Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:24965' (ECDSA) to the list of known hosts. 2025/01/18 22:24:49 fuzzer started 2025/01/18 22:24:50 dialing manager at localhost:44245 syzkaller login: [ 62.380626] cgroup: Unknown subsys name 'net' [ 62.462630] cgroup: Unknown subsys name 'cpuset' [ 62.484438] cgroup: Unknown subsys name 'rlimit' [ 67.331030] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/18 22:25:07 syscalls: 2217 2025/01/18 22:25:07 code coverage: enabled 2025/01/18 22:25:07 comparison tracing: enabled 2025/01/18 22:25:07 extra coverage: enabled 2025/01/18 22:25:07 setuid sandbox: enabled 2025/01/18 22:25:07 namespace sandbox: enabled 2025/01/18 22:25:07 Android sandbox: enabled 2025/01/18 22:25:07 fault injection: enabled 2025/01/18 22:25:07 leak checking: enabled 2025/01/18 22:25:07 net packet injection: enabled 2025/01/18 22:25:07 net device setup: enabled 2025/01/18 22:25:07 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/18 22:25:07 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/18 22:25:07 USB emulation: enabled 2025/01/18 22:25:07 hci packet injection: enabled 2025/01/18 22:25:07 wifi device emulation: enabled 2025/01/18 22:25:07 802.15.4 emulation: enabled 2025/01/18 22:25:07 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/18 22:25:07 fetching corpus: 50, signal 26250/29254 (executing program) 2025/01/18 22:25:07 fetching corpus: 100, signal 35056/39043 (executing program) 2025/01/18 22:25:08 fetching corpus: 150, signal 44278/48923 (executing program) 2025/01/18 22:25:08 fetching corpus: 200, signal 49624/54906 (executing program) 2025/01/18 22:25:08 fetching corpus: 250, signal 56320/61956 (executing program) 2025/01/18 22:25:08 fetching corpus: 300, signal 61018/66988 (executing program) 2025/01/18 22:25:08 fetching corpus: 350, signal 64569/70846 (executing program) 2025/01/18 22:25:08 fetching corpus: 400, signal 68303/74814 (executing program) 2025/01/18 22:25:08 fetching corpus: 450, signal 72098/78630 (executing program) 2025/01/18 22:25:09 fetching corpus: 500, signal 74921/81574 (executing program) 2025/01/18 22:25:09 fetching corpus: 550, signal 77764/84426 (executing program) 2025/01/18 22:25:09 fetching corpus: 600, signal 81789/87973 (executing program) 2025/01/18 22:25:09 fetching corpus: 650, signal 83488/89700 (executing program) 2025/01/18 22:25:09 fetching corpus: 700, signal 85720/91738 (executing program) 2025/01/18 22:25:09 fetching corpus: 750, signal 87247/93200 (executing program) 2025/01/18 22:25:10 fetching corpus: 800, signal 89621/95147 (executing program) 2025/01/18 22:25:10 fetching corpus: 850, signal 91432/96657 (executing program) 2025/01/18 22:25:10 fetching corpus: 900, signal 94198/98736 (executing program) 2025/01/18 22:25:10 fetching corpus: 950, signal 95541/99803 (executing program) 2025/01/18 22:25:10 fetching corpus: 1000, signal 97179/101008 (executing program) 2025/01/18 22:25:11 fetching corpus: 1050, signal 98282/101814 (executing program) 2025/01/18 22:25:11 fetching corpus: 1100, signal 99713/102785 (executing program) 2025/01/18 22:25:11 fetching corpus: 1150, signal 101134/103721 (executing program) 2025/01/18 22:25:11 fetching corpus: 1200, signal 102154/104340 (executing program) 2025/01/18 22:25:11 fetching corpus: 1250, signal 104603/105659 (executing program) 2025/01/18 22:25:11 fetching corpus: 1269, signal 104942/105852 (executing program) 2025/01/18 22:25:11 fetching corpus: 1269, signal 104942/105902 (executing program) 2025/01/18 22:25:11 fetching corpus: 1269, signal 104942/105938 (executing program) 2025/01/18 22:25:11 fetching corpus: 1269, signal 104942/105977 (executing program) 2025/01/18 22:25:11 fetching corpus: 1269, signal 104942/106021 (executing program) 2025/01/18 22:25:11 fetching corpus: 1269, signal 104942/106052 (executing program) 2025/01/18 22:25:11 fetching corpus: 1269, signal 104942/106080 (executing program) 2025/01/18 22:25:11 fetching corpus: 1269, signal 104942/106111 (executing program) 2025/01/18 22:25:11 fetching corpus: 1269, signal 104942/106148 (executing program) 2025/01/18 22:25:11 fetching corpus: 1269, signal 104942/106188 (executing program) 2025/01/18 22:25:11 fetching corpus: 1269, signal 104942/106223 (executing