syzkaller login: [ 68.727419] scp (239) used greatest stack depth: 24216 bytes left Warning: Permanently added '[localhost]:40589' (ECDSA) to the list of known hosts. 2025/01/19 02:35:38 fuzzer started 2025/01/19 02:35:39 dialing manager at localhost:44245 [ 71.957077] cgroup: Unknown subsys name 'net' [ 72.047813] cgroup: Unknown subsys name 'cpuset' [ 72.085149] cgroup: Unknown subsys name 'rlimit' [ 77.840149] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/19 02:35:55 syscalls: 2217 2025/01/19 02:35:55 code coverage: enabled 2025/01/19 02:35:55 comparison tracing: enabled 2025/01/19 02:35:55 extra coverage: enabled 2025/01/19 02:35:55 setuid sandbox: enabled 2025/01/19 02:35:55 namespace sandbox: enabled 2025/01/19 02:35:55 Android sandbox: enabled 2025/01/19 02:35:55 fault injection: enabled 2025/01/19 02:35:55 leak checking: enabled 2025/01/19 02:35:55 net packet injection: enabled 2025/01/19 02:35:55 net device setup: enabled 2025/01/19 02:35:55 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/19 02:35:55 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/19 02:35:55 USB emulation: enabled 2025/01/19 02:35:55 hci packet injection: enabled 2025/01/19 02:35:55 wifi device emulation: enabled 2025/01/19 02:35:55 802.15.4 emulation: enabled 2025/01/19 02:35:55 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/19 02:35:55 fetching corpus: 50, signal 23894/27010 (executing program) 2025/01/19 02:35:56 fetching corpus: 100, signal 34691/38774 (executing program) 2025/01/19 02:35:56 fetching corpus: 150, signal 44409/49081 (executing program) 2025/01/19 02:35:56 fetching corpus: 200, signal 48220/53693 (executing program) 2025/01/19 02:35:56 fetching corpus: 250, signal 54059/59933 (executing program) 2025/01/19 02:35:56 fetching corpus: 300, signal 59849/66006 (executing program) 2025/01/19 02:35:57 fetching corpus: 350, signal 64456/70851 (executing program) 2025/01/19 02:35:57 fetching corpus: 400, signal 67843/74450 (executing program) 2025/01/19 02:35:57 fetching corpus: 450, signal 71346/78004 (executing program) 2025/01/19 02:35:57 fetching corpus: 500, signal 74781/81393 (executing program) 2025/01/19 02:35:57 fetching corpus: 550, signal 77798/84333 (executing program) 2025/01/19 02:35:57 fetching corpus: 600, signal 80565/86931 (executing program) 2025/01/19 02:35:57 fetching corpus: 650, signal 83268/89385 (executing program) 2025/01/19 02:35:58 fetching corpus: 700, signal 85384/91371 (executing program) 2025/01/19 02:35:58 fetching corpus: 750, signal 86897/92844 (executing program) 2025/01/19 02:35:58 fetching corpus: 800, signal 89047/94682 (executing program) 2025/01/19 02:35:58 fetching corpus: 850, signal 90916/96248 (executing program) 2025/01/19 02:35:58 fetching corpus: 900, signal 93170/98002 (executing program) 2025/01/19 02:35:58 fetching corpus: 950, signal 95154/99518 (executing program) 2025/01/19 02:35:58 fetching corpus: 1000, signal 96580/100639 (executing program) 2025/01/19 02:35:59 fetching corpus: 1050, signal 98017/101653 (executing program) 2025/01/19 02:35:59 fetching corpus: 1100, signal 99397/102625 (executing program) 2025/01/19 02:35:59 fetching corpus: 1150, signal 100683/103510 (executing program) 2025/01/19 02:35:59 fetching corpus: 1200, signal 102250/104472 (executing program) 2025/01/19 02:35:59 fetching corpus: 1250, signal 104636/105769 (executing program) 2025/01/19 02:35:59 fetching corpus: 1275, signal 104999/105972 (executing program) 2025/01/19 02:35:59 fetching corpus: 1275, signal 104999/106016 (executing program) 2025/01/19 02:35:59 fetching corpus: 1275, signal 104999/106052 (executing program) 2025/01/19 02:35:59 fetching corpus: 1275, signal 104999/106086 (executing program) 2025/01/19 02:35:59 fetching corpus: 1275, signal 104999/106112 (executing program) 2025/01/19 02:35:59 fetching corpus: 1275, signal 104999/106144 (executing program) 2025/01/19 02:35:59 fetching corpus: 1275, signal 104999/106178 (executing program) 2025/01/19 02:35:59 fetching corpus: 1275, signal 104999/106211 (executing program) 2025/01/19 02:35:59 fetching corpus: 1275, signal 104999/106244 (executing program) 2025/01/19 02:35:59 fetching corpus: 1275, signal 104999/106292 (executing program) 2025/01/19 02:35:59 fetching corpus: 1275, signal 104999/106333 (executing program) 2025/01/19 02:35:59 fetching