Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:47167' (ECDSA) to the list of known hosts. 2025/01/30 17:16:03 fuzzer started 2025/01/30 17:16:04 dialing manager at localhost:46401 syzkaller login: [ 63.134483] cgroup: Unknown subsys name 'net' [ 63.239897] cgroup: Unknown subsys name 'cpuset' [ 63.269505] cgroup: Unknown subsys name 'rlimit' 2025/01/30 17:16:21 syscalls: 2217 2025/01/30 17:16:21 code coverage: enabled 2025/01/30 17:16:21 comparison tracing: enabled 2025/01/30 17:16:21 extra coverage: enabled 2025/01/30 17:16:21 setuid sandbox: enabled 2025/01/30 17:16:21 namespace sandbox: enabled 2025/01/30 17:16:21 Android sandbox: enabled 2025/01/30 17:16:21 fault injection: enabled 2025/01/30 17:16:21 leak checking: enabled 2025/01/30 17:16:21 net packet injection: enabled 2025/01/30 17:16:21 net device setup: enabled 2025/01/30 17:16:21 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/30 17:16:21 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/30 17:16:21 USB emulation: enabled 2025/01/30 17:16:21 hci packet injection: enabled 2025/01/30 17:16:21 wifi device emulation: enabled 2025/01/30 17:16:21 802.15.4 emulation: enabled 2025/01/30 17:16:21 fetching corpus: 0, signal 0/0 (executing program) 2025/01/30 17:16:21 fetching corpus: 0, signal 0/0 (executing program) 2025/01/30 17:16:24 starting 8 fuzzer processes 17:16:24 executing program 0: sigaltstack(&(0x7f0000ffd000/0x3000)=nil, 0x0) 17:16:24 executing program 1: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$RTC_PIE_ON(r0, 0x7005) 17:16:24 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000, 0xb, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f80000200040000000000000000000010000000000000002000000010006000000000000000000000000008000"/96, 0x60}, {&(0x7f0000010100)='RRaA\x00'/32, 0x20, 0x800}, {&(0x7f0000010200)="00000000727241610100000007000000000000000000000000000000000055aa", 0x20, 0x9e0}, {&(0x7f0000010300)="601c6d6b646f736617e43c00088020000200000004f80000200040000000000000000000010000000000000002000000010006000000000000000000000000008000"/96, 0x60, 0x3000}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x10000}, {&(0x7f0000010500)="f8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x10800}, {&(0x7f0000010600)="53595a4b414c4c45522020080000e780325132510000e780325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c453020202020202010001fe870325132510000e870325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c453120202020202020001fe870325132510000e870325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c453220202020202020001fe870325132510000e870325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c20001fe870325132510000e8703251070064000000", 0x120, 0x11000}, {&(0x7f0000010800)="2e2020202020202020202010001fe870325132510000e87032510300000000002e2e20202020202020202010001fe870325132510000e870325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c453020202020202020001fe870325132510000e870325104001a040000", 0x80, 0x51000}, {&(0x7f0000010900)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x91000}, {&(0x7f0000010e00)='syzkallers\x00'/32, 0x20, 0xd1000}, {&(0x7f0000010f00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x151000}], 0x0, &(0x7f0000011000)) [ 83.260937] audit: type=1400 audit(1738257384.529:7): avc: denied { execmem } for pid=272 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 17:16:24 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) fcntl$setstatus(r0, 0x4, 0x400) 17:16:24 executing program 3: getegid() 17:16:24 executing program 5: ptrace(0x10, 0x1) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x6, 0x0, 0x0, 0x0, 0x8000000009917, 0x400000000000fffd}, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x0, 0xffffffffffffffff}, 0x0) sched_setattr(0x0, &(0x7f00000000c0)={0x38, 0x0, 0x0, 0x1}, 0x0) 17:16:24 executing program 6: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, 0x0) 17:16:24 executing program 7: r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv2(r0, &(0x7f0000002540)=[{&(0x7f0000001240)=""/142, 0x8e}], 0x1, 0x0, 0x0, 0x10) [ 84.716477] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 84.718995] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 84.728095] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 84.734548] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 84.743360] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 