Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:53744' (ECDSA) to the list of known hosts. 2025/01/30 19:01:40 fuzzer started 2025/01/30 19:01:41 dialing manager at localhost:46401 syzkaller login: [ 63.487718] cgroup: Unknown subsys name 'net' [ 63.598855] cgroup: Unknown subsys name 'cpuset' [ 63.631661] cgroup: Unknown subsys name 'rlimit' 2025/01/30 19:01:59 syscalls: 2217 2025/01/30 19:01:59 code coverage: enabled 2025/01/30 19:01:59 comparison tracing: enabled 2025/01/30 19:01:59 extra coverage: enabled 2025/01/30 19:01:59 setuid sandbox: enabled 2025/01/30 19:01:59 namespace sandbox: enabled 2025/01/30 19:01:59 Android sandbox: enabled 2025/01/30 19:01:59 fault injection: enabled 2025/01/30 19:01:59 leak checking: enabled 2025/01/30 19:01:59 net packet injection: enabled 2025/01/30 19:01:59 net device setup: enabled 2025/01/30 19:01:59 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/30 19:01:59 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/30 19:01:59 USB emulation: enabled 2025/01/30 19:01:59 hci packet injection: enabled 2025/01/30 19:01:59 wifi device emulation: enabled 2025/01/30 19:01:59 802.15.4 emulation: enabled 2025/01/30 19:01:59 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/30 19:01:59 fetching corpus: 1, signal 2361/4834 (executing program) 2025/01/30 19:01:59 fetching corpus: 1, signal 2361/6037 (executing program) 2025/01/30 19:01:59 fetching corpus: 1, signal 2361/6106 (executing program) 2025/01/30 19:01:59 fetching corpus: 1, signal 2361/6106 (executing program) 2025/01/30 19:02:03 starting 8 fuzzer processes 19:02:03 executing program 0: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000800)={[{@session}, {@unhide}, {@hide}, {@gid}, {@overriderock}]}) 19:02:03 executing program 1: io_setup(0x80000000, &(0x7f00000004c0)) 19:02:03 executing program 2: setgroups(0x3, &(0x7f0000006d40)=[0xee01, 0x0, 0xee01]) [ 86.035409] audit: type=1400 audit(1738263723.815:7): avc: denied { execmem } for pid=270 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 19:02:03 executing program 3: ioctl$KDGETLED(0xffffffffffffffff, 0x4b31, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0) sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, 0x0, 0x20000080) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) 19:02:03 executing program 4: perf_event_open$cgroup(&(0x7f0000001840)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1004000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 19:02:03 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$SO_TIMESTAMPING(r0, 0x1, 0x31, 0x0, &(0x7f0000000140)=0x47) 19:02:03 executing program 6: syz_mount_image$nfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='system.posix_acl_access\x00', &(0x7f0000000280)={{}, {0x2}}, 0x24, 0x0) 19:02:03 executing program 7: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_inet6_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000000)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}) [ 87.529454] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 87.541552] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 87.548932] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 87.557252] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 87.562902] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 87.567389] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 87.597915] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 87.603100] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 87.607072] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 87.611532] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 87.616835] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 87.618530] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 87.649705] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 87.664559] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 87.667353] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 87.673500] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 87.676463] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 87.679201] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 87.680964] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 87.685153] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 87.686691] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 87.699664] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 87.704697] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 87.707870] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 87.709462] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 87.711502] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 87.713795] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 87.716881] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 87.721600] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 87.724254] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 87.726127] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 87.728941] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 87.739534] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 