:53 fetching corpus: 350, signal 62805/69237 (executing program) 2025/01/18 13:32:53 fetching corpus: 400, signal 66037/72786 (executing program) 2025/01/18 13:32:53 fetching corpus: 450, signal 68855/75876 (executing program) 2025/01/18 13:32:53 fetching corpus: 500, signal 74997/81509 (executing program) 2025/01/18 13:32:53 fetching corpus: 550, signal 77341/83913 (executing program) 2025/01/18 13:32:54 fetching corpus: 600, signal 80510/86843 (executing program) 2025/01/18 13:32:54 fetching corpus: 650, signal 83497/89538 (executing program) 2025/01/18 13:32:54 fetching corpus: 700, signal 85480/91397 (executing program) 2025/01/18 13:32:54 fetching corpus: 750, signal 87454/93175 (executing program) 2025/01/18 13:32:54 fetching corpus: 800, signal 90458/95605 (executing program) 2025/01/18 13:32:54 fetching corpus: 850, signal 92172/97040 (executing program) 2025/01/18 13:32:55 fetching corpus: 900, signal 93930/98465 (executing program) 2025/01/18 13:32:55 fetching corpus: 950, signal 95334/99588 (executing program) 2025/01/18 13:32:55 fetching corpus: 1000, signal 96588/100570 (executing program) 2025/01/18 13:32:55 fetching corpus: 1050, signal 98436/101858 (executing program) 2025/01/18 13:32:55 fetching corpus: 1100, signal 99351/102539 (executing program) 2025/01/18 13:32:56 fetching corpus: 1150, signal 101411/103816 (executing program) 2025/01/18 13:32:56 fetching corpus: 1200, signal 102414/104445 (executing program) 2025/01/18 13:32:56 fetching corpus: 1250, signal 104221/105449 (executing program) 2025/01/18 13:32:56 fetching corpus: 1264, signal 104923/105819 (executing program) 2025/01/18 13:32:56 fetching corpus: 1264, signal 104923/105858 (executing program) 2025/01/18 13:32:56 fetching corpus: 1264, signal 104923/105882 (executing program) 2025/01/18 13:32:56 fetching corpus: 1264, signal 104923/105911 (executing program) 2025/01/18 13:32:56 fetching corpus: 1264, signal 104923/105951 (executing program) 2025/01/18 13:32:56 fetching corpus: 1264, signal 104923/105981 (executing program) 2025/01/18 13:32:56 fetching corpus: 1264, signal 104923/106011 (executing program) 2025/01/18 13:32:56 fetching corpus: 1264, signal 104923/106044 (executing program) 2025/01/18 13:32:56 fetching corpus: 1264, signal 104923/106075 (executing program) 2025/01/18 13:32:56 fetching corpus: 1264, signal 104923/106100 (executing program) 2025/01/18 13:32:56 fetching corpus: 1264, signal 104923/106131 (executing program) 2025/01/18 13:32:56 fetching corpus: 1264, signal 104923/106152 (executing program) 2025/01/18 13:32:56 fetching corpus: 1264, signal 104923/106181 (executing program) 2025/01/18 13:32:56 fetching corpus: 1264, signal 104923/106225 (executing program) 2025/01/18 13:32:56 fetching corpus: 1264, signal 104923/106255 (executing program) 2025/01/18 13:32:56 fetching corpus: 1264, signal 104923/106277 (executing program) 2025/01/18 13:32:56 fetching corpus: 1264, signal 104923/106315 (executing program) 2025/01/18 13:32:56 fetching corpus: 1264, signal 104923/106343 (executing program) 2025/01/18 13:32:56 fetching corpus: 1264, signal 104923/106383 (executing program) 2025/01/18 13:32:56 fetching corpus: 1264, signal 104923/106416 (executing program) 2025/01/18 13:32:56 fetching corpus: 1264, signal 104923/106444 (executing program) 2025/01/18 13:32:56 fetching corpus: 1264, signal 104923/106481 (executing program) 2025/01/18 13:32:56 fetching corpus: 1264, signal 104923/106509 (executing program) 2025/01/18 13:32:56 fetching corpus: 1264, signal 104923/106546 (executing program) 2025/01/18 13:32:56 fetching corpus: 1264, signal 104923/106577 (executing program) 2025/01/18 13:32:56 fetching corpus: 1264, signal 104923/106610 (executing program) 2025/01/18 13:32:57 fetching corpus: 1264, signal 104923/106646 (executing program) 2025/01/18 13:32:57 fetching corpus: 1264, signal 104923/106655 (executing program) 2025/01/18 13:32:57 fetching corpus: 1264, signal 104923/106655 (executing program) 2025/01/18 13:33:00 starting 8 fuzzer processes 13:33:00 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = epoll_create1(0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r0}}) 13:33:00 executing program 1: r0 = syz_io_uring_setup(0x1117, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) r1 = socket$netlink(0x10, 0x3, 0xb) r2 = dup2(r1, r1) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0x1, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 13:33:00 executing program 2: r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x2a01, 0x0) ioctl$DVD_WRITE_STRUCT(r0, 0x5390, &(0x7f0000000900)=@manufact={0x4, 0x0, 