syzkaller login: [ 66.894182] sshd (231) used greatest stack depth: 24216 bytes left Warning: Permanently added '[localhost]:13926' (ECDSA) to the list of known hosts. 2025/01/17 21:29:13 fuzzer started 2025/01/17 21:29:14 dialing manager at localhost:44245 [ 70.002268] cgroup: Unknown subsys name 'net' [ 70.090108] cgroup: Unknown subsys name 'cpuset' [ 70.104098] cgroup: Unknown subsys name 'rlimit' [ 75.506622] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 86.515226] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/17 21:29:31 syscalls: 2217 2025/01/17 21:29:31 code coverage: enabled 2025/01/17 21:29:31 comparison tracing: enabled 2025/01/17 21:29:31 extra coverage: enabled 2025/01/17 21:29:31 setuid sandbox: enabled 2025/01/17 21:29:31 namespace sandbox: enabled 2025/01/17 21:29:31 Android sandbox: enabled 2025/01/17 21:29:31 fault injection: enabled 2025/01/17 21:29:31 leak checking: enabled 2025/01/17 21:29:31 net packet injection: enabled 2025/01/17 21:29:31 net device setup: enabled 2025/01/17 21:29:31 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/17 21:29:31 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/17 21:29:31 USB emulation: enabled 2025/01/17 21:29:31 hci packet injection: enabled 2025/01/17 21:29:31 wifi device emulation: enabled 2025/01/17 21:29:31 802.15.4 emulation: enabled 2025/01/17 21:29:31 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/17 21:29:31 fetching corpus: 1, signal 573/2047 (executing program) 2025/01/17 21:29:31 fetching corpus: 1, signal 573/2047 (executing program) 2025/01/17 21:29:35 starting 8 fuzzer processes 21:29:35 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='environ\x00') pread64(r0, &(0x7f00000000c0)=""/148, 0x94, 0x0) 21:29:35 executing program 3: futex(0x0, 0xc, 0x0, 0x0, &(0x7f0000001dc0), 0x0) 21:29:35 executing program 1: ioperm(0x0, 0x6d1f, 0x7) clock_settime(0x0, 0x0) 21:29:35 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)={0x1c, r1, 0x3ab, 0x0, 0x0, {{0x11}, {@void, @val={0x8}, @void}}}, 0x1c}}, 0x0) 21:29:35 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0x8, 0x0, &(0x7f0000001700)) [ 91.569410] audit: type=1400 audit(1737149375.976:7): avc: denied { execmem } for pid=270 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 21:29:35 executing program 7: prctl$PR_GET_SECUREBITS(0x1b) 21:29:36 executing program 5: r0 = syz_io_uring_setup(0x7644, &(0x7f0000000140), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) io_uring_register$IORING_REGISTER_FILES(r0, 0x11, 0x0, 0x0) 21:29:36 executing program 6: r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_SET_RESERVED_SIZE(r0, 0x5382, &(0x7f0000000840)) [ 93.207863] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 93.209394] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 93.214396] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 93.215830] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 93.217181] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 93.217561] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 93.229799] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 93.231490] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 93.233272] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 93.233750] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 93.235434] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 93.242444] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 93.250211] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 93.250709] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 93.251038] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 93.254499] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 93.256410] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 93.258780] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 93.261886] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 93.263050] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 93.270103] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 93.271523] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 93.272388] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 93.284281] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 93.317091] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 93.327929] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 93.341925] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 93.344972] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 93.345931] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 93.346798] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 93.350041] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 93.351015] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 93.352826] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 93.355088] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 93.357292] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 93.358232] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 93.367699] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 93.374842] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 