corpus: 1275, signal 104999/106379 (executing program) 2025/01/19 02:35:59 fetching corpus: 1275, signal 104999/106405 (executing program) 2025/01/19 02:35:59 fetching corpus: 1275, signal 104999/106438 (executing program) 2025/01/19 02:35:59 fetching corpus: 1275, signal 104999/106473 (executing program) 2025/01/19 02:35:59 fetching corpus: 1275, signal 104999/106511 (executing program) 2025/01/19 02:36:00 fetching corpus: 1275, signal 104999/106559 (executing program) 2025/01/19 02:36:00 fetching corpus: 1275, signal 104999/106591 (executing program) 2025/01/19 02:36:00 fetching corpus: 1275, signal 104999/106619 (executing program) 2025/01/19 02:36:00 fetching corpus: 1275, signal 104999/106653 (executing program) 2025/01/19 02:36:00 fetching corpus: 1275, signal 104999/106684 (executing program) 2025/01/19 02:36:00 fetching corpus: 1275, signal 104999/106725 (executing program) 2025/01/19 02:36:00 fetching corpus: 1275, signal 104999/106755 (executing program) 2025/01/19 02:36:00 fetching corpus: 1275, signal 104999/106789 (executing program) 2025/01/19 02:36:00 fetching corpus: 1275, signal 104999/106823 (executing program) 2025/01/19 02:36:00 fetching corpus: 1275, signal 104999/106850 (executing program) 2025/01/19 02:36:00 fetching corpus: 1275, signal 104999/106895 (executing program) 2025/01/19 02:36:00 fetching corpus: 1275, signal 104999/106905 (executing program) 2025/01/19 02:36:00 fetching corpus: 1275, signal 104999/106905 (executing program) 2025/01/19 02:36:03 starting 8 fuzzer processes 02:36:03 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c) sendmmsg$inet(r1, &(0x7f00000069c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000b00)={0x2, 0x4e23, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c"], 0x20}}], 0x2, 0x0) 02:36:03 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0xe7, 0x4) r1 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'sit0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000040)="3ddb8fd2955aec688abe", 0x7ffffffff000, 0x0, &(0x7f00000000c0)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @link_local}, 0x14) 02:36:03 executing program 2: perf_event_open(&(0x7f00000007c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0xc, 0xffffffffffffffff, 0x0) 02:36:03 executing program 3: r0 = getpid() r1 = pidfd_open(r0, 0x0) pidfd_send_signal(r1, 0x0, 0x0, 0x2) [ 95.801906] audit: type=1400 audit(1737254163.194:7): avc: denied { execmem } for pid=271 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 02:36:03 executing program 4: syz_emit_ethernet(0x52, &(0x7f0000000080)={@local, @random="b12361026e6a", @void, {@ipv4={0x800, @tcp={{0xc, 0x4, 0x0, 0x0, 0x44, 0x0, 0x0, 0x0, 0x6, 0x0, @dev, @dev, {[@timestamp_addr={0x7, 0x1c, 0x12, 0x1, 0x0, [{}, {@local}, {@private}]}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0) 02:36:03 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000004700)=[{{&(0x7f0000000bc0)={0xa, 0x4e22, 0x0, @empty}, 0x1c, 0x0}}], 0x1, 0x8004) sendmmsg$inet6(r0, &(0x7f0000000680)=[{{0x0, 0x80000, &(0x7f00000002c0)=[{&(0x7f0000000700)="cd", 0x5ac}], 0x1}}, {{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000001400)='D', 0x1}], 0x300}}], 0x2, 0x4048000) 02:36:03 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000440)={'wlan1\x00', &(0x7f0000000400)=ANY=[@ANYBLOB="01"]}) 02:36:03 executing program 7: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x10, &(0x7f0000000000)={&(0x7f0000000180)={0x24, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0xb}]}, 0x24}}, 0x0) syz_80211_join_ibss(&(0x7f0000000040)='wlan1\x00', &(0x7f0000000080)=@default_ap_ssid, 0x6, 0x0) [ 97.164054] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 97.165551] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 97.166874] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 97.169175] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 97.171725] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 97.172293] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 97.218301] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 97.223785] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 97.225047] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 97.229768] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 97.237833] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 