87.742176] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 87.746263] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 87.748999] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 87.752711] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 87.773435] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 87.776940] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 87.779013] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 87.782163] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 87.785047] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 87.815030] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 87.816673] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 87.837148] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 87.838417] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 87.846494] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 87.854341] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 89.616065] Bluetooth: hci0: command tx timeout [ 89.678866] Bluetooth: hci1: command tx timeout [ 89.807023] Bluetooth: hci3: command tx timeout [ 89.807054] Bluetooth: hci2: command tx timeout [ 89.871161] Bluetooth: hci4: command tx timeout [ 89.871176] Bluetooth: hci6: command tx timeout [ 89.935036] Bluetooth: hci7: command tx timeout [ 89.935107] Bluetooth: hci5: command tx timeout [ 91.664504] Bluetooth: hci0: command tx timeout [ 91.726911] Bluetooth: hci1: command tx timeout [ 91.856822] Bluetooth: hci3: command tx timeout [ 91.856852] Bluetooth: hci2: command tx timeout [ 91.919780] Bluetooth: hci4: command tx timeout [ 91.919812] Bluetooth: hci6: command tx timeout [ 91.982855] Bluetooth: hci7: command tx timeout [ 91.983823] Bluetooth: hci5: command tx timeout [ 93.711779] Bluetooth: hci0: command tx timeout [ 93.774791] Bluetooth: hci1: command tx timeout [ 93.902903] Bluetooth: hci2: command tx timeout [ 93.903092] Bluetooth: hci3: command tx timeout [ 93.966818] Bluetooth: hci4: command tx timeout [ 93.966916] Bluetooth: hci6: command tx timeout [ 94.031308] Bluetooth: hci5: command tx timeout [ 94.031406] Bluetooth: hci7: command tx timeout [ 95.758854] Bluetooth: hci0: command tx timeout [ 95.822875] Bluetooth: hci1: command tx timeout [ 95.950873] Bluetooth: hci2: command tx timeout [ 95.952073] Bluetooth: hci3: command tx timeout [ 96.014927] Bluetooth: hci6: command tx timeout [ 96.014955] Bluetooth: hci4: command tx timeout [ 96.079911] Bluetooth: hci5: command tx timeout [ 96.080078] Bluetooth: hci7: command tx timeout [ 150.171956] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 150.174501] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 150.176832] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 150.182568] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 150.184616] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 150.187922] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 150.190473] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 150.192642] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 150.194647] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 150.200386] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 150.204027] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 150.207174] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 150.265152] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 150.274516] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 150.277748] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 150.282798] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 150.290811] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 150.299253] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 150.337690] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 150.350552] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 150.356080] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 150.362526] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 150.367127] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 150.371249] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 150.382075] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 150.386921] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 150.390457] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 150.391655] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 150.396378] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 150.401926] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 150.430919] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 150.433202] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 150.434090] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 150.436446] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 150.438386] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 150.442168] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 150.451268] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 150.453173] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 150.454675] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 