syzkaller login: [ 65.792539] scp (246) used greatest stack depth: 24216 bytes left Warning: Permanently added '[localhost]:1612' (ECDSA) to the list of known hosts. 2025/01/17 22:13:04 fuzzer started 2025/01/17 22:13:04 dialing manager at localhost:44245 [ 67.166044] cgroup: Unknown subsys name 'net' [ 67.282416] cgroup: Unknown subsys name 'cpuset' [ 67.314324] cgroup: Unknown subsys name 'rlimit' [ 72.974184] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/17 22:13:22 syscalls: 2217 2025/01/17 22:13:22 code coverage: enabled 2025/01/17 22:13:22 comparison tracing: enabled 2025/01/17 22:13:22 extra coverage: enabled 2025/01/17 22:13:22 setuid sandbox: enabled 2025/01/17 22:13:22 namespace sandbox: enabled 2025/01/17 22:13:22 Android sandbox: enabled 2025/01/17 22:13:22 fault injection: enabled 2025/01/17 22:13:22 leak checking: enabled 2025/01/17 22:13:22 net packet injection: enabled 2025/01/17 22:13:22 net device setup: enabled 2025/01/17 22:13:22 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/17 22:13:22 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/17 22:13:22 USB emulation: enabled 2025/01/17 22:13:22 hci packet injection: enabled 2025/01/17 22:13:22 wifi device emulation: enabled 2025/01/17 22:13:22 802.15.4 emulation: enabled 2025/01/17 22:13:22 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/17 22:13:22 fetching corpus: 1, signal 573/2047 (executing program) 2025/01/17 22:13:22 fetching corpus: 1, signal 573/2047 (executing program) 2025/01/17 22:13:26 starting 8 fuzzer processes 22:13:26 executing program 0: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x5, 0x6}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) lseek(r0, 0x0, 0x4) 22:13:26 executing program 2: r0 = socket$nl_audit(0x10, 0x3, 0x9) bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x20}, 0xc) sendmsg$AUDIT_SET_FEATURE(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x20}, 0x20}}, 0x0) 22:13:26 executing program 1: prctl$PR_MCE_KILL(0x21, 0x0, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) add_key$keyring(0x0, &(0x7f0000000c00)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc) 22:13:26 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r0, &(0x7f0000000100)=[{&(0x7f0000000140)="84", 0x20000141}], 0x1, 0x0) write$binfmt_misc(r0, 0x0, 0x50) 22:13:26 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x11, r0, 0x0) rt_sigprocmask(0x0, &(0x7f0000000080), 0x0, 0x8) 22:13:26 executing program 5: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) sendmmsg(r0, &(0x7f00000047c0)=[{{&(0x7f00000008c0)=@ieee802154, 0x80, 0x0}}], 0x4000000000000f9, 0x0) 22:13:26 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = memfd_create(&(0x7f0000000000)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x05\x00\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\xff#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x04\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\x01\x00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\x01\x01\x00\x00\x00\x00\x00\x00\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/\\\x01\xe2\xba\x0e\xe3\xf95\x1d\x10\xa7\x97\xbf\x8e\xac\x81\xc9\x13\x8e\xb3\xf3\xb5d\xa1\xcf\x1d\x92\x9b\x9b\xa7\x12F\xa0\xe0\xff\x1a\x8e\xe2ae^=\n\xe1\xa6\xb8\xe9v\x8f2\xf4\xac\xe5\xdf\xffi`Mo\x1e\x1cMN<\x1b\xd8\xfe\xd6P\xcdQ\x83\xfa\xe7\x1d\xd5\x01n\xa7~\x8b\x90/62\xff;.S\xf7\x0flwa\x16\xf0\xf2(\x96V,\xd7s\xaaOE\xd3H\xfd`}\xd8\xbc\x9a\xca\xe3\n\xd7fCe\xd8\xbb\xdao\xb0\x85\xcc\xedv\x94\xb5\xc4\xb6[>\xb9,\xfch_-s\x94,F\x15\xd8m5>\x94\x84\xf5\x00\xc3\xf6m\xc7B\t{\xe0d\xc65(\x18\x9c\xad\x13b6\xca\x16\x95\xcb^zF\xd0\x1a\x8dP\x94\x19\xa4\xbfr=\xb6\xae', 0x0) ftruncate(r0, 0x2000000) readv(r0, &(0x7f0000000480)=[{&(0x7f0000000880)=""/107, 0x200000}], 0x1) 22:13:26 executing program 6: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x80000392}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff9000/0x3000)=nil, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)) ioctl$TUNSETCARRIER(r0, 0x400454e2, &(0x7f0000000140)) [ 89.501558] audit: type=1400 audit(1737152006.784:7): avc: denied { execmem } for pid=274 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 90.844217] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 90.850017] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 90.852595] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 90.860555] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 