0x800, "9f9beef60bf93cc65168f97dec92dc27b0dbc44725d65dddb21c22d6be1f5129dd029e8fd97c8d02e793243d10eb4c7508fa26cd047013866e8156f623cdedc9fcf1a935d5b82fc9feb5b4edc3a05c03da41ea377b45cc524b3d46ceff1ce54e7ea7394694ed5f6e91ac205e3380877e010bb5dbdd913a00c8f181671391494e82f940d9acf4e6077d62de9ac6bcdef4a17e37f43551950ce4ee05e4c0c68e9a75b3f7137dfa459e7f50d2fc1c08ce6076fa1f330183d83230b22325a3b519b58928a53929947b27bcd2d06cc0d35016c4e2d2e1033c6704b5d7aa40b3f7946182a27ffe1800bff940b619cb172f1704cf2509b751fa3dd863ca9fefbf579be1bf0d3d73e539cc17e1361bdaf4a7b1efce49f35f520fbb1df7512ea1ce0ed9cfaa0b5b0e9e4b106b7b2f24cbf59827c1170e2f837fccb602a90ba6e18a59b20d3339d01b8f9bfeebc1ba10992e5dae1af41df32dbef8c6ffc7a5a9f8ff57fd1832d56c442d1e3c95f2aff7a6f8fe47f21cdb521e8f97c885bd347d79bccee34847be9b7556f3255de40fb425499e66ba4546932d985a987bd115dc88c29dfc2035b50a5e14222d53a283e0cba7342dbdb6a85b7cfd1a90fff5db191f55519130c022c2b2e9bab90c35a3d255375f6fdb7a58a41fca0244e7031ea89a780af042f165341a4c7cacfb10c40e1020e021eaf80b9f115940f73d0b5c47c579d2fa9f755a0564884b5d12b77822207f7382092d3edf69b396b25adadf87590b28224075f4261df05830c0c5f25091f889bbe800a7740de00a6be568da0d663c9b171fdd931bf11888ac930050e6ed00fa94469991fb94e93a182fd3a59ce0ba569b4db6e213fe27fbbf1867c023968adc7fadf4f61d921b8afbeeb11586b5c5492825f4bb6a2b9b1d99b018e2718e650844eb436e8ca0e66a7994de3a05d7f3366763acef7c69e6c723963085029f281ea0d6621fed85a3e0747991e851e0e88d82ab65efeff0695d8822ac163a4c9fddd0923c76fea04424ba82fdb60be5e680aef1d5ba325014b00ac14ae2b86f5656ff92c028596a6ce28990e916a8ced7af7a969eef1e1d0b9fde778ede5964ce4833709a948e06e7607e8dc5db9ec6d699290c32d37809fd2fbd6f2daa4b482c5b3fe72247d6295a585de5986f3204898cea3d8a80a58c0e9f03ac9b82a52596549fe745e64b6dec5561105d9f3fa6459bdb5453d605e0cdb552f965ef8090886b456997aa41660ee219b6699661f2a463ab29b85005bcdd2bf6771dd5e17c4eed0b3f34243ee9f8521f42bbbfc3fce817167825148a1b3ce5553b4feed43435a1515c809f1d3a61acc7ea3cd97e02f72537d3acce641aa3e0766729888e4adf307f9f86b70e7e8832e24556298ff61b83261850d8ec55936a819f91b1dc54834d3af33769e7caaaac2bdbd7266a7a0c52773448ca866e8d9a352b13cae25002046c303ef96b1c379c9ed453a7fdaeb65f79f3935c4777c0a16cb3319730d5254574a365d6f3420b4217c18ed544c3521d9d304c566223a606536daaa67f53e4aa77e2482a91fecd06dc0f09e3471ff790f315424a4ad3b9496819887fc0bf1ac8a509923340b97680102cd9ed488bb8aaabbb5ebec832be3ea3dea8b9285a7b5f4cacd12d5ee5c649115f522b3c1d17660ce9d350155772a5e51f93a2adc4f67c5eaf0920a97355541429e0ebcf8e8ad0ee083e949e443620c52faa5f6f08df76d32cc9c96080a49fce277db03e54940756745af1e3aa9b21e2fb28c7b8f4ff5f6e6a86dc78d2bf0cff5fd99789cf8aebb0e7e3b3d2ce91cd435b61d9c69399ac29d954354f2a4f0114c71465abcade85afd1202dead579bfbe4aea8df39d8c86f2b56a91fc8c9c7b236a693c7d1656d4364a5e972707f3160461a346449b1a51af5e59a5c1cf052f973d83537556025f4015d266479d9dab7d6bed624815672a008eaad051323437d72df42745965843d4d8dc0a3c3ee834f03dd6243575e7f891cd0234e7228a1c243b4ddbbdb2e7659cd72d76ba6c85caf5ace1f850d271b74d51cf1fbe01add4b543bfd348f360d1d1b2860f007629a74e7a18607b57facf3a86b280faac274fd72ec50c51146c8aa08c7ccf863eac9b17ecfd5e2d8d41a0478a9899dbdbfdba649ebbebc3a00c15d7937e11f8b4b715484e4eadccbe70db48318700ee337b58b88035dfdbbeb9d080d5a8b94ff30ac5693d4fa3af8afb5e2436892fab72075c05157479840f20b29e428d56e790f71e1ab51c4690016391c76eb34561d2b41ef2db880ec150ee9286f728e0134e6a3b5bab0765a3785b6f907f0f3e827f393c7fd012eb10fe74e01e94ebf14812d3a1eb08c524fd6bdbcce739afcf4d488000f67e121be888928528dd2465578e29dd89cee2cd2ea25c5e48e502be75877261d9fe902817486265cc8f9c1af2774b15ed3dc2809262bb05da63e5c6c877f739d3276861ec3402a68b98447ab2b9ebca2d80e7ee66cc73b93771badab54d87bdfa6917397b45f34e891bdbaef04d80e2daf84068b0ba1d6ac4e1b427844d09cc3e283a1d3c568f5fe386c525452454408762dfa5e8ba348dfc499e0939f492d9ede6ee8ef7449151d37f286cda4694ea582ddc2c6e836e8f1c251f0528a69cf67ef44ca5151bed1478ab228514f39ff77a53b44fa25afd176cda2d780a63507e027010b23082fe0a41b1adf913fc3ef8876a5e06889d8467958826e87ee58df60b5445433b533f121645d0d6d7405e846299c457b603d942e38283e5355dbec11a0d21572431019d731a4c4a5b1333f0cdc660d83e7e7263f37760ed4c27ae2243e1650816eba58fddb76e2204b1ace777aa4c9dd6d32c94738dcd2b9d3cd510067b5ba5a04d32109164"}) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) 13:33:00 executing program 3: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000)) eventfd2(0x0, 0x0) [ 96.348106] audit: type=1400 audit(1737207180.903:7): avc: denied { execmem } for pid=271 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 13:33:00 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101842, 0x0) fallocate(r0, 0x0, 0x0, 0x8040001) 13:33:00 executing program 5: sendmsg$NL80211_CMD_NOTIFY_RADAR(0xffffffffffffffff, 0x0, 0x24048810) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x842, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_netfilter(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={0x14, 0x14, 0x0, 0x101, 0x0, 0x0, {0x2}}, 0x14}}, 0x0) sendmsg$IPVS_CMD_GET_INFO(r1, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0x88, 0x0, 0x800, 