150.472403] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 150.480093] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 150.482950] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 150.484450] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 150.486377] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 150.492616] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 150.496413] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 150.496785] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 150.499273] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 152.206911] Bluetooth: hci0: command tx timeout [ 152.270826] Bluetooth: hci1: command tx timeout [ 152.334879] Bluetooth: hci2: command tx timeout [ 152.464086] Bluetooth: hci3: command tx timeout [ 152.526891] Bluetooth: hci7: command tx timeout [ 152.527811] Bluetooth: hci4: command tx timeout [ 152.591983] Bluetooth: hci5: command tx timeout [ 152.593440] Bluetooth: hci6: command tx timeout [ 154.255032] Bluetooth: hci0: command tx timeout [ 154.318802] Bluetooth: hci1: command tx timeout [ 154.384747] Bluetooth: hci2: command tx timeout [ 154.511756] Bluetooth: hci3: command tx timeout [ 154.574824] Bluetooth: hci7: command tx timeout [ 154.575947] Bluetooth: hci4: command tx timeout [ 154.638813] Bluetooth: hci6: command tx timeout [ 154.638834] Bluetooth: hci5: command tx timeout [ 156.303821] Bluetooth: hci0: command tx timeout [ 156.367131] Bluetooth: hci1: command tx timeout [ 156.432162] Bluetooth: hci2: command tx timeout [ 156.559878] Bluetooth: hci3: command tx timeout [ 156.622868] Bluetooth: hci4: command tx timeout [ 156.623082] Bluetooth: hci7: command tx timeout [ 156.688814] Bluetooth: hci5: command tx timeout [ 156.688981] Bluetooth: hci6: command tx timeout [ 158.351810] Bluetooth: hci0: command tx timeout [ 158.414875] Bluetooth: hci1: command tx timeout [ 158.478773] Bluetooth: hci2: command tx timeout [ 158.606801] Bluetooth: hci3: command tx timeout [ 158.670803] Bluetooth: hci4: command tx timeout [ 158.672578] Bluetooth: hci7: command tx timeout [ 158.734955] Bluetooth: hci6: command tx timeout [ 158.735828] Bluetooth: hci5: command tx timeout [ 210.421518] [ 210.421757] ====================================================== [ 210.422278] WARNING: possible circular locking dependency detected [ 210.422795] 6.13.0-next-20250130 #1 Not tainted [ 210.423191] ------------------------------------------------------ [ 210.424349] kworker/u8:1/64 is trying to acquire lock: [ 210.425584] ffffffff86219b68 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 210.427677] [ 210.427677] but task is already holding lock: [ 210.429239] ffff88800f448768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 210.431154] [ 210.431154] which lock already depends on the new lock. [ 210.431154] [ 210.432297] [ 210.432297] the existing dependency chain (in reverse order) is: [ 210.432915] [ 210.432915] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 210.433498] __mutex_lock+0x13d/0xb50 [ 210.433912] wiphy_register+0x1b2e/0x25d0 [ 210.434349] ieee80211_register_hw+0x23a4/0x3d60 [ 210.434827] mac80211_hwsim_new_radio+0x2759/0x4d60 [ 210.435325] init_mac80211_hwsim+0x389/0x870 [ 210.435788] do_one_initcall+0xf9/0x640 [ 210.436211] kernel_init_freeable+0x53d/0x7a0 [ 210.436673] kernel_init+0x1e/0x2d0 [ 210.437042] ret_from_fork+0x48/0x80 [ 210.437426] ret_from_fork_asm+0x1a/0x30 [ 210.437856] [ 210.437856] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 210.438389] __lock_acquire+0x29fd/0x4580 [ 210.438816] lock_acquire+0x19b/0x520 [ 210.439209] __mutex_lock+0x13d/0xb50 [ 210.439612] unregister_netdevice_many_notify+0x1612/0x1c80 [ 210.440155] unregister_netdevice_queue+0x224/0x2e0 [ 210.440642] _cfg80211_unregister_wdev+0x57b/0x700 [ 210.441131] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 210.441620] ieee80211_unregister_hw+0x55/0x3a0 [ 210.442083] hwsim_exit_net+0x3a0/0x730 [ 210.442490] ops_exit_list+0xb3/0x180 [ 210.442882] cleanup_net+0x546/0xad0 [ 210.443270] process_one_work+0x8ee/0x1a10 [ 210.443721] worker_thread+0x674/0xe70 [ 210.444140] kthread+0x3ab/0x720 [ 210.444514] ret_from_fork+0x48/0x80 [ 210.444891] ret_from_fork_asm+0x1a/0x30 [ 210.445333] [ 210.445333] other info that might help us debug this: [ 210.445333] [ 210.445983] Possible unsafe locking scenario: [ 210.445983] [ 210.446482] CPU0 CPU1 [ 210.446869] ---- ---- [ 210.447256] lock(&rdev->wiphy.mtx); [ 210.447614] lock(rtnl_mutex); [ 210.448114] lock(&rdev->wiphy.mtx); [ 210.448651] lock(rtnl_mutex); [ 210.448959] [ 210.448959] *** DEADLOCK *** [ 210.448959] [ 210.449468] 4 locks held by kworker/u8:1/64: [ 210.449849] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 210.450731] #1: ffff88800f337d30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 210.451581] #2: ffffffff8620db90 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 210.452379] #3: ffff88800f448768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 210.453275] [ 210.453275] stack backtrace: [ 210.453654] CPU: 1 UID: 0 PID: 64 Comm: kworker/u8:1 Not tainted 6.13.0-next-20250130 #1 [ 210.453691] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 210.453713] Workqueue: netns cleanup_net [ 210.453755] Call Trace: [ 210.453764] [ 210.453776] dump_stack_lvl+0xca/0x120 [ 210.453836] print_circular_bug+0x47b/0x750 [ 210.453883] check_noncircular+0x2e9/0x3c0 [ 210.453925] ? srso_return_thunk+0x5/0x5f [ 210.453984] ? __pfx_check_noncircular+0x10/0x10 [ 210.454027] ? hlock_class+0x4e/0x130 [ 210.454058] ? mark_lock+0xac/0xed0 [ 210.454099] ? srso_return_thunk+0x5/0x5f [ 210.454157] ? dl_scaled_delta_exec+0xd4/0x2c0 [ 210.454204] ? lockdep_lock+0xba/0x1b0 [ 210.454265] ? __pfx_lockdep_lock+0x10/0x10 [ 210.454331] __lock_acquire+0x29fd/0x4580 [ 210.454386] ? __pfx___lock_acquire+0x10/0x10 [ 210.454431] ? lock_release+0x20f/0x6f0 [ 210.454477] ? __pfx_lock_release+0x10/0x10 [ 210.454526] lock_acquire+0x19b/0x520 [ 210.454571] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 210.454620] ? __pfx_lock_acquire+0x10/0x10 [ 210.454667] ? srso_return_thunk+0x5/0x5f [ 210.454724] ? lock_release+0x20f/0x6f0 [ 210.454769] ? srso_return_thunk+0x5/0x5f [ 210.454826] ? lock_is_held_type+0x9e/0x120 [ 210.454883] ? srso_return_thunk+0x5/0x5f [ 210.454944] __mutex_lock+0x13d/0xb50 [ 210.454998] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 210.455043] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 210.455090] ? srso_return_thunk+0x5/0x5f [ 210.455147] ? synchronize_rcu_expedited+0x38a/0x420 [ 210.455193] ? __pfx___mutex_lock+0x10/0x10 [ 210.455248] ? __pfx_autoremove_wake_function+0x10/0x10 [ 210.455304] ? srso_return_thunk+0x5/0x5f [ 210.455361] ? kasan_quarantine_put+0x84/0x1e0 [ 210.455426] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 210.455462] ? srso_return_thunk+0x5/0x5f [ 210.455523] unregister_netdevice_many_notify+0x1612/0x1c80 [ 210.455570] ? __virt_addr_valid+0x2e8/0x5d0 [ 210.455625] ? __pfx_lock_release+0x10/0x10 [ 210.455671] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 210.455717] ? find_held_lock+0x2c/0x110 [ 210.455779] ? srso_return_thunk+0x5/0x5f [ 210.455838] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 210.455899] ? srso_return_thunk+0x5/0x5f [ 210.455956] ? lock_release+0x20f/0x6f0 [ 210.456002] ? __pfx_lock_release+0x10/0x10 [ 210.456047] ? srso_return_thunk+0x5/0x5f [ 210.456104] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 210.456153] ? srso_return_thunk+0x5/0x5f [ 210.456216] unregister_netdevice_queue+0x224/0x2e0 [ 210.456260] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 210.456304] ? up_write+0x195/0x520 [ 210.456361] _cfg80211_unregister_wdev+0x57b/0x700 [ 210.456414] ? srso_return_thunk+0x5/0x5f [ 210.456475] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 210.456514] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 210.456552] ? srso_return_thunk+0x5/0x5f [ 210.456609] ? srso_return_thunk+0x5/0x5f [ 210.456666] ? synchronize_rcu+0x1ff/0x260 [ 210.456710] ieee80211_unregister_hw+0x55/0x3a0 [ 210.456756] hwsim_exit_net+0x3a0/0x730 [ 210.456798] ? __pfx_hwsim_exit_net+0x10/0x10 [ 210.456839] ? srso_return_thunk+0x5/0x5f [ 210.456896] ? netdev_run_todo+0x788/0x1040 [ 210.456946] ? __pfx_hwsim_exit_net+0x10/0x10 [ 210.456989] ops_exit_list+0xb3/0x180 [ 210.457032] cleanup_net+0x546/0xad0 [ 210.457078] ? __pfx_cleanup_net+0x10/0x10 [ 210.457133] process_one_work+0x8ee/0x1a10 [ 210.457201] ? __pfx_lock_acquire+0x10/0x10 [ 210.457247] ? __pfx_process_one_work+0x10/0x10 [ 210.457316] ? srso_return_thunk+0x5/0x5f [ 210.457373] ? move_linked_works+0x172/0x270 [ 210.457419] ? srso_return_thunk+0x5/0x5f [ 210.457476] ? assign_work+0x196/0x240 [ 210.457536] worker_thread+0x674/0xe70 [ 210.457597] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 210.457651] ? srso_return_thunk+0x5/0x5f [ 210.457708] ? __pfx_worker_thread+0x10/0x10 [ 210.457770] kthread+0x3ab/0x720 [ 210.457825] ? __pfx_kthread+0x10/0x10 [ 210.457879] ? srso_return_thunk+0x5/0x5f [ 210.457936] ? finish_task_switch.isra.0+0x206/0x840 [ 210.457989] ? __pfx_kthread+0x10/0x10 [ 210.458046] ret_from_fork+0x48/0x80 [ 210.458077] ? __pfx_kthread+0x10/0x10 [ 210.458132] ret_from_fork_asm+0x1a/0x30 [ 210.458201] [ 212.140124] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 212.143291] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 212.146351] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 212.156986] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 212.162115] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 212.165402] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 212.188434] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 212.194029] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 212.196340] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 212.205594] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 212.211253] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 212.218901] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 212.264904] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 212.273083] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 212.289130] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 