93.375026] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 93.379546] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 93.380809] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 93.382286] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 93.383364] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 93.388950] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 93.398968] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 93.408387] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 93.415807] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 93.421898] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 95.350241] Bluetooth: hci3: command tx timeout [ 95.350693] Bluetooth: hci2: command tx timeout [ 95.350892] Bluetooth: hci1: command tx timeout [ 95.351075] Bluetooth: hci0: command tx timeout [ 95.413870] Bluetooth: hci5: command tx timeout [ 95.414503] Bluetooth: hci4: command tx timeout [ 95.478028] Bluetooth: hci7: command tx timeout [ 95.478861] Bluetooth: hci6: command tx timeout [ 97.396917] Bluetooth: hci0: command tx timeout [ 97.397016] Bluetooth: hci1: command tx timeout [ 97.397068] Bluetooth: hci2: command tx timeout [ 97.397116] Bluetooth: hci3: command tx timeout [ 97.461798] Bluetooth: hci4: command tx timeout [ 97.461984] Bluetooth: hci5: command tx timeout [ 97.526744] Bluetooth: hci6: command tx timeout [ 97.526862] Bluetooth: hci7: command tx timeout [ 99.445881] Bluetooth: hci0: command tx timeout [ 99.446472] Bluetooth: hci3: command tx timeout [ 99.446523] Bluetooth: hci2: command tx timeout [ 99.446628] Bluetooth: hci1: command tx timeout [ 99.512016] Bluetooth: hci4: command tx timeout [ 99.512857] Bluetooth: hci5: command tx timeout [ 99.573281] Bluetooth: hci6: command tx timeout [ 99.573382] Bluetooth: hci7: command tx timeout [ 101.493677] Bluetooth: hci1: command tx timeout [ 101.493887] Bluetooth: hci2: command tx timeout [ 101.494063] Bluetooth: hci3: command tx timeout [ 101.494209] Bluetooth: hci0: command tx timeout [ 101.557843] Bluetooth: hci5: command tx timeout [ 101.558044] Bluetooth: hci4: command tx timeout [ 101.620864] Bluetooth: hci6: command tx timeout [ 101.621020] Bluetooth: hci7: command tx timeout [ 155.530928] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 155.533522] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 155.536638] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 155.548291] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 155.555197] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 155.559045] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 155.577632] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 155.580410] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 155.582660] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 155.587347] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 155.592491] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 155.594487] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 155.662391] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 155.665779] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 155.667056] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 155.667899] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 155.668814] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 155.671920] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 155.673881] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 155.676419] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 155.679052] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 155.679258] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 155.680104] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 155.688827] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 155.774106] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 155.781060] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 155.782805] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 155.799687] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 155.802877] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 155.812653] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 155.843012] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 155.849646] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 155.857003] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 155.880804] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 155.883240] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 155.887669] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 155.934282] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 155.947079] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 155.975048] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 155.991784] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 155.997832] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 156.007840] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 156.080768] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 156.094792] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 