syzkaller login: [ 67.071995] scp (237) used greatest stack depth: 23728 bytes left Warning: Permanently added '[localhost]:4564' (ECDSA) to the list of known hosts. 2025/01/28 16:06:38 fuzzer started 2025/01/28 16:06:39 dialing manager at localhost:40187 [ 69.816423] cgroup: Unknown subsys name 'net' [ 69.900733] cgroup: Unknown subsys name 'cpuset' [ 69.932032] cgroup: Unknown subsys name 'rlimit' [ 76.600785] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 86.648387] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/28 16:06:56 syscalls: 2217 2025/01/28 16:06:56 code coverage: enabled 2025/01/28 16:06:56 comparison tracing: enabled 2025/01/28 16:06:56 extra coverage: enabled 2025/01/28 16:06:56 setuid sandbox: enabled 2025/01/28 16:06:56 namespace sandbox: enabled 2025/01/28 16:06:56 Android sandbox: enabled 2025/01/28 16:06:56 fault injection: enabled 2025/01/28 16:06:56 leak checking: enabled 2025/01/28 16:06:56 net packet injection: enabled 2025/01/28 16:06:56 net device setup: enabled 2025/01/28 16:06:56 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/28 16:06:56 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/28 16:06:56 USB emulation: enabled 2025/01/28 16:06:56 hci packet injection: enabled 2025/01/28 16:06:56 wifi device emulation: enabled 2025/01/28 16:06:56 802.15.4 emulation: enabled 2025/01/28 16:06:56 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/28 16:06:56 fetching corpus: 7, signal 4535/7405 (executing program) 2025/01/28 16:06:56 fetching corpus: 7, signal 4535/8852 (executing program) 2025/01/28 16:06:56 fetching corpus: 7, signal 4535/10270 (executing program) 2025/01/28 16:06:56 fetching corpus: 7, signal 4535/11716 (executing program) 2025/01/28 16:06:56 fetching corpus: 7, signal 4535/13157 (executing program) 2025/01/28 16:06:56 fetching corpus: 7, signal 4535/14573 (executing program) 2025/01/28 16:06:56 fetching corpus: 7, signal 4535/15986 (executing program) 2025/01/28 16:06:56 fetching corpus: 7, signal 4535/15986 (executing program) 2025/01/28 16:06:58 starting 8 fuzzer processes 16:06:58 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020101000270008000f8010020004000000000000000000080002943a05df153595a4b414c4c4552202046415431362020200e1fbe5b7cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a00", 0xc0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aaf8fffffff0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/96, 0x60, 0x1e0}, {&(0x7f0000010200)="f8fffffff0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/64, 0x40, 0x400}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e880325132510000e880325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c453020202020202010003ae970325132510000e970325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c453120202020202020003ae970325132510000e970325107000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c453220202020202020003ae970325132510000e970325108002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c20003ae970325132510000e97032511a0064000000", 0x120, 0x600}, {&(0x7f0000010500)="2e2020202020202020202010003ae970325132510000e97032510300000000002e2e20202020202020202010003ae970325132510000e970325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c453020202020202020003ae970325132510000e970325104001a040000", 0x80, 0x1600}, {&(0x7f0000010600)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x1800}, {&(0x7f0000010b00)='syzkallers\x00'/32, 0x20, 0x1e00}, {&(0x7f0000010c00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x4400}], 0x0, &(0x7f0000010d00)) 16:06:58 executing program 1: syz_mount_image$nfs(&(0x7f0000000400), &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) utimes(&(0x7f0000000840)='./file0\x00', &(0x7f0000000880)={{}, {0x0, 0x2710}}) 16:06:58 executing program 3: timer_create(0x0, 0x0, &(0x7f0000000780)) 16:06:58 executing program 2: syz_io_uring_setup(0x346e, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x1d7}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000140)) getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000006a80)) 16:06:58 executing program 4: openat$sysfs(0xffffffffffffff9c, &(0x7f0000001500)='/sys/kernel/fscaps', 0x0, 0x0) 16:06:58 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x20000, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366805d8600080801000240004000f801002000400000000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffffffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="53595a4b414c4c45522020080000ea80325132510000ea80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c453020202020202010004eea70325132510000ea70325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c453120202020202020004eea70325132510000ea70325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c453220202020202020004eea70325132510000ea70325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c20004eea70325132510000ea703251070064000000", 