90.867389] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 90.870314] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 90.905221] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 90.908086] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 90.910036] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 90.917349] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 90.921862] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 90.923867] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 90.940107] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 90.950059] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 90.959376] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 90.967202] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 90.967430] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 90.969173] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 90.969718] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 90.971128] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 90.977144] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 90.978840] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 90.984154] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 90.984446] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 90.984868] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 90.985611] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 90.986121] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 90.994085] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 90.998579] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 91.005498] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 91.007728] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 91.009567] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 91.015459] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 91.015815] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 91.016821] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 91.021746] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 91.024700] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 91.024873] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 91.036519] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 91.062241] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 91.063392] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 91.063782] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 91.077802] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 91.080467] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 91.083622] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 91.093509] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 91.096108] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 91.098164] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 92.914054] Bluetooth: hci0: command tx timeout [ 92.976183] Bluetooth: hci1: command tx timeout [ 93.039094] Bluetooth: hci2: command tx timeout [ 93.039119] Bluetooth: hci4: command tx timeout [ 93.105006] Bluetooth: hci6: command tx timeout [ 93.105057] Bluetooth: hci3: command tx timeout [ 93.105432] Bluetooth: hci5: command tx timeout [ 93.167042] Bluetooth: hci7: command tx timeout [ 94.960040] Bluetooth: hci0: command tx timeout [ 95.024010] Bluetooth: hci1: command tx timeout [ 95.087155] Bluetooth: hci4: command tx timeout [ 95.088103] Bluetooth: hci2: command tx timeout [ 95.152465] Bluetooth: hci5: command tx timeout [ 95.152560] Bluetooth: hci3: command tx timeout [ 95.152661] Bluetooth: hci6: command tx timeout [ 95.215997] Bluetooth: hci7: command tx timeout [ 97.007021] Bluetooth: hci0: command tx timeout [ 97.073996] Bluetooth: hci1: command tx timeout [ 97.135235] Bluetooth: hci4: command tx timeout [ 97.135359] Bluetooth: hci2: command tx timeout [ 97.199022] Bluetooth: hci3: command tx timeout [ 97.199798] Bluetooth: hci5: command tx timeout [ 97.199850] Bluetooth: hci6: command tx timeout [ 97.263062] Bluetooth: hci7: command tx timeout [ 99.055304] Bluetooth: hci0: command tx timeout [ 99.119623] Bluetooth: hci1: command tx timeout [ 99.184981] Bluetooth: hci2: command tx timeout [ 99.185075] Bluetooth: hci4: command tx timeout [ 99.247129] Bluetooth: hci6: command tx timeout [ 99.247220] Bluetooth: hci5: command tx timeout [ 99.247270] Bluetooth: hci3: command tx timeout [ 99.311054] Bluetooth: hci7: command tx timeout [ 151.006815] syz-executor.2 (284) used greatest stack depth: 24160 bytes left [ 151.222905] [ 151.223170] ====================================================== [ 151.223766] WARNING: possible circular locking dependency detected [ 151.224367] 6.13.0-rc7-next-20250117 #1 Not tainted [ 151.224841] ------------------------------------------------------ [ 151.226373] kworker/u8:0/11 is trying to acquire lock: [ 151.227518] ffffffff8621b968 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 151.229932] [ 151.229932] but task is already holding lock: [ 151.231486] ffff8880135d8768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 151.233912] [ 151.233912] which lock already depends on the new lock. [ 151.233912] [ 151.234681] [ 151.234681] the existing dependency chain (in reverse order) is: [ 151.235400] [ 151.235400] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 151.236063] __mutex_lock+0x13d/0xb50 [ 151.236524] wiphy_register+0x1b2e/0x25d0 [ 151.237019] ieee80211_register_hw+0x23a4/0x3d60 [ 151.237565] mac80211_hwsim_new_radio+0x2759/0x4d50 [ 151.238137] init_mac80211_hwsim+0x389/0x870 [ 151.238660] do_one_initcall+0xf9/0x640 [ 151.239166] kernel_init_freeable+0x53d/0x7a0 [ 151.239698] kernel_init+0x1e/0x2d0 [ 151.240121] ret_from_fork+0x48/0x80 [ 151.240557] ret_from_fork_asm+0x1a/0x30 [ 151.241053] [ 151.241053] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 151.241683] __lock_acquire+0x29fd/0x4580 [ 151.242173] lock_acquire+0x19b/0x520 [ 151.242621] __mutex_lock+0x13d/0xb50 [ 151.243078] unregister_netdevice_many_notify+0x1612/0x1c80 [ 151.243712] unregister_netdevice_queue+0x224/0x2e0 [ 151.244260] _cfg80211_unregister_wdev+0x57b/0x700 [ 151.244823] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 151.245374] ieee80211_unregister_hw+0x55/0x3a0 [ 151.245910] hwsim_exit_net+0x3a0/0x730 [ 151.246386] ops_exit_list+0xb3/0x180 [ 151.246832] cleanup_net+0x546/0xad0 [ 151.247293] process_one_work+0x8ee/0x1a10 [ 151.247800] worker_thread+0x674/0xe70 [ 151.248275] kthread+0x3ab/0x720 [ 151.248697] ret_from_fork+0x48/0x80 [ 151.249141] ret_from_fork_asm+0x1a/0x30 [ 151.249641] [ 151.249641] other info that might help us debug this: [ 151.249641] [ 151.250398] Possible unsafe locking scenario: [ 151.250398] [ 151.250976] CPU0 CPU1 [ 151.251443] ---- ---- [ 151.251894] lock(&rdev->wiphy.mtx); [ 151.252303] lock(rtnl_mutex); [ 151.252883] lock(&rdev->wiphy.mtx); [ 151.253514] lock(rtnl_mutex); [ 151.253873] [ 151.253873] *** DEADLOCK *** [ 151.253873] [ 151.254444] 4 locks held by kworker/u8:0/11: [ 151.254880] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 151.255916] #1: ffff8880095dfd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 151.256893] #2: ffffffff8620f810 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 151.257804] #3: ffff8880135d8768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 151.258825] [ 151.258825] stack backtrace: [ 151.259275] CPU: 0 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.13.0-rc7-next-20250117 #1 [ 151.260073] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 151.260844] Workqueue: netns cleanup_net [ 151.261259] Call Trace: [ 151.261517] [ 151.261749] dump_stack_lvl+0xca/0x120 [ 151.262172] print_circular_bug+0x47b/0x750 [ 151.262622] check_noncircular+0x2e9/0x3c0 [ 151.263052] ? srso_return_thunk+0x5/0x5f [ 151.263513] ? __pfx_check_noncircular+0x10/0x10 [ 151.264004] ? hlock_class+0x4e/0x130 [ 151.264391] ? mark_lock+0xac/0xed0 [ 151.264771] ? srso_return_thunk+0x5/0x5f [ 151.265216] ? dl_scaled_delta_exec+0xd4/0x2c0 [ 151.265702] ? lockdep_lock+0xba/0x1b0 [ 151.266129] ? __pfx_lockdep_lock+0x10/0x10 [ 151.266593] __lock_acquire+0x29fd/0x4580 [ 151.267026] ? __pfx___lock_acquire+0x10/0x10 [ 151.267493] ? lock_release+0x20f/0x6f0 [ 151.267898] ? __pfx_lock_release+0x10/0x10 [ 151.268335] lock_acquire+0x19b/0x520 [ 151.268734] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 151.269327] ? __pfx_lock_acquire+0x10/0x10 [ 151.269764] ? srso_return_thunk+0x5/0x5f [ 151.270207] ? lock_release+0x20f/0x6f0 [ 151.270624] ? srso_return_thunk+0x5/0x5f [ 151.271062] ? lock_is_held_type+0x9e/0x120 [ 151.271537] ? srso_return_thunk+0x5/0x5f [ 151.271985] __mutex_lock+0x13d/0xb50 [ 151.272387] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 151.272962] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 151.273538] ? srso_return_thunk+0x5/0x5f [ 151.273970] ? synchronize_rcu_expedited+0x38a/0x420 [ 151.274485] ? __pfx___mutex_lock+0x10/0x10 [ 151.274929] ? __pfx_autoremove_wake_function+0x10/0x10 [ 151.275498] ? srso_return_thunk+0x5/0x5f [ 151.275938] ? kasan_quarantine_put+0x84/0x1e0 [ 151.276416] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 151.276872] ? srso_return_thunk+0x5/0x5f [ 151.277316] unregister_netdevice_many_notify+0x1612/0x1c80 [ 151.277876] ? __virt_addr_valid+0x2e8/0x5d0 [ 151.278337] ? __pfx_lock_release+0x10/0x10 [ 151.278785] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 151.279407] ? find_held_lock+0x2c/0x110 [ 151.279838] ? srso_return_thunk+0x5/0x5f [ 151.280278] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 151.280794] ? srso_return_thunk+0x5/0x5f [ 151.281237] ? lock_release+0x20f/0x6f0 [ 151.281662] ? __pfx_lock_release+0x10/0x10 [ 151.282095] ? srso_return_thunk+0x5/0x5f [ 151.282525] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 151.283057] ? srso_return_thunk+0x5/0x5f [ 151.283511] unregister_netdevice_queue+0x224/0x2e0 [ 151.284006] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 151.284548] ? up_write+0x195/0x520 [ 151.284938] _cfg80211_unregister_wdev+0x57b/0x700 [ 151.285434] ? srso_return_thunk+0x5/0x5f [ 151.285864] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 151.286360] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 151.286900] ? srso_return_thunk+0x5/0x5f [ 151.287352] ? srso_return_thunk+0x5/0x5f [ 151.287792] ? synchronize_rcu+0x1ff/0x260 [ 151.288214] ieee80211_unregister_hw+0x55/0x3a0 [ 151.288677] hwsim_exit_net+0x3a0/0x730 [ 151.289084] ? __pfx_hwsim_exit_net+0x10/0x10 [ 151.289538] ? srso_return_thunk+0x5/0x5f [ 151.289962] ? netdev_run_todo+0x788/0x1040 [ 151.290395] ? __pfx_hwsim_exit_net+0x10/0x10 [ 151.290849] ops_exit_list+0xb3/0x180 [ 151.291258] cleanup_net+0x546/0xad0 [ 151.291655] ? __pfx_cleanup_net+0x10/0x10 [ 151.292097] process_one_work+0x8ee/0x1a10 [ 151.292558] ? __pfx_lock_acquire+0x10/0x10 [ 151.293003] ? __pfx_process_one_work+0x10/0x10 [ 151.293489] ? srso_return_thunk+0x5/0x5f [ 151.293914] ? move_linked_works+0x172/0x270 [ 151.294354] ? srso_return_thunk+0x5/0x5f [ 151.294787] ? assign_work+0x196/0x240 [ 151.295217] worker_thread+0x674/0xe70 [ 151.295638] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 151.296160] ? __pfx_worker_thread+0x10/0x10 [ 151.296616] kthread+0x3ab/0x720 [ 151.296974] ? __pfx_kthread+0x10/0x10 [ 151.297382] ? srso_return_thunk+0x5/0x5f [ 151.297822] ? finish_task_switch.isra.0+0x206/0x840 [ 151.298334] ? __pfx_kthread+0x10/0x10 [ 151.298765] ret_from_fork+0x48/0x80 [ 151.299158] ? __pfx_kthread+0x10/0x10 [ 151.299574] ret_from_fork_asm+0x1a/0x30 [ 151.300026] [ 153.340488] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 153.342897] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 153.354485] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 153.358881] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 153.360127] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 153.367015] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 153.373323] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 153.375097] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 153.377311] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 153.385605] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 153.387492] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 153.388797] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 153.473473] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 153.497027] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 153.508436] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 153.520105] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 153.526488] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 153.537244] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 153.541348] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 153.541605] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 153.548242] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 153.563035] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 153.574405] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 153.582355] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 153.673671] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 153.685568] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 153.689760] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 