156.097880] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 156.110083] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 156.122865] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 156.127079] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 157.620885] Bluetooth: hci1: command tx timeout [ 157.621734] Bluetooth: hci0: command tx timeout [ 157.749099] Bluetooth: hci3: command tx timeout [ 157.749787] Bluetooth: hci2: command tx timeout [ 157.876753] Bluetooth: hci4: command tx timeout [ 158.004724] Bluetooth: hci5: command tx timeout [ 158.069740] Bluetooth: hci6: command tx timeout [ 158.198189] Bluetooth: hci7: command tx timeout [ 159.668855] Bluetooth: hci1: command tx timeout [ 159.669747] Bluetooth: hci0: command tx timeout [ 159.797652] Bluetooth: hci2: command tx timeout [ 159.797689] Bluetooth: hci3: command tx timeout [ 159.924655] Bluetooth: hci4: command tx timeout [ 160.052711] Bluetooth: hci5: command tx timeout [ 160.116774] Bluetooth: hci6: command tx timeout [ 160.244637] Bluetooth: hci7: command tx timeout [ 161.718623] Bluetooth: hci0: command tx timeout [ 161.718717] Bluetooth: hci1: command tx timeout [ 161.844745] Bluetooth: hci3: command tx timeout [ 161.844773] Bluetooth: hci2: command tx timeout [ 161.975620] Bluetooth: hci4: command tx timeout [ 162.101669] Bluetooth: hci5: command tx timeout [ 162.164754] Bluetooth: hci6: command tx timeout [ 162.293632] Bluetooth: hci7: command tx timeout [ 163.765743] Bluetooth: hci1: command tx timeout [ 163.765941] Bluetooth: hci0: command tx timeout [ 163.892720] Bluetooth: hci2: command tx timeout [ 163.892759] Bluetooth: hci3: command tx timeout [ 164.020642] Bluetooth: hci4: command tx timeout [ 164.150605] Bluetooth: hci5: command tx timeout [ 164.212735] Bluetooth: hci6: command tx timeout [ 164.341835] Bluetooth: hci7: command tx timeout [ 213.976986] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 213.977104] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 214.372618] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 214.372706] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 215.982040] [ 215.982365] ====================================================== [ 215.983146] WARNING: possible circular locking dependency detected [ 215.983913] 6.13.0-rc7-next-20250117 #1 Not tainted [ 215.984835] ------------------------------------------------------ [ 215.986005] kworker/u8:1/65 is trying to acquire lock: [ 215.986958] ffffffff8621b968 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 215.988885] [ 215.988885] but task is already holding lock: [ 215.990122] ffff88803b440768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 215.991996] [ 215.991996] which lock already depends on the new lock. [ 215.991996] [ 215.993625] [ 215.993625] the existing dependency chain (in reverse order) is: [ 215.995424] [ 215.995424] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 215.996687] __mutex_lock+0x13d/0xb50 [ 215.997583] wiphy_register+0x1b2e/0x25d0 [ 215.998533] ieee80211_register_hw+0x23a4/0x3d60 [ 215.999642] mac80211_hwsim_new_radio+0x2759/0x4d50 [ 216.000808] init_mac80211_hwsim+0x389/0x870 [ 216.001505] do_one_initcall+0xf9/0x640 [ 216.002140] kernel_init_freeable+0x53d/0x7a0 [ 216.002843] kernel_init+0x1e/0x2d0 [ 216.003407] ret_from_fork+0x48/0x80 [ 216.003993] ret_from_fork_asm+0x1a/0x30 [ 216.004643] [ 216.004643] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 216.005463] __lock_acquire+0x29fd/0x4580 [ 216.006114] lock_acquire+0x19b/0x520 [ 216.006717] __mutex_lock+0x13d/0xb50 [ 216.007323] unregister_netdevice_many_notify+0x1612/0x1c80 [ 216.008156] unregister_netdevice_queue+0x224/0x2e0 [ 216.008896] _cfg80211_unregister_wdev+0x57b/0x700 [ 216.009636] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 216.010379] ieee80211_unregister_hw+0x55/0x3a0 [ 216.011077] hwsim_exit_net+0x3a0/0x730 [ 216.011706] ops_exit_list+0xb3/0x180 [ 216.012324] cleanup_net+0x546/0xad0 [ 216.012921] process_one_work+0x8ee/0x1a10 [ 216.013598] worker_thread+0x674/0xe70 [ 216.014240] kthread+0x3ab/0x720 [ 216.014810] ret_from_fork+0x48/0x80 [ 216.015385] ret_from_fork_asm+0x1a/0x30 [ 216.016048] [ 216.016048] other info that might help us debug this: [ 216.016048] [ 216.017052] Possible unsafe locking scenario: [ 216.017052] [ 216.017813] CPU0 CPU1 [ 216.018422] ---- ---- [ 216.019023] lock(&rdev->wiphy.mtx); [ 216.019568] lock(rtnl_mutex); [ 216.020357] lock(&rdev->wiphy.mtx); [ 216.021197] lock(rtnl_mutex); [ 216.021694] [ 216.021694] *** DEADLOCK *** [ 216.021694] [ 216.022463] 4 locks held by kworker/u8:1/65: [ 216.023051] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 216.024436] #1: ffff88800ec77d30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 216.025773] #2: ffffffff8620f810 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 216.027009] #3: ffff88803b440768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 216.028410] [ 216.028410] stack backtrace: [ 216.029003] CPU: 1 UID: 0 PID: 65 Comm: kworker/u8:1 Not tainted 6.13.0-rc7-next-20250117 #1 [ 216.030071] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 