212.304525] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 212.332079] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 212.334157] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 212.341254] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 212.352043] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 212.354847] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 212.374667] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 212.379595] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 212.389019] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 212.390368] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 212.393665] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 212.402969] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 212.403080] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 212.406669] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 212.410232] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 212.419846] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 212.427987] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 212.437134] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 212.447019] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 212.461242] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 212.462985] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 212.466024] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 212.469288] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 212.472368] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 212.474652] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 212.478011] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 212.479608] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 212.520526] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 212.551516] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 212.557063] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 212.585030] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 212.598074] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 212.601074] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 214.223773] Bluetooth: hci0: command tx timeout [ 214.286796] Bluetooth: hci1: command tx timeout [ 214.478804] Bluetooth: hci3: command tx timeout [ 214.479789] Bluetooth: hci2: command tx timeout [ 214.542807] Bluetooth: hci4: command tx timeout [ 214.542900] Bluetooth: hci7: command tx timeout [ 214.543768] Bluetooth: hci5: command tx timeout [ 214.670823] Bluetooth: hci6: command tx timeout [ 216.270859] Bluetooth: hci0: command tx timeout [ 216.335222] Bluetooth: hci1: command tx timeout [ 216.526982] Bluetooth: hci2: command tx timeout [ 216.527747] Bluetooth: hci3: command tx timeout [ 216.590933] Bluetooth: hci5: command tx timeout [ 216.591898] Bluetooth: hci7: command tx timeout [ 216.592291] Bluetooth: hci4: command tx timeout [ 216.718814] Bluetooth: hci6: command tx timeout [ 218.319717] Bluetooth: hci0: command tx timeout [ 218.382816] Bluetooth: hci1: command tx timeout [ 218.576768] Bluetooth: hci2: command tx timeout [ 218.577220] Bluetooth: hci3: command tx timeout [ 218.638820] Bluetooth: hci4: command tx timeout [ 218.638945] Bluetooth: hci7: command tx timeout [ 218.639675] Bluetooth: hci5: command tx timeout [ 218.766939] Bluetooth: hci6: command tx timeout [ 220.366760] Bluetooth: hci0: command tx timeout [ 220.431469] Bluetooth: hci1: command tx timeout VM DIAGNOSIS: 19:04:08 Registers: info registers vcpu 0 RAX=ffff88800935a758 RBX=ffffffff8861a838 RCX=ffffffff81429b7a RDX=ffff88800935a718 RSI=0000000000000001 RDI=ffff88800935a798 RBP=ffff88800935a798 RSP=ffff88800f617da0 R8 =0000000000000000 R9 =ffffed10017d5d80 R10=ffff88800beaec07 R11=ffff88800cfb57f8 R12=ffff88800ddbc9a8 R13=ffffffff8861a838 R14=ffff88800cfb5340 R15=0000000000000086 RIP=ffffffff81aef260 RFL=00000082 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f33ab2b1e70 CR3=000000000dec2000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=7185b0143755d18b87443aa641996cd5 XMM02=00000000000fd938ee7587d5db12e8e3 XMM03=00000000000fdaa8d12871896912de2d XMM04=a60ca567c075e16600000000000ae988 XMM05=8260b6ec97d525c2000000000013f558 XMM06=6098c19552daab490000000000112638 XMM07=ea899072da79512f00000000000fdc00 XMM08=d12871896912de2d00000000000fd988 XMM09=00000000000000000000000000000000 XMM10=20000000000000002000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000032 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8283d2d5 RDI=ffffffff88693060 RBP=ffffffff88693020 RSP=ffff88800f336d20 R8 =0000000000000000 R9 =ffffed1001a5a046 R10=0000000000000032 R11=6f6c206863696877 R12=0000000000000032 R13=0000000000000010 R14=ffffffff88693020 R15=ffffffff8283d2c0 RIP=ffffffff8283d32d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffd9b12f000 CR3=000000001bd7e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=0000000000000000416b1d1000000000 XMM03=0000ff00000000000000000000000000 XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962 XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000