0x70bd2b, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x4}, @IPVS_CMD_ATTR_DAEMON={0x14, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @loopback}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x7f}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xfffffffa}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x2}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x60c}, @IPVS_CMD_ATTR_SERVICE={0x2c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e23}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sed\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x3ff}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'rr\x00'}, @IPVS_SVC_ATTR_PE_NAME={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xffffffff}]}, 0x88}, 0x1, 0x0, 0x0, 0x4000}, 0x40001) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040)) sendmsg$NLBL_UNLABEL_C_STATICLIST(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x30, 0x0, 0x300, 0x70bd27, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r3, &(0x7f0000000380)=[{&(0x7f0000000140)='\x00', 0x1}], 0x1, 0x7fffff8, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, 0x0, 0x100000) 13:33:00 executing program 6: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @none, 0x0, 0x1737a1902a37539}, 0xd) 13:33:00 executing program 7: r0 = socket$unix(0x1, 0x1, 0x0) connect(r0, &(0x7f0000000b80)=@alg={0x26, 'hash\x00', 0x0, 0x0, 'crct10dif-generic\x00'}, 0x80) [ 97.864192] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 97.867433] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 97.868828] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 97.868840] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 97.875190] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 97.882250] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 97.891611] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 97.894523] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 97.899170] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 97.901871] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 97.907543] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 97.908838] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 97.909257] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 97.909736] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 97.913286] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 97.914550] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 97.914843] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 97.915071] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 97.917649] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 97.917846] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 97.918931] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 97.921417] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 97.926353] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 97.929745] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 97.930570] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 97.933172] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 97.934707] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 97.935968] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 97.937382] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 97.938542] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 97.938588] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 97.939945] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 97.940782] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 97.943106] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 97.943584] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 97.948627] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 97.948967] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 97.972150] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 98.005222] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 98.011770] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 98.015825] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 98.016553] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 98.022409] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 98.032876] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 98.045122] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 98.050926] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 98.053572] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 98.075488] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 99.989712] Bluetooth: hci0: command tx timeout [ 99.990209] Bluetooth: hci2: command tx timeout [ 100.054143] Bluetooth: hci1: command tx timeout [ 100.119326] Bluetooth: hci7: command tx timeout [ 100.121126] Bluetooth: hci6: command tx timeout [ 100.121362] Bluetooth: hci5: command tx timeout [ 100.121568] Bluetooth: hci3: command tx timeout [ 100.121772] Bluetooth: hci4: command tx timeout [ 102.038167] Bluetooth: hci2: command tx timeout [ 102.038274] Bluetooth: hci0: command tx timeout [ 102.101371] Bluetooth: hci1: command tx timeout [ 102.165265] Bluetooth: hci3: command tx timeout [ 102.165349] Bluetooth: hci4: command tx timeout [ 102.165433] Bluetooth: hci6: command tx timeout [ 102.165493] Bluetooth: hci5: command tx timeout [ 102.165553] Bluetooth: hci7: command tx timeout [ 104.086140] Bluetooth: hci0: command tx timeout [ 104.086276] Bluetooth: hci2: command tx timeout [ 104.149203] Bluetooth: hci1: command tx timeout [ 104.213267] Bluetooth: hci7: command tx timeout [ 104.213389] Bluetooth: hci5: command tx timeout [ 104.213507] Bluetooth: hci6: command tx timeout [ 104.213591] Bluetooth: hci4: command tx timeout [ 104.213675] Bluetooth: hci3: command tx timeout [ 106.134122] Bluetooth: hci2: command tx timeout [ 106.134255] Bluetooth: hci0: command tx timeout [ 106.197119] Bluetooth: hci1: command tx timeout [ 106.262299] Bluetooth: hci3: command tx timeout [ 106.262412] Bluetooth: hci4: command tx timeout [ 106.262510] Bluetooth: hci6: command tx timeout [ 106.262578] Bluetooth: hci5: command tx timeout [ 106.262645] Bluetooth: hci7: command tx timeout [ 157.403142] syz-executor.0 (282) used greatest stack depth: 24160 bytes left [ 159.431775] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 160.166420] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 160.169751] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 160.177301] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 160.187479] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 160.191535] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 160.193800] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 160.297435] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 160.300914] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 160.302229] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 160.304602] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 160.307627] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 160.311640] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 160.313589] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 160.329435] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 160.332317] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 160.343595] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 160.346072] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 160.348475] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 160.369890] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 160.371837] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 160.384552] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 160.388077] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 160.391287] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 160.399907] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 160.401916] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 160.403475] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 160.405466] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 160.415455] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 160.416304] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 160.418616] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 160.418954] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 160.435131] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 160.435966] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 160.438672] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 160.440254] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 160.442452] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 160.450287] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 160.451766] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 160.453294] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 160.454971] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 160.459236] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 160.460346] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 160.491474] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 160.499200] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 160.504220] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 160.509153] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 160.510597] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 160.511712] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 162.262433] Bluetooth: hci0: command tx timeout [ 162.389126] Bluetooth: hci1: command tx timeout [ 162.453096] Bluetooth: hci4: command tx timeout [ 162.453445] Bluetooth: hci2: command tx timeout [ 162.517150] Bluetooth: hci3: command tx timeout [ 162.517384] Bluetooth: hci5: command tx timeout [ 162.517547] Bluetooth: hci6: command tx timeout [ 162.581145] Bluetooth: hci7: command tx timeout [ 164.309285] Bluetooth: hci0: command tx timeout [ 164.437647] Bluetooth: hci1: command tx timeout [ 164.501178] Bluetooth: hci2: command tx timeout [ 164.501273] Bluetooth: hci4: command tx timeout [ 164.565457] Bluetooth: hci6: command tx timeout [ 164.565552] Bluetooth: hci5: command tx timeout [ 164.565639] Bluetooth: hci3: command tx timeout [ 164.630063] Bluetooth: hci7: command tx timeout [ 166.357094] Bluetooth: hci0: command tx timeout [ 166.485099] Bluetooth: hci1: command tx timeout [ 166.551080] Bluetooth: hci4: command tx timeout [ 166.551161] Bluetooth: hci2: command tx timeout [ 166.613142] Bluetooth: hci3: command tx timeout [ 166.613260] Bluetooth: hci5: command tx timeout [ 166.613287] Bluetooth: hci6: command tx timeout [ 166.677098] Bluetooth: hci7: command tx timeout [ 168.405087] Bluetooth: hci0: command tx timeout [ 168.533916] Bluetooth: hci1: command tx timeout [ 168.597222] Bluetooth: hci2: command tx timeout [ 168.597827] Bluetooth: hci4: command tx timeout [ 168.661401] Bluetooth: hci6: command tx timeout [ 168.661430] Bluetooth: hci3: command tx timeout [ 168.661519] Bluetooth: hci5: command tx timeout [ 168.725153] Bluetooth: hci7: command tx timeout [ 222.441637] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 222.444915] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 222.450212] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 222.451267] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 222.451834] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 222.454673] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 222.461421] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 222.466224] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 222.468389] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 222.470739] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 222.473382] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 222.479722] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 222.505836] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 222.511666] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 222.514812] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 222.524164] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 222.531518] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 222.533546] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 222.639630] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 222.646421] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 222.654274] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 222.663364] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 222.667806] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 222.670376] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 222.699858] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 222.704255] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 222.714334] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 222.720920] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 222.722795] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 222.735474] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 222.782934] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 222.792319] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 222.796600] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 222.798042] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 222.800808] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 222.801639] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 222.802936] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 222.815318] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 222.816793] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 222.821270] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 222.846728] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 222.866651] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 222.871301] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 222.876933] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 222.899304] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 222.903920] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 222.912247] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 222.913214] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 224.534116] Bluetooth: hci0: command tx timeout [ 224.534487] Bluetooth: hci1: command tx timeout [ 224.598192] Bluetooth: hci2: command tx timeout [ 224.789182] Bluetooth: hci3: command tx timeout [ 224.854089] Bluetooth: hci5: command tx timeout [ 224.918081] Bluetooth: hci4: command tx timeout [ 224.982329] Bluetooth: hci6: command tx timeout [ 224.983229] Bluetooth: hci7: command tx timeout [ 226.581241] Bluetooth: hci0: command tx timeout [ 226.582571] Bluetooth: hci1: command tx