97.239838] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 97.240383] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 97.241891] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 97.247859] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 97.251384] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 97.252230] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 97.253303] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 97.255394] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 97.256612] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 97.257924] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 97.265771] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 97.267075] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 97.273912] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 97.277809] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 97.280942] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 97.285177] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 97.295446] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 97.299817] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 97.303421] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 97.303831] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 97.310760] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 97.311975] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 97.313431] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 97.316077] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 97.317925] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 97.319033] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 97.321730] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 97.322991] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 97.328340] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 97.328775] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 97.332269] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 97.333916] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 97.341052] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 97.343599] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 97.344808] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 97.350969] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 97.352341] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 99.184946] Bluetooth: hci0: command tx timeout [ 99.313133] Bluetooth: hci4: command tx timeout [ 99.313690] Bluetooth: hci2: command tx timeout [ 99.375658] Bluetooth: hci3: command tx timeout [ 99.375805] Bluetooth: hci5: command tx timeout [ 99.376097] Bluetooth: hci1: command tx timeout [ 99.439878] Bluetooth: hci6: command tx timeout [ 99.439908] Bluetooth: hci7: command tx timeout [ 101.231592] Bluetooth: hci0: command tx timeout [ 101.359689] Bluetooth: hci4: command tx timeout [ 101.362523] Bluetooth: hci2: command tx timeout [ 101.423975] Bluetooth: hci5: command tx timeout [ 101.424819] Bluetooth: hci3: command tx timeout [ 101.424897] Bluetooth: hci1: command tx timeout [ 101.487768] Bluetooth: hci6: command tx timeout [ 101.488086] Bluetooth: hci7: command tx timeout [ 103.281529] Bluetooth: hci0: command tx timeout [ 103.410021] Bluetooth: hci2: command tx timeout [ 103.410158] Bluetooth: hci4: command tx timeout [ 103.471585] Bluetooth: hci5: command tx timeout [ 103.473122] Bluetooth: hci1: command tx timeout [ 103.473227] Bluetooth: hci3: command tx timeout [ 103.536018] Bluetooth: hci6: command tx timeout [ 103.536787] Bluetooth: hci7: command tx timeout [ 105.328565] Bluetooth: hci0: command tx timeout [ 105.456577] Bluetooth: hci4: command tx timeout [ 105.457200] Bluetooth: hci2: command tx timeout [ 105.520694] Bluetooth: hci3: command tx timeout [ 105.520827] Bluetooth: hci1: command tx timeout [ 105.520918] Bluetooth: hci5: command tx timeout [ 105.584561] Bluetooth: hci7: command tx timeout [ 105.584640] Bluetooth: hci6: command tx timeout [ 157.550837] syz-executor.4 (283) used greatest stack depth: 24016 bytes left [ 157.808871] [ 157.809125] ====================================================== [ 157.809740] WARNING: possible circular locking dependency detected [ 157.810339] 6.13.0-rc7-next-20250117 #1 Not tainted [ 157.810830] ------------------------------------------------------ [ 157.812375] kworker/u8:0/11 is trying