program) 2025/01/18 22:25:11 fetching corpus: 1269, signal 104942/106253 (executing program) 2025/01/18 22:25:11 fetching corpus: 1269, signal 104942/106279 (executing program) 2025/01/18 22:25:11 fetching corpus: 1269, signal 104942/106317 (executing program) 2025/01/18 22:25:11 fetching corpus: 1269, signal 104942/106360 (executing program) 2025/01/18 22:25:11 fetching corpus: 1269, signal 104942/106393 (executing program) 2025/01/18 22:25:11 fetching corpus: 1269, signal 104942/106421 (executing program) 2025/01/18 22:25:12 fetching corpus: 1269, signal 104942/106451 (executing program) 2025/01/18 22:25:12 fetching corpus: 1269, signal 104942/106481 (executing program) 2025/01/18 22:25:12 fetching corpus: 1269, signal 104942/106501 (executing program) 2025/01/18 22:25:12 fetching corpus: 1269, signal 104942/106537 (executing program) 2025/01/18 22:25:12 fetching corpus: 1269, signal 104942/106575 (executing program) 2025/01/18 22:25:12 fetching corpus: 1269, signal 104942/106603 (executing program) 2025/01/18 22:25:12 fetching corpus: 1269, signal 104942/106634 (executing program) 2025/01/18 22:25:12 fetching corpus: 1269, signal 104942/106671 (executing program) 2025/01/18 22:25:12 fetching corpus: 1269, signal 104942/106708 (executing program) 2025/01/18 22:25:12 fetching corpus: 1269, signal 104942/106740 (executing program) 2025/01/18 22:25:12 fetching corpus: 1269, signal 104942/106753 (executing program) 2025/01/18 22:25:12 fetching corpus: 1269, signal 104942/106753 (executing program) 2025/01/18 22:25:16 starting 8 fuzzer processes 22:25:16 executing program 0: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @none}, 0xe) 22:25:16 executing program 1: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sysvipc/msg\x00', 0x0, 0x0) close(r0) 22:25:16 executing program 2: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) listen(r0, 0x0) ioctl$sock_SIOCINQ(r0, 0x541b, 0x0) 22:25:16 executing program 3: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x0) mmap$perf(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0) 22:25:16 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x1, 0x0) ioctl$FIONCLEX(r0, 0x5450) 22:25:16 executing program 5: syz_mount_image$tmpfs(&(0x7f00000002c0), &(0x7f0000000300)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='mpol=interlstatic:6-6:73/N']) [ 88.626897] audit: type=1400 audit(1737239116.551:7): avc: denied { execmem } for pid=274 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 22:25:16 executing program 7: perf_event_open$cgroup(&(0x7f0000003c80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 22:25:16 executing program 6: syz_mount_image$tmpfs(0x0, &(0x7f0000003240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$cgroup2(0x20100000, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000100), 0x0, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$9p_unix(&(0x7f0000000000)='./file1\x00', &(0x7f0000000300)='./file1\x00', 0x0, 0x91010, 0x0) mount$9p_unix(&(0x7f0000000040)='.\x00', &(0x7f0000000140)='./file1\x00', 0x0, 0x1805002, 0x0) move_mount(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0) [ 90.036955] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 90.042454] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 90.043150] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 90.048402] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 90.048857] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 90.053287] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 90.061445] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 90.062793] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 90.068267] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 90.070729] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 90.074042] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 90.076257] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 90.076721] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 90.085172] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 90.086814] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 90.093463] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 90.094931] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 