84.752273] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 84.788227] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 84.791307] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 84.794417] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 84.801145] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 84.805961] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 84.809204] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 84.842912] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 84.848311] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 84.850389] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 84.857730] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 84.860652] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 84.863768] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 84.865991] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 84.880023] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 84.882560] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 84.900201] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 84.907028] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 84.909618] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 84.925232] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 84.931088] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 84.935105] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 84.941255] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 84.944140] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 84.946238] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 84.961377] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 84.964413] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 84.966576] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 84.970409] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 84.982290] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 84.983979] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 84.986619] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 84.994068] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 85.020532] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 85.028039] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 85.038834] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 85.048225] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 85.057345] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 85.061025] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 85.067058] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 85.074753] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 85.114092] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 85.129546] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 86.807956] Bluetooth: hci0: command tx timeout [ 86.871924] Bluetooth: hci1: command tx timeout [ 86.935762] Bluetooth: hci2: command tx timeout [ 86.999859] Bluetooth: hci3: command tx timeout [ 87.000847] Bluetooth: hci5: command tx timeout [ 87.063846] Bluetooth: hci4: command tx timeout [ 87.127904] Bluetooth: hci6: command tx timeout [ 87.255869] Bluetooth: hci7: command tx timeout [ 88.855891] Bluetooth: hci0: command tx timeout [ 88.919877] Bluetooth: hci1: command tx timeout [ 88.984025] Bluetooth: hci2: command tx timeout [ 89.048316] Bluetooth: hci5: command tx timeout [ 89.048492] Bluetooth: hci3: command tx timeout [ 89.113050] Bluetooth: hci4: command tx timeout [ 89.175962] Bluetooth: hci6: command tx timeout [ 89.305722] Bluetooth: hci7: command tx timeout [ 90.904370] Bluetooth: hci0: command tx timeout [ 90.967873] Bluetooth: hci1: command tx timeout [ 91.031794] Bluetooth: hci2: command tx timeout [ 91.095854] Bluetooth: hci3: command tx timeout [ 91.096320] Bluetooth: hci5: command tx timeout [ 91.160776] Bluetooth: hci4: command tx timeout [ 91.223834] Bluetooth: hci6: command tx timeout [ 91.351773] Bluetooth: hci7: command tx timeout [ 92.952809] Bluetooth: hci0: command tx timeout [ 93.016746] Bluetooth: hci1: command tx timeout [ 93.079856] Bluetooth: hci2: command tx timeout [ 93.144955] Bluetooth: hci5: command tx timeout [ 93.145535] Bluetooth: hci3: command tx timeout [ 93.207902] Bluetooth: hci4: command tx timeout [ 93.271890] Bluetooth: hci6: command tx timeout [ 93.404356] Bluetooth: hci7: command tx timeout [ 144.980600] [ 144.980863] ====================================================== [ 