timeout [ 226.645157] Bluetooth: hci2: command tx timeout [ 226.839155] Bluetooth: hci3: command tx timeout [ 226.902093] Bluetooth: hci5: command tx timeout [ 226.966116] Bluetooth: hci4: command tx timeout [ 227.030089] Bluetooth: hci6: command tx timeout [ 227.030218] Bluetooth: hci7: command tx timeout [ 228.630097] Bluetooth: hci0: command tx timeout [ 228.630191] Bluetooth: hci1: command tx timeout [ 228.693063] Bluetooth: hci2: command tx timeout [ 228.888469] Bluetooth: hci3: command tx timeout [ 228.950714] Bluetooth: hci5: command tx timeout [ 229.014079] Bluetooth: hci4: command tx timeout [ 229.079022] Bluetooth: hci7: command tx timeout [ 229.079102] Bluetooth: hci6: command tx timeout [ 230.679152] Bluetooth: hci1: command tx timeout [ 230.679245] Bluetooth: hci0: command tx timeout [ 230.741131] Bluetooth: hci2: command tx timeout [ 230.934064] Bluetooth: hci3: command tx timeout [ 230.997059] Bluetooth: hci5: command tx timeout [ 231.062114] Bluetooth: hci4: command tx timeout [ 231.127227] Bluetooth: hci6: command tx timeout [ 231.127814] Bluetooth: hci7: command tx timeout [ 282.558826] [ 282.559078] ====================================================== [ 282.559659] WARNING: possible circular locking dependency detected [ 282.560246] 6.13.0-rc7-next-20250117 #1 Not tainted [ 282.560712] ------------------------------------------------------ [ 282.561765] kworker/u8:1/67 is trying to acquire lock: [ 282.565319] ffffffff8621b968 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 282.568696] [ 282.568696] but task is already holding lock: [ 282.569921] ffff88802d8b0768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 282.572006] [ 282.572006] which lock already depends on the new lock. [ 282.572006] [ 282.573651] [ 282.573651] the existing dependency chain (in reverse order) is: [ 282.575170] [ 282.575170] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 282.576607] __mutex_lock+0x13d/0xb50 [ 282.577618] wiphy_register+0x1b2e/0x25d0 [ 282.578684] ieee80211_register_hw+0x23a4/0x3d60 [ 282.579853] mac80211_hwsim_new_radio+0x2759/0x4d50 [ 282.581073] init_mac80211_hwsim+0x389/0x870 [ 282.582209] do_one_initcall+0xf9/0x640 [ 282.583248] kernel_init_freeable+0x53d/0x7a0 [ 282.584386] kernel_init+0x1e/0x2d0 [ 282.585311] ret_from_fork+0x48/0x80 [ 282.586243] ret_from_fork_asm+0x1a/0x30 [ 282.587314] [ 282.587314] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 282.588660] __lock_acquire+0x29fd/0x4580 [ 282.589702] lock_acquire+0x19b/0x520 [ 282.590681] __mutex_lock+0x13d/0xb50 [ 282.591668] unregister_netdevice_many_notify+0x1612/0x1c80 [ 282.593001] unregister_netdevice_queue+0x224/0x2e0 [ 282.594189] _cfg80211_unregister_wdev+0x57b/0x700 [ 282.595388] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 282.596575] ieee80211_unregister_hw+0x55/0x3a0 [ 282.597711] hwsim_exit_net+0x3a0/0x730 [ 282.598708] ops_exit_list+0xb3/0x180 [ 282.599662] cleanup_net+0x546/0xad0 [ 282.600609] process_one_work+0x8ee/0x1a10 [ 282.601704] worker_thread+0x674/0xe70 [ 282.602782] kthread+0x3ab/0x720 [ 282.603815] ret_from_fork+0x48/0x80 [ 282.604833] ret_from_fork_asm+0x1a/0x30 [ 282.606000] [ 282.606000] other info that might help us debug this: [ 282.606000] [ 282.607757] Possible unsafe locking scenario: [ 282.607757] [ 282.609055] CPU0 CPU1 [ 282.610075] ---- ---- [ 282.611094] lock(&rdev->wiphy.mtx); [ 282.612070] lock(rtnl_mutex); [ 282.613527] lock(&rdev->wiphy.mtx); [ 282.615065] lock(rtnl_mutex); [ 282.615937] [ 282.615937] *** DEADLOCK *** [ 282.615937] [ 282.617299] 4 locks held by kworker/u8:1/67: [ 282.618340] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 282.620760] #1: ffff88800f37fd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 282.623089] #2: ffffffff8620f810 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 282.625254] #3: ffff88802d8b0768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 282.626785] [ 282.626785] stack backtrace: [ 282.627406] CPU: 0 UID: 0 PID: 67 Comm: kworker/u8:1 Not tainted 6.13.0-rc7-next-20250117 #1 [ 282.628583] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 282.629694] Workqueue: netns cleanup_net [ 282.630112] Call Trace: [ 282.630368] [ 282.630592] dump_stack_lvl+0xca/0x120 [ 282.631008] print_circular_bug+0x47b/0x750 [ 282.631477] check_noncircular+0x2e9/0x3c0 [ 282.631940] ? __pfx_check_noncircular+0x10/0x10 [ 282.632475] ? hlock_class+0x4e/0x130 [ 282.632879] ? srso_return_thunk+0x5/0x5f [ 282.633344] ? mark_lock+0xac/0xed0 [ 282.633766] ? lockdep_lock+0xba/0x1b0 [ 282.634191] ? __pfx_lockdep_lock+0x10/0x10 [ 282.634642] __lock_acquire+0x29fd/0x4580 [ 282.635077] ? __pfx___lock_acquire+0x10/0x10 [ 282.635523] ? lock_release+0x20f/0x6f0 [ 282.635925] ? __pfx_lock_release+0x10/0x10 [ 282.636349] ? srso_return_thunk+0x5/0x5f [ 282.636783] lock_acquire+0x19b/0x520 [ 282.637178] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 282.637744] ? __pfx_lock_acquire+0x10/0x10 [ 282.638172] ? __pfx_lock_release+0x10/0x10 [ 282.638604] ? __pfx_try_to_wake_up+0x10/0x10 [ 282.639058] ? srso_return_thunk+0x5/0x5f [ 282.639478] ? lock_is_held_type+0x9e/0x120 [ 282.639934] ? srso_return_thunk+0x5/0x5f [ 282.640375] __mutex_lock+0x13d/0xb50 [ 282.640784] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 282.641381] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 282.641957] ? srso_return_thunk+0x5/0x5f [ 282.642386] ? synchronize_rcu_expedited+0x38a/0x420 [ 282.642925] ? __pfx___mutex_lock+0x10/0x10 [ 282.643421] ? srso_return_thunk+0x5/0x5f [ 282.643860] ? srso_return_thunk+0x5/0x5f [ 282.644317] ? kasan_quarantine_put+0x84/0x1e0 [ 282.644850] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 282.645337] ? srso_return_thunk+0x5/0x5f [ 282.645802] unregister_netdevice_many_notify+0x1612/0x1c80 [ 282.646345] ? __virt_addr_valid+0x2e8/0x5d0 [ 282.646797] ? __pfx_lock_release+0x10/0x10 [ 282.647234] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 282.647909] ? find_held_lock+0x2c/0x110 [ 282.648344] ? srso_return_thunk+0x5/0x5f [ 282.648790] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 282.649340] ? srso_return_thunk+0x5/0x5f [ 282.649790] ? lock_release+0x20f/0x6f0 [ 282.650255] ? __pfx_lock_release+0x10/0x10 [ 282.650727] ? srso_return_thunk+0x5/0x5f [ 282.651206] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 282.651767] ? srso_return_thunk+0x5/0x5f [ 282.652214] unregister_netdevice_queue+0x224/0x2e0 [ 282.652733] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 282.653337] ? up_write+0x195/0x520 [ 282.653783] _cfg80211_unregister_wdev+0x57b/0x700 [ 282.654330] ? srso_return_thunk+0x5/0x5f [ 282.654814] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 282.655354] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 282.655982] ? srso_return_thunk+0x5/0x5f [ 282.656454] ? srso_return_thunk+0x5/0x5f [ 282.656882] ? synchronize_rcu+0x1ff/0x260 [ 282.657305] ieee80211_unregister_hw+0x55/0x3a0 [ 282.657808] hwsim_exit_net+0x3a0/0x730 [ 282.658246] ? __pfx_hwsim_exit_net+0x10/0x10 [ 282.658730] ? srso_return_thunk+0x5/0x5f [ 282.659226] ? netdev_run_todo+0x788/0x1040 [ 282.659721] ? __pfx_hwsim_exit_net+0x10/0x10 [ 282.660215] ops_exit_list+0xb3/0x180 [ 282.660606] cleanup_net+0x546/0xad0 [ 282.661005] ? __pfx_cleanup_net+0x10/0x10 [ 282.661500] process_one_work+0x8ee/0x1a10 [ 282.661986] ? __pfx_lock_acquire+0x10/0x10 [ 282.662453] ? __pfx_process_one_work+0x10/0x10 [ 282.662995] ? srso_return_thunk+0x5/0x5f [ 282.663476] ? move_linked_works+0x172/0x270 [ 282.663934] ? srso_return_thunk+0x5/0x5f [ 282.664398] ? assign_work+0x196/0x240 [ 282.664817] worker_thread+0x674/0xe70 [ 282.665244] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 282.665770] ? srso_return_thunk+0x5/0x5f [ 282.666198] ? __pfx_worker_thread+0x10/0x10 [ 282.666661] kthread+0x3ab/0x720 [ 282.667026] ? __pfx_kthread+0x10/0x10 [ 282.667428] ? srso_return_thunk+0x5/0x5f [ 282.667860] ? finish_task_switch.isra.0+0x206/0x840 [ 282.668389] ? __pfx_kthread+0x10/0x10 [ 282.668834] ret_from_fork+0x48/0x80 [ 282.669247] ? __pfx_kthread+0x10/0x10 [ 282.669659] ret_from_fork_asm+0x1a/0x30 [ 282.670108] [ 284.329665] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 284.335365] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 284.338154] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 284.342383] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 284.346205] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 284.348277] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 284.580904] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 284.582934] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 284.585443] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 284.594724] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 284.597787] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 284.599716] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 284.639570] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 284.643141] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 284.646597] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 284.657347] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 284.663343] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 284.666067] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 284.718499] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 284.721508] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 284.724501] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 284.742494] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 284.745030] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 284.747069] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 