216.031122] Workqueue: netns cleanup_net [ 216.031685] Call Trace: [ 216.032033] [ 216.032338] dump_stack_lvl+0xca/0x120 [ 216.032903] print_circular_bug+0x47b/0x750 [ 216.033470] check_noncircular+0x2e9/0x3c0 [ 216.033949] ? __pfx_check_noncircular+0x10/0x10 [ 216.034465] ? hlock_class+0x4e/0x130 [ 216.034885] ? mark_lock+0xac/0xed0 [ 216.035299] ? srso_return_thunk+0x5/0x5f [ 216.035776] ? sched_clock+0x37/0x60 [ 216.036229] ? lockdep_lock+0xba/0x1b0 [ 216.036687] ? __pfx_lockdep_lock+0x10/0x10 [ 216.037187] __lock_acquire+0x29fd/0x4580 [ 216.037662] ? __pfx___lock_acquire+0x10/0x10 [ 216.038165] ? lock_release+0x20f/0x6f0 [ 216.038618] ? __pfx_lock_release+0x10/0x10 [ 216.039111] lock_acquire+0x19b/0x520 [ 216.039576] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 216.040240] ? __pfx_lock_acquire+0x10/0x10 [ 216.040741] ? srso_return_thunk+0x5/0x5f [ 216.041229] ? lock_release+0x20f/0x6f0 [ 216.041681] ? srso_return_thunk+0x5/0x5f [ 216.042168] ? lock_is_held_type+0x9e/0x120 [ 216.042673] ? srso_return_thunk+0x5/0x5f [ 216.043162] __mutex_lock+0x13d/0xb50 [ 216.043600] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 216.044242] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 216.044877] ? srso_return_thunk+0x5/0x5f [ 216.045358] ? synchronize_rcu_expedited+0x38a/0x420 [ 216.045912] ? __pfx___mutex_lock+0x10/0x10 [ 216.046398] ? __pfx_autoremove_wake_function+0x10/0x10 [ 216.046981] ? srso_return_thunk+0x5/0x5f [ 216.047460] ? kasan_quarantine_put+0x84/0x1e0 [ 216.047991] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 216.048487] ? srso_return_thunk+0x5/0x5f [ 216.048964] unregister_netdevice_many_notify+0x1612/0x1c80 [ 216.049571] ? __virt_addr_valid+0x2e8/0x5d0 [ 216.050078] ? __pfx_lock_release+0x10/0x10 [ 216.050554] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 216.051203] ? find_held_lock+0x2c/0x110 [ 216.051670] ? srso_return_thunk+0x5/0x5f [ 216.052150] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 216.052702] ? srso_return_thunk+0x5/0x5f [ 216.053176] ? lock_release+0x20f/0x6f0 [ 216.053621] ? __pfx_lock_release+0x10/0x10 [ 216.054101] ? srso_return_thunk+0x5/0x5f [ 216.054570] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 216.055147] ? srso_return_thunk+0x5/0x5f [ 216.055627] unregister_netdevice_queue+0x224/0x2e0 [ 216.056171] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 216.056759] ? up_write+0x195/0x520 [ 216.057180] _cfg80211_unregister_wdev+0x57b/0x700 [ 216.057725] ? srso_return_thunk+0x5/0x5f [ 216.058206] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 216.058743] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 216.059327] ? srso_return_thunk+0x5/0x5f [ 216.059794] ? srso_return_thunk+0x5/0x5f [ 216.060271] ? synchronize_rcu+0x1ff/0x260 [ 216.060740] ieee80211_unregister_hw+0x55/0x3a0 [ 216.061259] hwsim_exit_net+0x3a0/0x730 [ 216.061697] ? __pfx_hwsim_exit_net+0x10/0x10 [ 216.062183] ? srso_return_thunk+0x5/0x5f [ 216.062651] ? netdev_run_todo+0x788/0x1040 [ 216.063126] ? __pfx_hwsim_exit_net+0x10/0x10 [ 216.063615] ops_exit_list+0xb3/0x180 [ 216.064046] cleanup_net+0x546/0xad0 [ 216.064469] ? __pfx_cleanup_net+0x10/0x10 [ 216.064954] process_one_work+0x8ee/0x1a10 [ 216.065446] ? __pfx_lock_acquire+0x10/0x10 [ 216.065917] ? __pfx_process_one_work+0x10/0x10 [ 216.066460] ? srso_return_thunk+0x5/0x5f [ 216.066936] ? move_linked_works+0x172/0x270 [ 216.067427] ? srso_return_thunk+0x5/0x5f [ 216.067897] ? assign_work+0x196/0x240 [ 216.068351] worker_thread+0x674/0xe70 [ 216.068795] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 216.069374] ? srso_return_thunk+0x5/0x5f [ 216.069848] ? __pfx_worker_thread+0x10/0x10 [ 216.070352] kthread+0x3ab/0x720 [ 216.070746] ? __pfx_kthread+0x10/0x10 [ 216.071189] ? srso_return_thunk+0x5/0x5f [ 216.071662] ? finish_task_switch.isra.0+0x206/0x840 [ 216.072236] ? __pfx_kthread+0x10/0x10 [ 216.072686] ret_from_fork+0x48/0x80 [ 216.073093] ? __pfx_kthread+0x10/0x10 [ 216.073542] ret_from_fork_asm+0x1a/0x30 [ 216.074024] [ 217.788265] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 217.790457] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 217.792849] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 217.796943] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 217.800859] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 217.804920] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 217.913974] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 217.918041] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 217.921854] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 217.925866] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 217.932175] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 217.933201] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 217.977504] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 217.985133] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 217.985640] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 217.986329] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 