144.981468] WARNING: possible circular locking dependency detected [ 144.982103] 6.13.0-next-20250130 #1 Not tainted [ 144.982558] ------------------------------------------------------ [ 144.986745] kworker/u8:1/66 is trying to acquire lock: [ 144.987261] ffffffff86219b68 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 144.988290] [ 144.988290] but task is already holding lock: [ 144.988865] ffff888037058768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 144.989875] [ 144.989875] which lock already depends on the new lock. [ 144.989875] [ 144.990653] [ 144.990653] the existing dependency chain (in reverse order) is: [ 144.991375] [ 144.991375] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 144.992019] __mutex_lock+0x13d/0xb50 [ 144.992470] wiphy_register+0x1b2e/0x25d0 [ 144.992946] ieee80211_register_hw+0x23a4/0x3d60 [ 144.993462] mac80211_hwsim_new_radio+0x2759/0x4d60 [ 144.994014] init_mac80211_hwsim+0x389/0x870 [ 144.994520] do_one_initcall+0xf9/0x640 [ 144.994989] kernel_init_freeable+0x53d/0x7a0 [ 144.995497] kernel_init+0x1e/0x2d0 [ 144.995906] ret_from_fork+0x48/0x80 [ 144.996320] ret_from_fork_asm+0x1a/0x30 [ 144.996794] [ 144.996794] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 144.997377] __lock_acquire+0x29fd/0x4580 [ 144.997850] lock_acquire+0x19b/0x520 [ 144.998284] __mutex_lock+0x13d/0xb50 [ 144.998736] unregister_netdevice_many_notify+0x1612/0x1c80 [ 144.999326] unregister_netdevice_queue+0x224/0x2e0 [ 144.999855] _cfg80211_unregister_wdev+0x57b/0x700 [ 145.000392] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 145.000947] ieee80211_unregister_hw+0x55/0x3a0 [ 145.001450] hwsim_exit_net+0x3a0/0x730 [ 145.001942] ops_exit_list+0xb3/0x180 [ 145.002411] cleanup_net+0x546/0xad0 [ 145.002867] process_one_work+0x8ee/0x1a10 [ 145.003387] worker_thread+0x674/0xe70 [ 145.003885] kthread+0x3ab/0x720 [ 145.004326] ret_from_fork+0x48/0x80 [ 145.004779] ret_from_fork_asm+0x1a/0x30 [ 145.005281] [ 145.005281] other info that might help us debug this: [ 145.005281] [ 145.006046] Possible unsafe locking scenario: [ 145.006046] [ 145.006622] CPU0 CPU1 [ 145.007074] ---- ---- [ 145.007520] lock(&rdev->wiphy.mtx); [ 145.007918] lock(rtnl_mutex); [ 145.008486] lock(&rdev->wiphy.mtx); [ 145.009100] lock(rtnl_mutex); [ 145.009453] [ 145.009453] *** DEADLOCK *** [ 145.009453] [ 145.010028] 4 locks held by kworker/u8:1/66: [ 145.010467] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 145.011482] #1: ffff88800b92fd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 145.012466] #2: ffffffff8620db90 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 145.013380] #3: ffff888037058768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 145.014409] [ 145.014409] stack backtrace: [ 145.014837] CPU: 1 UID: 0 PID: 66 Comm: kworker/u8:1 Not tainted 6.13.0-next-20250130 #1 [ 145.014881] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 145.014908] Workqueue: netns cleanup_net [ 145.014956] Call Trace: [ 145.014967] [ 145.014981] dump_stack_lvl+0xca/0x120 [ 145.015050] print_circular_bug+0x47b/0x750 [ 145.015105] check_noncircular+0x2e9/0x3c0 [ 145.015154] ? lock_repin_lock+0x207/0x320 [ 145.015226] ? __pfx_check_noncircular+0x10/0x10 [ 145.015276] ? hlock_class+0x4e/0x130 [ 145.015312] ? mark_lock+0xac/0xed0 [ 145.015360] ? __pfx_lock_repin_lock+0x10/0x10 [ 145.015436] ? lockdep_lock+0xba/0x1b0 [ 145.015505] ? __pfx_lockdep_lock+0x10/0x10 [ 145.015580] __lock_acquire+0x29fd/0x4580 [ 145.015644] ? __pfx___lock_acquire+0x10/0x10 [ 145.015696] ? lock_release+0x20f/0x6f0 [ 145.015750] ? __pfx_lock_release+0x10/0x10 [ 145.015807] lock_acquire+0x19b/0x520 [ 145.015859] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 145.015916] ? __pfx_lock_acquire+0x10/0x10 [ 145.015970] ? srso_return_thunk+0x5/0x5f [ 145.016037] ? lock_release+0x20f/0x6f0 [ 145.016089] ? srso_return_thunk+0x5/0x5f [ 145.016155] ? lock_is_held_type+0x9e/0x120 [ 145.016221] ? srso_return_thunk+0x5/0x5f [ 145.016291] __mutex_lock+0x13d/0xb50 [ 145.016353] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 145.016406] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 145.016461] ? srso_return_thunk+0x5/0x5f [ 145.016527] ? synchronize_rcu_expedited+0x38a/0x420 [ 145.016579] ? __pfx___mutex_lock+0x10/0x10 [ 145.016644] ? __pfx_autoremove_wake_function+0x10/0x10 [ 145.016710] ? srso_return_thunk+0x5/0x5f [ 145.016776] ? kasan_quarantine_put+0x84/0x1e0 [ 145.016849] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 145.016891] ? srso_return_thunk+0x5/0x5f [ 145.016962] unregister_netdevice_many_notify+0x1612/0x1c80 [ 145.017016] ? __virt_addr_valid+0x2e8/0x5d0 [ 145.017079] ? __pfx_lock_release+0x10/0x10 [ 145.017133] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 145.017187] ? find_held_lock+0x2c/0x110 [ 145.017258] ? srso_return_thunk+0x5/0x5f [ 145.017327] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 145.017398] ? srso_return_thunk+0x5/0x5f [ 145.017464] ? lock_release+0x20f/0x6f0 [ 145.017517] ? __pfx_lock_release+0x10/0x10 [ 145.017571] ? srso_return_thunk+0x5/0x5f [ 145.017640] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 145.017697] ? srso_return_thunk+0x5/0x5f [ 145.017803] unregister_netdevice_queue+0x224/0x2e0 [ 145.017854] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 145.017905] ? up_write+0x195/0x520 [ 145.017972] _cfg80211_unregister_wdev+0x57b/0x700 [ 145.018033] ? srso_return_thunk+0x5/0x5f [ 145.018104] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 145.018149] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 145.018194] ? srso_return_thunk+0x5/0x5f [ 145.018260] ? srso_return_thunk+0x5/0x5f [ 145.018325] ? synchronize_rcu+0x1ff/0x260 [ 145.018376] ieee80211_unregister_hw+0x55/0x3a0 [ 145.018429] hwsim_exit_net+0x3a0/0x730 [ 145.018478] ? __pfx_hwsim_exit_net+0x10/0x10 [ 145.018526] ? srso_return_thunk+0x5/0x5f [ 145.018592] ? netdev_run_todo+0x788/0x1040 [ 145.018650] ? __pfx_hwsim_exit_net+0x10/0x10 [ 145.018700] ops_exit_list+0xb3/0x180 [ 145.018749] cleanup_net+0x546/0xad0 [ 145.018802] ? __pfx_cleanup_net+0x10/0x10 [ 145.018866] process_one_work+0x8ee/0x1a10 [ 145.018945] ? __pfx_lock_acquire+0x10/0x10 [ 145.018998] ? __pfx_process_one_work+0x10/0x10 [ 145.019069] ? srso_return_thunk+0x5/0x5f [ 145.019135] ? move_linked_works+0x172/0x270 [ 145.019188] ? srso_return_thunk+0x5/0x5f [ 145.019255] ? assign_work+0x196/0x240 [ 145.019324] worker_thread+0x674/0xe70 [ 145.019394] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 145.019456] ? srso_return_thunk+0x5/0x5f [ 145.019522] ? __pfx_worker_thread+0x10/0x10 [ 145.019595] kthread+0x3ab/0x720 [ 145.019657] ? __pfx_kthread+0x10/0x10 [ 145.019720] ? srso_return_thunk+0x5/0x5f [ 145.019786] ? finish_task_switch.isra.0+0x206/0x840 [ 145.019848] ? __pfx_kthread+0x10/0x10 [ 145.019913] ret_from_fork+0x48/0x80 [ 145.019950] ? __pfx_kthread+0x10/0x10 [ 145.020014] ret_from_fork_asm+0x1a/0x30 [ 145.020094] [ 146.667102] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 146.671265] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 146.673424] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 146.679265] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 146.683524] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 146.687372] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 146.725901] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 146.728183] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 146.733274] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 146.740826] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 146.745126] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 146.746869] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 146.780967] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 146.792169] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 146.794908] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 146.825040] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 146.834523] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 146.841722] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 146.848604] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 146.857186] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 146.860534] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 146.865621] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 146.867913] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 146.869059] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 146.869804] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 146.881250] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 146.898254] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 146.908553] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 146.910455] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 