153.722234] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 153.744875] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 153.752565] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 153.756391] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 153.760263] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 153.770461] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 153.772587] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 153.784369] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 153.787485] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 153.804583] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 153.807105] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 153.808128] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 153.818503] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 153.860334] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 153.860465] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 153.873226] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 153.880358] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 153.881153] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 153.885613] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 153.888033] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 153.889730] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 155.439153] Bluetooth: hci0: command tx timeout [ 155.439200] Bluetooth: hci1: command tx timeout [ 155.566973] Bluetooth: hci2: command tx timeout [ 155.630988] Bluetooth: hci3: command tx timeout [ 155.886980] Bluetooth: hci4: command tx timeout [ 155.950978] Bluetooth: hci7: command tx timeout [ 156.016354] Bluetooth: hci6: command tx timeout [ 156.017664] Bluetooth: hci5: command tx timeout [ 157.487061] Bluetooth: hci1: command tx timeout [ 157.488023] Bluetooth: hci0: command tx timeout [ 157.615155] Bluetooth: hci2: command tx timeout [ 157.679006] Bluetooth: hci3: command tx timeout [ 157.935024] Bluetooth: hci4: command tx timeout [ 158.001009] Bluetooth: hci7: command tx timeout [ 158.063120] Bluetooth: hci5: command tx timeout [ 158.063142] Bluetooth: hci6: command tx timeout [ 159.536301] Bluetooth: hci0: command tx timeout [ 159.536329] Bluetooth: hci1: command tx timeout [ 159.663133] Bluetooth: hci2: command tx timeout [ 159.727267] Bluetooth: hci3: command tx timeout [ 159.984011] Bluetooth: hci4: command tx timeout [ 160.047015] Bluetooth: hci7: command tx timeout [ 160.111227] Bluetooth: hci5: command tx timeout [ 160.112754] Bluetooth: hci6: command tx timeout VM DIAGNOSIS: 22:14:28 Registers: info registers vcpu 0 RAX=dffffc0000000000 RBX=ffff8880095de898 RCX=ffffffff84a50e2c RDX=0000000000000000 RSI=ffffffff84a50e3a RDI=ffffffff852d8d66 RBP=0000000000000033 RSP=ffff8880095de7e0 R8 =0000000000000001 R9 =ffffed10012bbd74 R10=0000000000000097 R11=fffffffffffca610 R12=0000000000000001 R13=0000000000000000 R14=ffff8880895deb9f R15=ffff8880095deba1 RIP=ffffffff84a50e6b RFL=00000017 [----APC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f55aa755620 CR3=00000000194cc000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=000000c000084510000000c0000ea360 XMM02=000000c0000ea360000000c0000ea330 XMM03=000000c0000ed8c0000000c000084510 XMM04=000000c0000ea450000000c0000ea420 XMM05=000000c0000ea4b0000000c0000ea480 XMM06=000000c0000ea510000000c0000ea4e0 XMM07=000000c0000dd8c0000000c0000ea540 XMM08=000000c000144c30000000c000144c00 XMM09=000000c000144c90000000c000144c60 XMM10=000000c000144cc0000000c0000855f0 XMM11=000000c000144d20000000c000144cf0 XMM12=000000c000144d80000000c000144d50 XMM13=000000c000396c00000000c000396800 XMM14=000000c0003a5c00000000c0003a4c00 XMM15=000000c0003b9c00000000c0003b4800 info registers vcpu 1 RAX=0000000000000001 RBX=ffff88800ed9e400 RCX=ffffffff81429a4a RDX=ffffed1001db3c81 RSI=0000000000000008 RDI=ffff88800ed9e400 RBP=0000000000200000 RSP=ffff88800f0d7da8 R8 =0000000000000000 R9 =ffffed1001db3c80 R10=ffff88800ed9e407 R11=0000000000000001 R12=ffff88807b309ff9 R13=ffffffff8864df18 R14=ffff88800ed1b780 R15=0000000000000086 RIP=ffffffff84ab0080 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000001f27f60 CR3=00000000194cc000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=0000000000000000416183eb00000000 XMM03=0000ff00000000000000000000000000 XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962 XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000