90.101737] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 90.103294] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 90.112213] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 90.121790] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 90.121925] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 90.127242] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 90.141189] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 90.142114] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 90.143912] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 90.160037] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 90.183744] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 90.186802] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 90.195748] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 90.200697] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 90.204305] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 90.204927] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 90.205999] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 90.206758] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 90.207596] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 90.209337] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 90.216188] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 90.219084] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 90.223666] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 90.227017] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 90.228748] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 90.229871] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 90.231624] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 90.234619] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 90.244834] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 90.253377] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 90.259462] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 92.175906] Bluetooth: hci0: command tx timeout [ 92.176765] Bluetooth: hci1: command tx timeout [ 92.176784] Bluetooth: hci2: command tx timeout [ 92.239769] Bluetooth: hci4: command tx timeout [ 92.240350] Bluetooth: hci3: command tx timeout [ 92.305540] Bluetooth: hci6: command tx timeout [ 92.305712] Bluetooth: hci5: command tx timeout [ 92.305868] Bluetooth: hci7: command tx timeout [ 94.223757] Bluetooth: hci2: command tx timeout [ 94.225324] Bluetooth: hci0: command tx timeout [ 94.225390] Bluetooth: hci1: command tx timeout [ 94.289558] Bluetooth: hci3: command tx timeout [ 94.289620] Bluetooth: hci4: command tx timeout [ 94.353599] Bluetooth: hci7: command tx timeout [ 94.353648] Bluetooth: hci5: command tx timeout [ 94.353754] Bluetooth: hci6: command tx timeout [ 96.272118] Bluetooth: hci1: command tx timeout [ 96.272874] Bluetooth: hci0: command tx timeout [ 96.272909] Bluetooth: hci2: command tx timeout [ 96.336707] Bluetooth: hci3: command tx timeout [ 96.336777] Bluetooth: hci4: command tx timeout [ 96.399880] Bluetooth: hci5: command tx timeout [ 96.400381] Bluetooth: hci6: command tx timeout [ 96.401096] Bluetooth: hci7: command tx timeout [ 98.319626] Bluetooth: hci2: command tx timeout [ 98.320638] Bluetooth: hci1: command tx timeout [ 98.320768] Bluetooth: hci0: command tx timeout [ 98.383728] Bluetooth: hci4: command tx timeout [ 98.384836] Bluetooth: hci3: command tx timeout [ 98.448700] Bluetooth: hci7: command tx timeout [ 98.448796] Bluetooth: hci6: command tx timeout [ 98.448952] Bluetooth: hci5: command tx timeout [ 147.940694] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 147.940813] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 148.321887] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 148.321973] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 150.719926] [ 150.720177] ====================================================== [ 150.720782] WARNING: possible circular locking dependency detected [ 150.721379] 6.13.0-rc7-next-20250117 #1 Not tainted [ 150.721855] ------------------------------------------------------ [ 150.723201] kworker/u8:1/66 is trying to acquire lock: [ 150.724101] ffffffff8621b968 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 150.725588] [ 150.725588] but task is already