146.929233] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 146.929885] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 146.952425] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 146.953511] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 146.974270] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 146.976166] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 146.979358] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 146.982410] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 146.984253] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 146.985303] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 146.985999] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 146.999851] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 147.002140] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 147.055140] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 147.063015] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 147.068528] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 147.116988] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 147.124886] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 147.127549] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 148.759739] Bluetooth: hci0: command tx timeout [ 148.824778] Bluetooth: hci1: command tx timeout [ 148.887769] Bluetooth: hci3: command tx timeout [ 148.887823] Bluetooth: hci2: command tx timeout [ 149.015734] Bluetooth: hci6: command tx timeout [ 149.079888] Bluetooth: hci5: command tx timeout [ 149.080548] Bluetooth: hci4: command tx timeout [ 149.207773] Bluetooth: hci7: command tx timeout [ 150.807713] Bluetooth: hci0: command tx timeout [ 150.871715] Bluetooth: hci1: command tx timeout [ 150.935998] Bluetooth: hci2: command tx timeout [ 150.936842] Bluetooth: hci3: command tx timeout [ 151.064740] Bluetooth: hci6: command tx timeout [ 151.127740] Bluetooth: hci4: command tx timeout [ 151.127794] Bluetooth: hci5: command tx timeout [ 151.256729] Bluetooth: hci7: command tx timeout [ 152.856895] Bluetooth: hci0: command tx timeout [ 152.920892] Bluetooth: hci1: command tx timeout [ 152.984757] Bluetooth: hci3: command tx timeout [ 152.984816] Bluetooth: hci2: command tx timeout [ 153.114738] Bluetooth: hci6: command tx timeout [ 153.175847] Bluetooth: hci5: command tx timeout [ 153.176954] Bluetooth: hci4: command tx timeout [ 153.303785] Bluetooth: hci7: command tx timeout [ 154.905723] Bluetooth: hci0: command tx timeout [ 154.967769] Bluetooth: hci1: command tx timeout VM DIAGNOSIS: 17:17:26 Registers: info registers vcpu 0 RAX=ffff88800b923780 RBX=ffff88807ca1f078 RCX=ffffffff81429b7a RDX=1ffff11001791200 RSI=0000000000000008 RDI=ffff88800bc89000 RBP=0000000000000000 RSP=ffff88800bcefdd0 R8 =0000000000000000 R9 =ffffed1001791200 R10=ffff88800bc89007 R11=ffff88800b923c38 R12=ffff88807ca1fff9 R13=ffffffff8864e9f8 R14=ffff88800b923780 R15=0000000000000086 RIP=ffffffff81af012a RFL=00000097 [--S-APC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f9575370cc0 CR3=0000000012c9a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=6576652d7372656b726f772d6c6c696b XMM02=ffffff0f0e0d0c0b0a09080706050403 XMM03=696e656420737365636341002f737973 XMM04=0000000000000002000056524062fc00 XMM05=00005652406094400000565240607570 XMM06=00005652406090a00000000000000000 XMM07=00000000000000000000000000000000 XMM08=2f74656e2f73666e2f73662f7379732f XMM09=00000000000000000000000000000000 XMM10=00000000200000000000000020000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8283d2d5 RDI=ffffffff88693060 RBP=ffffffff88693020 RSP=ffff88800b92ed20 R8 =0000000000000000 R9 =ffffed1001d6b046 R10=000000000000002d R11=2d2d2d2d2d2d2d2d R12=000000000000002d R13=0000000000000010 R14=ffffffff88693020 R15=ffffffff8283d2c0 RIP=ffffffff8283d32d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00005652405fe090 CR3=0000000036c04000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000006ffffffff00005652405db5e0 XMM02=ffffff0f0e0d0c0b0a09080706050403 XMM03=696e656420737365636341002f737973 XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=00000000000000000000000000000000 XMM06=000056524060c130ffffffff00000002 XMM07=00000000000000000000000000000000 XMM08=2f74656e2f73666e2f73662f7379732f XMM09=00000000000000000000000000000000 XMM10=00000000200000000000000020000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000