217.992927] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 218.006388] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 218.014682] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 218.022369] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 218.022648] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 218.025201] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 218.025848] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 218.026794] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 218.049943] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 218.051740] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 218.053393] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 218.067745] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 218.076746] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 218.094770] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 218.139825] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 218.162328] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 218.171897] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 218.182990] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 218.184152] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 218.241242] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 218.250829] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 218.270143] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 218.276988] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 218.287342] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 218.292088] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 218.316223] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 218.328985] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 218.341129] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 218.351798] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 218.355888] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 218.371966] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 218.386846] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 219.829751] Bluetooth: hci0: command tx timeout [ 219.957573] Bluetooth: hci1: command tx timeout [ 220.085608] Bluetooth: hci3: command tx timeout [ 220.085623] Bluetooth: hci2: command tx timeout [ 220.148872] Bluetooth: hci4: command tx timeout [ 220.468904] Bluetooth: hci6: command tx timeout [ 220.468978] Bluetooth: hci5: command tx timeout [ 220.469898] Bluetooth: hci7: command tx timeout [ 221.877399] Bluetooth: hci0: command tx timeout [ 222.004659] Bluetooth: hci1: command tx timeout [ 222.133581] Bluetooth: hci2: command tx timeout [ 222.133647] Bluetooth: hci3: command tx timeout [ 222.199020] Bluetooth: hci4: command tx timeout [ 222.516782] Bluetooth: hci7: command tx timeout [ 222.516929] Bluetooth: hci5: command tx timeout [ 222.517075] Bluetooth: hci6: command tx timeout [ 223.925635] Bluetooth: hci0: command tx timeout [ 224.053708] Bluetooth: hci1: command tx timeout [ 224.181832] Bluetooth: hci3: command tx timeout [ 224.182026] Bluetooth: hci2: command tx timeout [ 224.245625] Bluetooth: hci4: command tx timeout [ 224.564713] Bluetooth: hci6: command tx timeout [ 224.565303] Bluetooth: hci5: command tx timeout [ 224.565370] Bluetooth: hci7: command tx timeout [ 225.973752] Bluetooth: hci0: command tx timeout VM DIAGNOSIS: 21:31:40 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=ffff88800f070000 RCX=ffffffff81429a0f RDX=ffff88800f070000 RSI=0000000000000000 RDI=0000000000000005 RBP=0000000000200000 RSP=ffff88800f07fdb8 R8 =0000000000000000 R9 =ffffed1001d59e80 R10=0000000000200000 R11=0000000000000000 R12=ffff88800b1ffff9 R13=ffff88800ab096f0 R14=ffff88800f070000 R15=0000000000000086 RIP=ffffffff81429a0f RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f445fbee8e8 CR3=000000000d862000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000004109ad4000000000 XMM03=0000ff00000000000000000000000000 XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962 XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=dffffc0000000005 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9 RSI=ffffffff8283cd30 RDI=ffffffff886930a0 RBP=ffffffff88693060 RSP=ffff88800ec76b40 R8 =0000000000000001 R9 =ffffed1001d8ed57 R10=0000000000000001 R11=6d20202020202020 R12=ffffffff886930b0 R13=ffff88800ec76e38 R14=ffffffff88693320 R15=0000000000000000 RIP=ffffffff8283cd85 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe1000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffd1622b160 CR3=000000000d862000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000000000000000000000 XMM03=000000c000157340000000c00006a280 XMM04=000000c0001460c0000000c000146090 XMM05=000000c000146120000000c0001460f0 XMM06=000000c0000874d0000000c000146150 XMM07=000000c0001458c0000000c000146180 XMM08=000000c0001464e0000000c0001464b0 XMM09=000000c000087530000000c000146510 XMM10=000000c000146570000000c000146540 XMM11=000000c0001465d0000000c0001465a0 XMM12=000000c000146630000000c000146600 XMM13=000000c000146690000000c000146660 XMM14=000000c0001466f0000000c0001466c0 XMM15=000000c00014a160000000c000087560