holding lock: [ 150.726484] ffff88803d000768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 150.728901] [ 150.728901] which lock already depends on the new lock. [ 150.728901] [ 150.730799] [ 150.730799] the existing dependency chain (in reverse order) is: [ 150.731512] [ 150.731512] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 150.732167] __mutex_lock+0x13d/0xb50 [ 150.732633] wiphy_register+0x1b2e/0x25d0 [ 150.733115] ieee80211_register_hw+0x23a4/0x3d60 [ 150.733642] mac80211_hwsim_new_radio+0x2759/0x4d50 [ 150.734201] init_mac80211_hwsim+0x389/0x870 [ 150.734717] do_one_initcall+0xf9/0x640 [ 150.735194] kernel_init_freeable+0x53d/0x7a0 [ 150.735710] kernel_init+0x1e/0x2d0 [ 150.736125] ret_from_fork+0x48/0x80 [ 150.736559] ret_from_fork_asm+0x1a/0x30 [ 150.737039] [ 150.737039] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 150.737651] __lock_acquire+0x29fd/0x4580 [ 150.738129] lock_acquire+0x19b/0x520 [ 150.738572] __mutex_lock+0x13d/0xb50 [ 150.739021] unregister_netdevice_many_notify+0x1612/0x1c80 [ 150.739628] unregister_netdevice_queue+0x224/0x2e0 [ 150.740171] _cfg80211_unregister_wdev+0x57b/0x700 [ 150.740727] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 150.741268] ieee80211_unregister_hw+0x55/0x3a0 [ 150.741785] hwsim_exit_net+0x3a0/0x730 [ 150.742241] ops_exit_list+0xb3/0x180 [ 150.742680] cleanup_net+0x546/0xad0 [ 150.743113] process_one_work+0x8ee/0x1a10 [ 150.743612] worker_thread+0x674/0xe70 [ 150.744076] kthread+0x3ab/0x720 [ 150.744496] ret_from_fork+0x48/0x80 [ 150.744919] ret_from_fork_asm+0x1a/0x30 [ 150.745399] [ 150.745399] other info that might help us debug this: [ 150.745399] [ 150.746148] Possible unsafe locking scenario: [ 150.746148] [ 150.746719] CPU0 CPU1 [ 150.747169] ---- ---- [ 150.747622] lock(&rdev->wiphy.mtx); [ 150.748030] lock(rtnl_mutex); [ 150.748621] lock(&rdev->wiphy.mtx); [ 150.749248] lock(rtnl_mutex); [ 150.749610] [ 150.749610] *** DEADLOCK *** [ 150.749610] [ 150.750182] 4 locks held by kworker/u8:1/66: [ 150.750622] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 150.751624] #1: ffff88800ed1fd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 150.752597] #2: ffffffff8620f810 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 150.753496] #3: ffff88803d000768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 150.754518] [ 150.754518] stack backtrace: [ 150.754947] CPU: 1 UID: 0 PID: 66 Comm: kworker/u8:1 Not tainted 6.13.0-rc7-next-20250117 #1 [ 150.755736] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 150.756505] Workqueue: netns cleanup_net [ 150.756913] Call Trace: [ 150.757162] [ 150.757382] dump_stack_lvl+0xca/0x120 [ 150.757793] print_circular_bug+0x47b/0x750 [ 150.758222] check_noncircular+0x2e9/0x3c0 [ 150.758642] ? __pfx_check_noncircular+0x10/0x10 [ 150.759109] ? hlock_class+0x4e/0x130 [ 150.759487] ? srso_return_thunk+0x5/0x5f [ 150.759913] ? mark_lock+0xac/0xed0 [ 150.760289] ? lockdep_lock+0xba/0x1b0 [ 150.760708] ? __pfx_lockdep_lock+0x10/0x10 [ 150.761156] __lock_acquire+0x29fd/0x4580 [ 150.761581] ? __pfx___lock_acquire+0x10/0x10 [ 150.762028] ? lock_release+0x20f/0x6f0 [ 150.762429] ? __pfx_lock_release+0x10/0x10 [ 150.762859] ? srso_return_thunk+0x5/0x5f [ 150.763292] lock_acquire+0x19b/0x520 [ 150.763681] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 150.764252] ? __pfx_lock_acquire+0x10/0x10 [ 150.764690] ? __pfx_lock_release+0x10/0x10 [ 150.765127] ? __pfx_try_to_wake_up+0x10/0x10 [ 150.765585] ? srso_return_thunk+0x5/0x5f [ 150.766018] ? lock_is_held_type+0x9e/0x120 [ 150.766474] ? srso_return_thunk+0x5/0x5f [ 150.766908] __mutex_lock+0x13d/0xb50 [ 150.767311] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 150.767888] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 150.768465] ? srso_return_thunk+0x5/0x5f [ 150.768905] ? synchronize_rcu_expedited+0x38a/0x420 [ 150.769407] ? __pfx___mutex_lock+0x10/0x10 [ 150.769854] ? srso_return_thunk+0x5/0x5f [ 150.770289] ? srso_return_thunk+0x5/0x5f [ 150.770724] ? kasan_quarantine_put+0x84/0x1e0 [ 150.771202] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 150.771656] ? srso_return_thunk+0x5/0x5f [ 150.772095] unregister_netdevice_many_notify+0x1612/0x1c80 [ 150.772662] ? __virt_addr_valid+0x2e8/0x5d0 [ 150.773120] ? __pfx_lock_release+0x10/0x10 [ 150.773562] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 150.774151] ? find_held_lock+0x2c/0x110 [ 150.774582] ? srso_return_thunk+0x5/0x5f [ 150.775021] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 150.775530] ? srso_return_thunk+0x5/0x5f [ 150.775962] ? lock_release+0x20f/0x6f0 [ 150.776369] ? __pfx_lock_release+0x10/0x10 [ 150.776812] ? srso_return_thunk+0x5/0x5f [ 150.777247] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 150.777774] ? srso_return_thunk+0x5/0x5f [ 150.778218] unregister_netdevice_queue+0x224/0x2e0 [ 150.778724] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 150.779268] ? up_write+0x195/0x520 [ 150.779662] _cfg80211_unregister_wdev+0x57b/0x700 [ 150.780164] ? srso_return_thunk+0x5/0x5f [ 150.780608] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 150.781107] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 150.781654] ? srso_return_thunk+0x5/0x5f [ 150.782088] ? srso_return_thunk+0x5/0x5f [ 150.782526] ? synchronize_rcu+0x1ff/0x260 [ 150.782953] ieee80211_unregister_hw+0x55/0x3a0 [ 150.783422] hwsim_exit_net+0x3a0/0x730 [ 150.783836] ? __pfx_hwsim_exit_net+0x10/0x10 [ 150.784288] ? srso_return_thunk+0x5/0x5f [ 150.784728] ? netdev_run_todo+0x788/0x1040 [ 150.785167] ? srso_return_thunk+0x5/0x5f [ 150.785605] ? __pfx_hwsim_exit_net+0x10/0x10 [ 150.786060] ops_exit_list+0xb3/0x180 [ 150.786452] cleanup_net+0x546/0xad0 [ 150.786837] ? __pfx_cleanup_net+0x10/0x10 [ 150.787276] process_one_work+0x8ee/0x1a10 [ 150.787729] ? __pfx_lock_acquire+0x10/0x10 [ 150.788170] ? __pfx_process_one_work+0x10/0x10 [ 150.788666] ? srso_return_thunk+0x5/0x5f [ 150.789100] ? move_linked_works+0x172/0x270 [ 150.789552] ? srso_return_thunk+0x5/0x5f [ 150.789989] ? assign_work+0x196/0x240 [ 150.790402] worker_thread+0x674/0xe70 [ 150.790821] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 150.791349] ? srso_return_thunk+0x5/0x5f [ 150.791785] ? __pfx_worker_thread+0x10/0x10 [ 150.792249] kthread+0x3ab/0x720 [ 150.792621] ? __pfx_kthread+0x10/0x10 [ 150.793029] ? srso_return_thunk+0x5/0x5f [ 150.793462] ? finish_task_switch.isra.0+0x206/0x840 [ 150.793978] ? __pfx_kthread+0x10/0x10 [ 150.794386] ret_from_fork+0x48/0x80 [ 150.794760] ? __pfx_kthread+0x10/0x10 [ 150.795173] ret_from_fork_asm+0x1a/0x30 [ 150.795615] [ 152.758944] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 152.767862] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 152.789678] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 152.793209] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 152.794964] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 152.796188] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 152.796874] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 152.798763] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 152.802868] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 152.803165] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 152.806755] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 152.807714] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 152.808876] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 152.811105] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 152.811381] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 152.812727] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 152.819874] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 152.821085] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 152.937482] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 152.938423] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 152.943580] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 152.945078] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 152.946807] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 152.947685] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 152.955252] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 152.956195] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 152.956960] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 152.957980] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 152.959957] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 