to acquire lock: [ 157.813707] ffffffff8621b968 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 157.815749] [ 157.815749] but task is already holding lock: [ 157.817296] ffff88800bdc8768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 157.819304] [ 157.819304] which lock already depends on the new lock. [ 157.819304] [ 157.820919] [ 157.820919] the existing dependency chain (in reverse order) is: [ 157.821619] [ 157.821619] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 157.822268] __mutex_lock+0x13d/0xb50 [ 157.822725] wiphy_register+0x1b2e/0x25d0 [ 157.823212] ieee80211_register_hw+0x23a4/0x3d60 [ 157.823749] mac80211_hwsim_new_radio+0x2759/0x4d50 [ 157.824296] init_mac80211_hwsim+0x389/0x870 [ 157.824824] do_one_initcall+0xf9/0x640 [ 157.825326] kernel_init_freeable+0x53d/0x7a0 [ 157.825864] kernel_init+0x1e/0x2d0 [ 157.826297] ret_from_fork+0x48/0x80 [ 157.826736] ret_from_fork_asm+0x1a/0x30 [ 157.827240] [ 157.827240] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 157.827867] __lock_acquire+0x29fd/0x4580 [ 157.828363] lock_acquire+0x19b/0x520 [ 157.828828] __mutex_lock+0x13d/0xb50 [ 157.829293] unregister_netdevice_many_notify+0x1612/0x1c80 [ 157.829906] unregister_netdevice_queue+0x224/0x2e0 [ 157.830468] _cfg80211_unregister_wdev+0x57b/0x700 [ 157.831039] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 157.831619] ieee80211_unregister_hw+0x55/0x3a0 [ 157.832157] hwsim_exit_net+0x3a0/0x730 [ 157.832632] ops_exit_list+0xb3/0x180 [ 157.833083] cleanup_net+0x546/0xad0 [ 157.833526] process_one_work+0x8ee/0x1a10 [ 157.834042] worker_thread+0x674/0xe70 [ 157.834529] kthread+0x3ab/0x720 [ 157.834955] ret_from_fork+0x48/0x80 [ 157.835399] ret_from_fork_asm+0x1a/0x30 [ 157.835886] [ 157.835886] other info that might help us debug this: [ 157.835886] [ 157.836646] Possible unsafe locking scenario: [ 157.836646] [ 157.837222] CPU0 CPU1 [ 157.837665] ---- ---- [ 157.838111] lock(&rdev->wiphy.mtx); [ 157.838526] lock(rtnl_mutex); [ 157.839111] lock(&rdev->wiphy.mtx); [ 157.839749] lock(rtnl_mutex); [ 157.840099] [ 157.840099] *** DEADLOCK *** [ 157.840099] [ 157.840655] 4 locks held by kworker/u8:0/11: [ 157.841081] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 157.842078] #1: ffff8880095dfd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 157.843046] #2: ffffffff8620f810 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 157.843952] #3: ffff88800bdc8768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 157.844960] [ 157.844960] stack backtrace: [ 157.845399] CPU: 1 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.13.0-rc7-next-20250117 #1 [ 157.846204] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 157.846961] Workqueue: netns cleanup_net [ 157.847386] Call Trace: [ 157.847646] [ 157.847875] dump_stack_lvl+0xca/0x120 [ 157.848300] print_circular_bug+0x47b/0x750 [ 157.848734] check_noncircular+0x2e9/0x3c0 [ 157.849153] ? srso_return_thunk+0x5/0x5f [ 157.849587] ? __pfx_check_noncircular+0x10/0x10 [ 157.850060] ? hlock_class+0x4e/0x130 [ 157.850437] ? mark_lock+0xac/0xed0 [ 157.850815] ? srso_return_thunk+0x5/0x5f [ 157.851245] ? dl_scaled_delta_exec+0xd4/0x2c0 [ 157.851713] ? lockdep_lock+0xba/0x1b0 [ 157.852127] ? __pfx_lockdep_lock+0x10/0x10 [ 157.852583] __lock_acquire+0x29fd/0x4580 [ 157.853017] ? __pfx___lock_acquire+0x10/0x10 [ 157.853474] ? lock_release+0x20f/0x6f0 [ 157.853890] ? __pfx_lock_release+0x10/0x10 [ 157.854343] lock_acquire+0x19b/0x520 [ 157.854734] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 157.855309] ? __pfx_lock_acquire+0x10/0x10 [ 157.855750] ? srso_return_thunk+0x5/0x5f [ 157.856178] ? lock_release+0x20f/0x6f0 [ 157.856581] ? srso_return_thunk+0x5/0x5f [ 157.857013] ? lock_is_held_type+0x9e/0x120 [ 157.857454] ? srso_return_thunk+0x5/0x5f [ 157.857886] __mutex_lock+0x13d/0xb50 [ 157.858283] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 157.858849] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 157.859418] ? srso_return_thunk+0x5/0x5f [ 157.859850] ? synchronize_rcu_expedited+0x38a/0x420 [ 157.860349] ? __pfx___mutex_lock+0x10/0x10 [ 157.860791] ? __pfx_autoremove_wake_function+0x10/0x10 [ 157.861338] ? srso_return_thunk+0x5/0x5f [ 157.861780] ? kasan_quarantine_put+0x84/0x1e0 [ 157.862272] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 