0x120, 0x1800}, {&(0x7f0000010500)="2e2020202020202020202010004eea70325132510000ea7032510300000000002e2e20202020202020202010004eea70325132510000ea70325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c453020202020202020004eea70325132510000ea70325104001a040000", 0x80, 0x6000}, {&(0x7f0000010600)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0xa000}, {&(0x7f0000010b00)='syzkallers\x00'/32, 0x20, 0xe000}, {&(0x7f0000010c00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x16000}], 0x0, &(0x7f0000010d00)) 16:06:59 executing program 6: openat$pidfd(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) clone3(&(0x7f0000000540)={0x4000300, 0x0, 0x0, 0x0, {}, &(0x7f0000000400)=""/9, 0x9, 0x0, 0x0}, 0x58) ioctl$BTRFS_IOC_QGROUP_LIMIT(0xffffffffffffffff, 0x8030942b, 0x0) 16:06:59 executing program 7: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDGKBMODE(r0, 0x4b44, &(0x7f0000000000)) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCGETD(r1, 0x5424, &(0x7f0000000380)) [ 89.520960] audit: type=1400 audit(1738080419.077:7): avc: denied { execmem } for pid=275 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 90.827984] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 90.834040] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 90.838053] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 90.842177] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 90.850851] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 90.853821] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 90.856555] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 90.858994] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 90.862861] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 90.863787] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 90.880027] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 90.894612] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 90.896848] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 90.899102] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 90.909124] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 90.909269] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 90.913786] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 90.919571] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 90.924504] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 90.929857] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 90.931180] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 90.954723] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 90.961915] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 90.965817] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 90.975060] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 90.986266] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 90.990765] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 91.008721] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 91.014085] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 91.017175] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 91.019538] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 91.021094] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 91.022994] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 91.024855] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 91.028864] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 91.031143] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 91.033893] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 91.034216] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 91.036129] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 91.037438] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 91.038510] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 91.039656] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 91.043991] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 91.048032] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 91.053557] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 91.055521] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 91.057522] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 91.060917] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 92.905041] Bluetooth: hci0: command tx timeout [ 92.968421] Bluetooth: hci2: command tx timeout [ 92.968439] Bluetooth: hci1: command tx timeout [ 93.031426] Bluetooth: hci3: command tx timeout [ 93.095985] Bluetooth: hci4: command tx timeout [ 93.159477] Bluetooth: hci7: command tx timeout [ 93.160675] Bluetooth: hci5: command tx timeout [ 93.160684] Bluetooth: hci6: command tx timeout [ 94.951430] Bluetooth: hci0: command tx timeout [ 95.015532] Bluetooth: hci2: command tx timeout [ 95.016204] Bluetooth: hci1: command tx timeout [ 95.080514] Bluetooth: hci3: command tx timeout [ 95.144720] Bluetooth: hci4: command tx timeout [ 95.209452] Bluetooth: hci5: command tx timeout [ 95.210017] Bluetooth: hci6: command tx timeout [ 95.211294] Bluetooth: hci7: command tx timeout [ 96.999523] Bluetooth: hci0: command tx timeout [ 97.063492] Bluetooth: hci2: command tx timeout [ 97.064305] Bluetooth: hci1: command tx timeout [ 97.127749] Bluetooth: hci3: command tx timeout [ 97.191610] Bluetooth: hci4: command tx timeout [ 97.256461] Bluetooth: hci6: command tx timeout [ 97.257290] Bluetooth: hci7: command tx timeout [ 97.258188] Bluetooth: hci5: command tx timeout [ 99.048441] Bluetooth: hci0: command tx timeout [ 99.111556] Bluetooth: hci1: command tx timeout [ 99.111580] Bluetooth: hci2: command tx timeout [ 99.175694] Bluetooth: hci3: command tx timeout [ 99.239626] Bluetooth: hci4: command tx timeout [ 99.303433] Bluetooth: hci7: command tx timeout [ 99.303952] Bluetooth: hci5: command tx timeout [ 99.303973] Bluetooth: hci6: command tx timeout [ 149.429197] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 149.430005] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 150.722325] [ 150.722576] ====================================================== [ 150.723068] WARNING: possible circular locking dependency detected [ 150.723668] 6.13.0-next-20250128 #1 Not tainted [ 150.724106] ------------------------------------------------------ [ 150.725707] kworker/u8:1/65 is trying to acquire lock: [ 150.726944] ffffffff8621d9a8 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 150.729429] [ 150.729429] but task is already holding lock: [ 150.730521] ffff888013718768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 150.731465] [ 150.731465] which lock already depends on the new lock. [ 150.731465] [ 150.732224] [ 150.732224] the existing dependency chain (in reverse order) is: [ 150.732936] [ 150.732936] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 150.733575] __mutex_lock+0x13d/0xb50 [ 150.734028] wiphy_register+0x1b2e/0x25d0 [ 150.734519] ieee80211_register_hw+0x23a4/0x3d60 [ 150.735044] mac80211_hwsim_new_radio+0x2759/0x4d60 [ 150.735609] init_mac80211_hwsim+0x389/0x870 [ 150.736120] do_one_initcall+0xf9/0x640 [ 150.736605] kernel_init_freeable+0x53d/0x7a0 [ 150.737125] kernel_init+0x1e/0x2d0 [ 150.737546] ret_from_fork+0x48/0x80 [ 150.737970] ret_from_fork_asm+0x1a/0x30 [ 150.738445] [ 150.738445] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 150.739041] __lock_acquire+0x29fd/0x4580 [ 150.739515] lock_acquire+0x19b/0x520 [ 150.739959] __mutex_lock+0x13d/0xb50 [ 150.740413] unregister_netdevice_many_notify+0x1612/0x1c80 [ 150.741031] unregister_netdevice_queue+0x224/0x2e0 [ 150.741574] _cfg80211_unregister_wdev+0x57b/0x700 [ 150.742117] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 150.742663] ieee80211_unregister_hw+0x55/0x3a0 [ 150.743173] hwsim_exit_net+0x3a0/0x730 [ 150.743629] ops_exit_list+0xb3/0x180 [ 150.744060] cleanup_net+0x546/0xad0 [ 150.744501] process_one_work+0x8ee/0x1a10 [ 150.744995] worker_thread+0x674/0xe70 [ 150.745460] kthread+0x3ab/0x720 [ 150.745870] ret_from_fork+0x48/0x80 [ 150.746293] ret_from_fork_asm+0x1a/0x30 [ 150.746768] [ 150.746768] other info that might help us debug this: [ 150.746768] [ 150.747510] Possible unsafe locking scenario: [ 150.747510] [ 150.748070] CPU0 CPU1 [ 150.748514] ---- ---- [ 150.748957] lock(&rdev->wiphy.mtx); [ 150.749348] lock(rtnl_mutex); [ 150.749905] lock(&rdev->wiphy.mtx); [ 150.750506] lock(rtnl_mutex); [ 150.750851] [ 150.750851] *** DEADLOCK *** [ 150.750851] [ 150.751412] 4 locks held by kworker/u8:1/65: [ 150.751844] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 150.752836] #1: ffff88800eacfd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 150.753785] #2: ffffffff862119d0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 150.754662] #3: ffff888013718768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 150.755650] [ 150.755650] stack backtrace: [ 150.756079] CPU: 1 UID: 0 PID: 65 Comm: kworker/u8:1 Not tainted 6.13.0-next-20250128 #1 [ 150.756117] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 150.756140] Workqueue: netns cleanup_net [ 150.756181] Call Trace: [ 150.756192] [ 150.756204] dump_stack_lvl+0xca/0x120 [ 150.756263] print_circular_bug+0x47b/0x750 [ 150.756309] check_noncircular+0x2e9/0x3c0 [ 150.756352] ? __pfx_check_noncircular+0x10/0x10 [ 150.756393] ? hlock_class+0x4e/0x130 [ 150.756432] ? mark_lock+0xac/0xed0 [ 150.756472] ? srso_return_thunk+0x5/0x5f [ 150.756528] ? dl_scaled_delta_exec+0xd4/0x2c0 [ 150.756574] ? lockdep_lock+0xba/0x1b0 [ 150.756632] ? __pfx_lockdep_lock+0x10/0x10 [ 150.756695] __lock_acquire+0x29fd/0x4580 [ 150.756749] ? __pfx___lock_acquire+0x10/0x10 [ 150.756792] ? lock_release+0x20f/0x6f0 [ 150.756836] ? __pfx_lock_release+0x10/0x10 [ 150.756884] lock_acquire+0x19b/0x520 [ 150.756927] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 150.756976] ? __pfx_lock_acquire+0x10/0x10 [ 150.757021] ? srso_return_thunk+0x5/0x5f [ 150.757077] ? lock_release+0x20f/0x6f0 [ 150.757120] ? srso_return_thunk+0x5/0x5f [ 150.757176] ? lock_is_held_type+0x9e/0x120 [ 150.757231] ? srso_return_thunk+0x5/0x5f [ 150.757291] __mutex_lock+0x13d/0xb50 [ 150.757343] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 150.757389] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 150.757435] ? srso_return_thunk+0x5/0x5f [ 150.757491] ? synchronize_rcu_expedited+0x38a/0x420 [ 150.757538] ? __pfx___mutex_lock+0x10/0x10 [ 150.757594] ? __pfx_autoremove_wake_function+0x10/0x10 [ 150.757649] ? srso_return_thunk+0x5/0x5f [ 150.757705] ? kasan_quarantine_put+0x84/0x1e0 [ 150.757766] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 150.757801] ? srso_return_thunk+0x5/0x5f [ 150.757861] unregister_netdevice_many_notify+0x1612/0x1c80 [ 150.757907] ? __virt_addr_valid+0x2e8/0x5d0 [ 150.757960] ? __pfx_lock_release+0x10/0x10 [ 150.758005] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 150.758051] ? find_held_lock+0x2c/0x110 [ 150.758109] ? srso_return_thunk+0x5/0x5f [ 150.758167] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 150.758228] ? srso_return_thunk+0x5/0x5f [ 150.758283] ? lock_release+0x20f/0x6f0 [ 150.758328] ? __pfx_lock_release+0x10/0x10 [ 150.758371] ? srso_return_thunk+0x5/0x5f [ 150.758426] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 150.758474] ? srso_return_thunk+0x5/0x5f [ 150.758535] unregister_netdevice_queue+0x224/0x2e0 [ 150.758579] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 150.758623] ? up_write+0x195/0x520 [ 150.758678] _cfg80211_unregister_wdev+0x57b/0x700 [ 150.758730] ? srso_return_thunk+0x5/0x5f [ 150.758790] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 150.758829] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 150.758868] ? srso_return_thunk+0x5/0x5f [ 150.758923] ? srso_return_thunk+0x5/0x5f [ 150.758979] ? synchronize_rcu+0x1ff/0x260 [ 150.759022] ieee80211_unregister_hw+0x55/0x3a0 [ 150.759067] hwsim_exit_net+0x3a0/0x730 [ 150.759109] ? __pfx_hwsim_exit_net+0x10/0x10 [ 150.759149] ? srso_return_thunk+0x5/0x5f [ 150.759205] ? netdev_run_todo+0x788/0x1040 [ 150.759254] ? __pfx_hwsim_exit_net+0x10/0x10 [ 150.759297] ops_exit_list+0xb3/0x180 [ 150.759339] cleanup_net+0x546/0xad0 [ 150.759384] ? __pfx_cleanup_net+0x10/0x10 [ 150.759438] process_one_work+0x8ee/0x1a10 [ 150.759504] ? __pfx_lock_acquire+0x10/0x10 [ 150.759548] ? __pfx_process_one_work+0x10/0x10 [ 150.759607] ? srso_return_thunk+0x5/0x5f [ 150.759663] ? move_linked_works+0x172/0x270 [ 150.759707] ? srso_return_thunk+0x5/0x5f [ 150.759763] ? assign_work+0x196/0x240 [ 150.759821] worker_thread+0x674/0xe70 [ 150.759879] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 150.759931] ? srso_return_thunk+0x5/0x5f [ 150.759986] ? __pfx_worker_thread+0x10/0x10 [ 150.760046] kthread+0x3ab/0x720 [ 150.760098] ? __pfx_kthread+0x10/0x10 [ 150.760150] ? srso_return_thunk+0x5/0x5f [ 150.760205] ? finish_task_switch.isra.0+0x206/0x840 [ 150.760257] ? __pfx_kthread+0x10/0x10 [ 150.760311] ret_from_fork+0x48/0x80 [ 150.760342] ? __pfx_kthread+0x10/0x10 [ 150.760395] ret_from_fork_asm+0x1a/0x30 [ 150.760469] [ 152.886488] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 152.890884] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 152.893058] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 152.897861] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 152.901226] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 152.904228] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 152.970860] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 152.972556] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 152.975216] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 152.977598] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 152.979527] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 152.981825] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 152.983811] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 152.987239] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 152.989807] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 152.993919] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 152.998435] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 153.001169] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 153.005173] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 153.007246] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 