152.961405] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 152.961402] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 152.962301] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 152.964990] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 152.965913] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 152.971756] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 152.980083] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 152.980227] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 152.983313] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 152.990649] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 152.990807] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 152.990876] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 153.001309] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 153.003742] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 153.018550] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 153.018653] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 153.020348] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 153.023651] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 153.024938] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 154.895510] Bluetooth: hci0: command tx timeout [ 154.895590] Bluetooth: hci2: command tx timeout [ 154.959637] Bluetooth: hci1: command tx timeout [ 155.024489] Bluetooth: hci4: command tx timeout [ 155.087580] Bluetooth: hci6: command tx timeout [ 155.087604] Bluetooth: hci5: command tx timeout [ 155.087648] Bluetooth: hci7: command tx timeout [ 155.087665] Bluetooth: hci3: command tx timeout [ 156.944662] Bluetooth: hci0: command tx timeout [ 156.945248] Bluetooth: hci2: command tx timeout [ 157.007767] Bluetooth: hci1: command tx timeout [ 157.071560] Bluetooth: hci4: command tx timeout [ 157.135689] Bluetooth: hci7: command tx timeout [ 157.137122] Bluetooth: hci5: command tx timeout [ 157.137153] Bluetooth: hci3: command tx timeout [ 157.137221] Bluetooth: hci6: command tx timeout [ 158.991877] Bluetooth: hci2: command tx timeout [ 158.992281] Bluetooth: hci0: command tx timeout [ 159.056712] Bluetooth: hci1: command tx timeout [ 159.119544] Bluetooth: hci4: command tx timeout [ 159.183667] Bluetooth: hci3: command tx timeout [ 159.183790] Bluetooth: hci5: command tx timeout [ 159.183921] Bluetooth: hci7: command tx timeout [ 159.184017] Bluetooth: hci6: command tx timeout VM DIAGNOSIS: 22:26:18 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=ffff88800eb55340 RCX=ffffffff81429a0f RDX=ffff88800eb55340 RSI=0000000000000000 RDI=0000000000000005 RBP=0000000000200000 RSP=ffff88800f1d7db8 R8 =0000000000000000 R9 =ffffed1001d7ac80 R10=0000000000200000 R11=1ffff1100d9c7850 R12=ffff88807b1e8ff9 R13=ffffffff8864de30 R14=ffff88800eb55340 R15=0000000000000086 RIP=ffffffff81429a11 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f2f44919ad0 CR3=0000000013340000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=0000000500000009000055a63d791a70 XMM02=ffffff0f0e0d0c0b0a09080706050403 XMM03=696e656420737365636341002f737973 XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=000055a63d7c1d00000055a63d7a5c50 XMM06=000055a63d7652400000000000000000 XMM07=00000000000000000000000000000000 XMM08=2f74656e2f73666e2f73662f7379732f XMM09=00000000000000000000000000000000 XMM10=00000000002000000000000000200000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff8283cd30 RDI=ffffffff886930a0 RBP=ffffffff88693060 RSP=ffff88800ed1eb20 R8 =0000000000000000 R9 =fffffbfff0be1544 R10=00000000000fe503 R11=6f6c206863696877 R12=0000000000000823 R13=0000000000000060 R14=fffffbfff10d2666 R15=dffffc0000000000 RIP=ffffffff8283cd85 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000001f27f60 CR3=00000000153ec000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=3bf9bf6b74bc56831847627653655b59 XMM02=00000000000feb20a3797342f9eb3dd9 XMM03=0000000000132fc868a8aee3740b9fad XMM04=47ee1cfa2bbb562200000000000ae988 XMM05=9f165a4fe6c971ad0000000000137ad8 XMM06=7c8d2a4f1e787a980000000000137a38 XMM07=2d6127dfa13260b70000000000133020 XMM08=68a8aee3740b9fad00000000000fec40 XMM09=00000000000000000000000000000000 XMM10=00000000000000000020000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000