157.862731] ? srso_return_thunk+0x5/0x5f [ 157.863178] unregister_netdevice_many_notify+0x1612/0x1c80 [ 157.863762] ? __virt_addr_valid+0x2e8/0x5d0 [ 157.864223] ? __pfx_lock_release+0x10/0x10 [ 157.864674] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 157.865256] ? find_held_lock+0x2c/0x110 [ 157.865684] ? srso_return_thunk+0x5/0x5f [ 157.866114] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 157.866621] ? srso_return_thunk+0x5/0x5f [ 157.867052] ? lock_release+0x20f/0x6f0 [ 157.867477] ? __pfx_lock_release+0x10/0x10 [ 157.867915] ? srso_return_thunk+0x5/0x5f [ 157.868361] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 157.868902] ? srso_return_thunk+0x5/0x5f [ 157.869354] unregister_netdevice_queue+0x224/0x2e0 [ 157.869869] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 157.870412] ? up_write+0x195/0x520 [ 157.870804] _cfg80211_unregister_wdev+0x57b/0x700 [ 157.871323] ? srso_return_thunk+0x5/0x5f [ 157.871775] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 157.872285] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 157.872848] ? srso_return_thunk+0x5/0x5f [ 157.873291] ? srso_return_thunk+0x5/0x5f [ 157.873733] ? synchronize_rcu+0x1ff/0x260 [ 157.874161] ieee80211_unregister_hw+0x55/0x3a0 [ 157.874638] hwsim_exit_net+0x3a0/0x730 [ 157.875049] ? __pfx_hwsim_exit_net+0x10/0x10 [ 157.875525] ? srso_return_thunk+0x5/0x5f [ 157.875961] ? netdev_run_todo+0x788/0x1040 [ 157.876412] ? __pfx_hwsim_exit_net+0x10/0x10 [ 157.876866] ops_exit_list+0xb3/0x180 [ 157.877256] cleanup_net+0x546/0xad0 [ 157.877655] ? __pfx_cleanup_net+0x10/0x10 [ 157.878102] process_one_work+0x8ee/0x1a10 [ 157.878547] ? __pfx_lock_acquire+0x10/0x10 [ 157.878984] ? __pfx_process_one_work+0x10/0x10 [ 157.879491] ? srso_return_thunk+0x5/0x5f [ 157.879934] ? move_linked_works+0x172/0x270 [ 157.880395] ? srso_return_thunk+0x5/0x5f [ 157.880829] ? assign_work+0x196/0x240 [ 157.881237] worker_thread+0x674/0xe70 [ 157.881652] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 157.882179] ? __pfx_worker_thread+0x10/0x10 [ 157.882649] kthread+0x3ab/0x720 [ 157.883012] ? __pfx_kthread+0x10/0x10 [ 157.883417] ? srso_return_thunk+0x5/0x5f [ 157.883854] ? finish_task_switch.isra.0+0x206/0x840 [ 157.884376] ? __pfx_kthread+0x10/0x10 [ 157.884801] ret_from_fork+0x48/0x80 [ 157.885188] ? __pfx_kthread+0x10/0x10 [ 157.885608] ret_from_fork_asm+0x1a/0x30 [ 157.886061] [ 159.741097] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 159.743422] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 159.747843] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 159.756779] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 159.760626] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 159.763099] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 159.863055] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 159.865303] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 159.867083] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 159.870783] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 159.873448] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 159.875400] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 159.937695] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 159.944367] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 159.948874] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 159.958263] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 159.962802] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 159.964778] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 159.992968] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 159.997766] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 159.999637] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 160.004567] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 160.012755] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 160.014838] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 160.069945] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 160.079781] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 160.082398] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 160.096350] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 160.100773] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 160.115922] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 