284.791099] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 284.801932] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 284.807415] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 284.809121] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 284.822304] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 284.822594] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 284.854132] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 284.854175] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 284.863435] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 284.866194] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 284.867479] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 284.872288] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 284.984238] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 284.993067] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 284.996197] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 285.000712] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 285.004662] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 285.023189] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 285.042790] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 285.046777] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 285.048718] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 285.050366] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 285.075432] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 285.079069] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 286.422239] Bluetooth: hci0: command tx timeout [ 286.677054] Bluetooth: hci1: command tx timeout [ 286.741298] Bluetooth: hci2: command tx timeout [ 286.806035] Bluetooth: hci3: command tx timeout [ 286.933203] Bluetooth: hci4: command tx timeout [ 286.997052] Bluetooth: hci5: command tx timeout [ 287.125086] Bluetooth: hci7: command tx timeout [ 287.189109] Bluetooth: hci6: command tx timeout [ 288.469091] Bluetooth: hci0: command tx timeout [ 288.725659] Bluetooth: hci1: command tx timeout [ 288.789054] Bluetooth: hci2: command tx timeout [ 288.853321] Bluetooth: hci3: command tx timeout [ 288.981256] Bluetooth: hci4: command tx timeout [ 289.045091] Bluetooth: hci5: command tx timeout [ 289.173305] Bluetooth: hci7: command tx timeout [ 289.238041] Bluetooth: hci6: command tx timeout [ 290.517198] Bluetooth: hci0: command tx timeout [ 290.773159] Bluetooth: hci1: command tx timeout [ 290.837293] Bluetooth: hci2: command tx timeout [ 290.901258] Bluetooth: hci3: command tx timeout [ 291.029113] Bluetooth: hci4: command tx timeout [ 291.093123] Bluetooth: hci5: command tx timeout [ 291.221092] Bluetooth: hci7: command tx timeout [ 291.285111] Bluetooth: hci6: command tx timeout [ 292.565054] Bluetooth: hci0: command tx timeout VM DIAGNOSIS: 13:36:07 Registers: info registers vcpu 0 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8283cdc5 RDI=ffffffff886930a0 RBP=ffffffff88693060 RSP=ffff88800f37ebb8 R8 =0000000000000001 R9 =ffffed1001e6fd67 R10=0000000000000020 R11=2f72656b726f776b R12=0000000000000020 R13=0000000000000001 R14=ffff888008fea029 R15=ffff88800f37eeb8 RIP=ffffffff8283ce1d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fceb4c18449 CR3=0000000013a66000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=756f6a2f646d65747379732f6e75722f XMM01=00676f6c7379732f6c616e72756f6a2f XMM02=756f6a2f646d65747379732f6e75722f XMM03=006c616e72756f6a2f646d6574737973 XMM04=1d41722ad8978a3d00000000000ae988 XMM05=b570c0161c80e22e00000000001485a8 XMM06=9f165a4fe6c971ad0000000000138ce0 XMM07=00000000000000000000000000000000 XMM08=726573752f7325003e69253c00203a5d XMM09=00000000000000000000000000000000 XMM10=00000000000000000020000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=000000000004a8ab RBX=0000000000000001 RCX=ffffffff84a8bb27 RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff814b1b6a RBP=dffffc0000000000 RSP=ffff8880096a7e68 R8 =0000000000000001 R9 =ffffed100d9e6c4a R10=ffff88806cf36253 R11=0000000000000001 R12=ffffffff864021d0 R13=1ffff110012d4fd2 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff84a8cace RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fef354f0ee8 CR3=000000000cd30000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000000000000000000000 XMM03=000000c0000522d0000000c000052280 XMM04=000000c00017c090000000c00017c060 XMM05=000000c00017c0f0000000c00017c0c0 XMM06=000000c00017c150000000c00017c120 XMM07=000000c00017b760000000c0000574d0 XMM08=000000c00017c4b0000000c00017c480 XMM09=000000c00017c510000000c00017c4e0 XMM10=000000c00017c540000000c000057530 XMM11=000000c00017c5a0000000c00017c570 XMM12=000000c00017c600000000c00017c5d0 XMM13=000000c00017c660000000c00017c630 XMM14=000000c00017c6c0000000c00017c690 XMM15=000000c000107080000000c00017c6f0