153.009233] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 153.022923] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 153.027220] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 153.029156] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 153.082997] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 153.089717] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 153.106824] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 153.125856] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 153.143858] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 153.151803] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 153.213936] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 153.242555] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 153.245632] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 153.254852] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 153.261101] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 153.270576] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 153.283655] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 153.302559] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 153.366515] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 153.375740] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 153.375787] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 153.385884] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 153.388778] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 153.391753] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 153.444236] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 153.471014] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 153.489530] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 153.524775] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 154.983367] Bluetooth: hci0: command tx timeout [ 155.047460] Bluetooth: hci2: command tx timeout [ 155.111377] Bluetooth: hci1: command tx timeout [ 155.111857] Bluetooth: hci3: command tx timeout [ 155.175388] Bluetooth: hci4: command tx timeout [ 155.432391] Bluetooth: hci5: command tx timeout [ 155.495412] Bluetooth: hci7: command tx timeout [ 155.559378] Bluetooth: hci6: command tx timeout [ 157.032387] Bluetooth: hci0: command tx timeout [ 157.095569] Bluetooth: hci2: command tx timeout [ 157.160476] Bluetooth: hci3: command tx timeout [ 157.160969] Bluetooth: hci1: command tx timeout [ 157.224828] Bluetooth: hci4: command tx timeout [ 157.479414] Bluetooth: hci5: command tx timeout [ 157.543336] Bluetooth: hci7: command tx timeout [ 157.607385] Bluetooth: hci6: command tx timeout [ 159.079373] Bluetooth: hci0: command tx timeout [ 159.143433] Bluetooth: hci2: command tx timeout [ 159.208483] Bluetooth: hci3: command tx timeout [ 159.208944] Bluetooth: hci1: command tx timeout [ 159.272794] Bluetooth: hci4: command tx timeout [ 159.530334] Bluetooth: hci5: command tx timeout [ 159.592359] Bluetooth: hci7: command tx timeout [ 159.656404] Bluetooth: hci6: command tx timeout VM DIAGNOSIS: 16:08:00 Registers: info registers vcpu 0 RAX=ffff88800ef88000 RBX=ffff88807aa441a8 RCX=ffffffff81429a8a RDX=1ffff11001d50900 RSI=0000000000000008 RDI=ffff88800ea84800 RBP=0000000000000000 RSP=ffff88800ef97dd0 R8 =0000000000000000 R9 =ffffed1001d50900 R10=ffff88800ea84807 R11=ffff88800ef884b8 R12=ffff88807aa44ff9 R13=ffffffff88651b78 R14=ffff88800ef88000 R15=0000000000000086 RIP=ffffffff81aefb87 RFL=00000097 [--S-APC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000001f27f60 CR3=000000000b764000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=0000000000000000415103e600000000 XMM03=0000ff00000000000000000000000000 XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962 XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000039 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8283f415 RDI=ffffffff886970a0 RBP=ffffffff88697060 RSP=ffff88800eaced20 R8 =0000000000000000 R9 =ffffed1001c9b046 R10=0000000000000039 R11=3a6b636f6c206762 R12=0000000000000039 R13=0000000000000010 R14=ffffffff88697060 R15=ffffffff8283f400 RIP=ffffffff8283f46d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000562f44895f40 CR3=000000000b764000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000003fd0000000000000 XMM02=2f303239383634343537726964747365 XMM03=304a777943502e72656c6c616b7a7973 XMM04=3d293030306178302f30303030303030 XMM05=337830202c303030617830202c6c696e XMM06=6666666666667830202c32337830202c XMM07=29307830202c66666666666666666666 XMM08=797372656c6c616b7a797372656c6c61 XMM09=72656c6c616b7a797372656c6c616b7a XMM10=6c6c616b7a797372656c6c616b7a7973 XMM11=616b7a797372656c6c616b7a79737265 XMM12=0000000000006c616b7a797372656c6c XMM13=30303030303030303030303030303030 XMM14=30303030303030303030303030303030 XMM15=30303030303030303030303030303030