160.142249] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 160.144845] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 160.146835] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 160.152342] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 160.155231] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 160.176698] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 160.190840] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 160.192545] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 160.196977] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 160.213077] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 160.242650] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 160.255891] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 160.269272] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 160.272075] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 160.276783] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 160.279860] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 160.291831] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 160.301735] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 161.839689] Bluetooth: hci0: command tx timeout [ 161.904744] Bluetooth: hci1: command tx timeout [ 162.032541] Bluetooth: hci2: command tx timeout [ 162.097524] Bluetooth: hci3: command tx timeout [ 162.287715] Bluetooth: hci4: command tx timeout [ 162.352736] Bluetooth: hci7: command tx timeout [ 162.417535] Bluetooth: hci5: command tx timeout [ 162.417661] Bluetooth: hci6: command tx timeout [ 163.887662] Bluetooth: hci0: command tx timeout [ 163.952901] Bluetooth: hci1: command tx timeout [ 164.080544] Bluetooth: hci2: command tx timeout [ 164.143660] Bluetooth: hci3: command tx timeout [ 164.336537] Bluetooth: hci4: command tx timeout [ 164.400519] Bluetooth: hci7: command tx timeout [ 164.464232] Bluetooth: hci6: command tx timeout [ 164.464251] Bluetooth: hci5: command tx timeout [ 165.935639] Bluetooth: hci0: command tx timeout [ 165.999523] Bluetooth: hci1: command tx timeout [ 166.128503] Bluetooth: hci2: command tx timeout [ 166.192535] Bluetooth: hci3: command tx timeout [ 166.384548] Bluetooth: hci4: command tx timeout [ 166.448544] Bluetooth: hci7: command tx timeout [ 166.511594] Bluetooth: hci5: command tx timeout [ 166.511611] Bluetooth: hci6: command tx timeout VM DIAGNOSIS: 02:37:05 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=ffffffff85d04460 RCX=ffffffff81508fb4 RDX=ffffed10017f3fa8 RSI=0000000000000004 RDI=ffff88800bf9fd40 RBP=1ffff110017f3fa4 RSP=ffff88800bf9fd18 R8 =0000000000000001 R9 =ffffed10017f3fa8 R10=0000000000000003 R11=ffff88800bf904b8 R12=ffffffff85d04468 R13=ffffffff85d04470 R14=0000000000000246 R15=ffff8880112ae2e8 RIP=ffffffff81508fb8 RFL=00000097 [--S-APC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000c00033a000 CR3=000000000c13c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000008ffffffff0000560c3c6dc840 XMM02=ffffff0f0e0d0c0b0a09080706050403 XMM03=696e656420737365636341002f737973 XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=0000560c3c6d67700000560c3c6d6750 XMM06=000000000000000000000000ffffffff XMM07=00000000000000000000000000000000 XMM08=00000000000000310000000000000020 XMM09=00000000000000000000000000000000 XMM10=00000000002000000000000000200000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000065 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8283cdc5 RDI=ffffffff886930a0 RBP=ffffffff88693060 RSP=ffff8880095debb8 R8 =0000000000000001 R9 =ffffed10012bbd67 R10=0000000000000065 R11=6f6c206863696877 R12=0000000000000065 R13=0000000000000001 R14=ffff888008fea02e R15=ffff8880095deeb8 RIP=ffffffff8283ce1d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe6e00000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000560c3c6cdd70 CR3=0000000015dee000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=6576652d7372656b726f772d6c6c696b XMM02=ffffff0f0e0d0c0b0a09080706050403 XMM03=696e656420737365636341002f737973 XMM04=00000000000000000000000000000000 XMM05=0000560c3c6c9f600000560c3c6c92b0 XMM06=0000560c3c6d675000000003ffffffff XMM07=00000000000000000000000000000000 XMM08=2f74656e2f73666e2f73662f7379732f XMM09=00000000000000000000000000000000 XMM10=00000000002000000000000000200000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000