Warning: Permanently added '[localhost]:62919' (ECDSA) to the list of known hosts. 2025/01/21 16:01:45 fuzzer started 2025/01/21 16:01:45 dialing manager at localhost:44689 2025/01/21 16:01:46 checking machine... 2025/01/21 16:01:46 checking revisions... syzkaller login: [ 69.174982] kmemleak: Automatic memory scanning thread ended 2025/01/21 16:01:46 testing simple program... [ 69.317204] cgroup: Unknown subsys name 'net' [ 69.418732] cgroup: Unknown subsys name 'cpuset' [ 69.446103] cgroup: Unknown subsys name 'rlimit' executing program executing program [ 75.307982] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) executing program executing program executing program [ 85.149289] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 85.476242] audit: type=1400 audit(1737475322.640:7): avc: denied { execmem } for pid=272 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 86.607329] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 86.610799] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 86.615018] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 86.620814] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 86.624714] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 86.627329] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 executing program [ 88.685054] Bluetooth: hci0: command tx timeout executing program [ 90.734527] Bluetooth: hci0: command tx timeout [ 92.780475] Bluetooth: hci0: command tx timeout executing program [ 94.828867] Bluetooth: hci0: command tx timeout executing program executing program executing program executing program executing program executing program [ 112.520933] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.521079] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.581710] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.581808] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 2025/01/21 16:02:30 building call list... [ 113.211489] [ 113.212003] ====================================================== [ 113.213381] WARNING: possible circular locking dependency detected [ 113.214856] 6.13.0-next-20250121 #1 Not tainted [ 113.222006] ------------------------------------------------------ [ 113.223420] kworker/u8:0/11 is trying to acquire lock: [ 113.224631] ffffffff8621ece8 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 113.227036] [ 113.227036] but task is already holding lock: [ 113.228383] ffff888013a68768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 113.230714] [ 113.230714] which lock already depends on the new lock. [ 113.230714] [ 113.232484] [ 113.232484] the existing dependency chain (in reverse order) is: [ 113.234138] [ 113.234138] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 113.235683] __mutex_lock+0x13d/0xb50 [ 113.236752] wiphy_register+0x1b2e/0x25d0 [ 113.237938] ieee80211_register_hw+0x23a4/0x3d60 [ 113.239236] mac80211_hwsim_new_radio+0x2759/0x4d60 [ 113.240585] init_mac80211_hwsim+0x389/0x870 [ 113.241834] do_one_initcall+0xf9/0x640 [ 113.242990] kernel_init_freeable+0x53d/0x7a0 [ 113.244249] kernel_init+0x1e/0x2d0 [ 113.245270] ret_from_fork+0x48/0x80 [ 113.246312] ret_from_fork_asm+0x1a/0x30 [ 113.247497] [ 113.247497] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 113.248975] __lock_acquire+0x29fd/0x4580 [ 113.250162] lock_acquire+0x19b/0x520 [ 113.251198] __mutex_lock+0x13d/0xb50 [ 113.252254] unregister_netdevice_many_notify+0x1612/0x1c80 [ 113.253674] unregister_netdevice_queue+0x224/0x2e0 [ 113.254963] _cfg80211_unregister_wdev+0x57b/0x700 [ 113.256249] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 113.257517] ieee80211_unregister_hw+0x55/0x3a0 [ 113.258733] hwsim_exit_net+0x3a0/0x730 [ 113.259795] ops_exit_list+0xb3/0x180 [ 113.260799] cleanup_net+0x546/0xad0 [ 113.261799] process_one_work+0x8ee/0x1a10 [ 113.262965] worker_thread+0x674/0xe70 [ 113.264037] kthread+0x3ab/0x720 [ 113.264999] ret_from_fork+0x48/0x80 [ 113.265977] ret_from_fork_asm+0x1a/0x30 [ 113.267101] [ 113.267101] other info that might help us debug this: [ 113.267101] [ 113.268725] Possible unsafe locking scenario: [ 113.268725] [ 113.269956] CPU0 CPU1 [ 113.270960] ---- ---- [ 113.272008] lock(&rdev->wiphy.mtx); [ 113.272934] lock(rtnl_mutex); [ 113.274276] lock(&rdev->wiphy.mtx); [ 113.275606] lock(rtnl_mutex); [ 113.276403] [ 113.276403] *** DEADLOCK *** [ 113.276403] [ 113.277664] 4 locks held by kworker/u8:0/11: [ 113.278633] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 113.280871] #1: ffff8880095dfd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 113.283035] #2: ffffffff86212d10 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 113.285019] #3: ffff888013a68768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 113.287319] [ 113.287319] stack backtrace: [ 113.288369] CPU: 0 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.13.0-next-20250121 #1 [ 113.290168] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 113.291969] Workqueue: netns cleanup_net [ 113.292947] Call Trace: [ 113.293562] [ 113.294181] dump_stack_lvl+0xca/0x120 [ 113.295144] print_circular_bug+0x47b/0x750 [ 113.296054] check_noncircular+0x2e9/0x3c0 [ 113.296902] ? __pfx_check_noncircular+0x10/0x10 [ 113.297957] ? hlock_class+0x4e/0x130 [ 113.298929] ? mark_lock+0xac/0xed0 [ 113.299882] ? srso_return_thunk+0x5/0x5f [ 113.300986] ? lockdep_lock+0xba/0x1b0 [ 113.302033] ? __pfx_lockdep_lock+0x10/0x10 [ 113.303192] __lock_acquire+0x29fd/0x4580 [ 113.304281] ? __pfx___lock_acquire+0x10/0x10 [ 113.305431] ? lock_release+0x20f/0x6f0 [ 113.306471] ? __pfx_lock_release+0x10/0x10 [ 113.307573] lock_acquire+0x19b/0x520 [ 113.308549] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 113.309977] ? __pfx_lock_acquire+0x10/0x10 [ 113.311085] ? srso_return_thunk+0x5/0x5f [ 113.312155] ? lock_release+0x20f/0x6f0 [ 113.313173] ? srso_return_thunk+0x5/0x5f [ 113.314329] ? lock_is_held_type+0x9e/0x120 [ 113.315257] ? srso_return_thunk+0x5/0x5f [ 113.316146] __mutex_lock+0x13d/0xb50 [ 113.316990] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 113.318228] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 113.319413] ? srso_return_thunk+0x5/0x5f [ 113.320313] ? synchronize_rcu_expedited+0x38a/0x420 [ 113.321381] ? __pfx___mutex_lock+0x10/0x10 [ 113.322416] ? __pfx_autoremove_wake_function+0x10/0x10 [ 113.323814] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 113.324946] unregister_netdevice_many_notify+0x1612/0x1c80 [ 113.326406] ? __virt_addr_valid+0x2e8/0x5d0 [ 113.327664] ? __pfx_lock_release+0x10/0x10 [ 113.328756] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 113.330209] ? find_held_lock+0x2c/0x110 [ 113.331292] ? srso_return_thunk+0x5/0x5f [ 113.332276] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 113.333364] ? srso_return_thunk+0x5/0x5f [ 113.334307] ? lock_release+0x20f/0x6f0 [ 113.335162] ? __pfx_lock_release+0x10/0x10 [ 113.336108] ? srso_return_thunk+0x5/0x5f [ 113.337045] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 113.338206] ? srso_return_thunk+0x5/0x5f [ 113.339174] unregister_netdevice_queue+0x224/0x2e0 [ 113.340495] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 113.341691] ? up_write+0x195/0x520 [ 113.342539] _cfg80211_unregister_wdev+0x57b/0x700 [ 113.343591] ? srso_return_thunk+0x5/0x5f [ 113.344504] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 113.345546] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 113.346679] ? srso_return_thunk+0x5/0x5f [ 113.347583] ? srso_return_thunk+0x5/0x5f [ 113.348485] ? synchronize_rcu+0x1ff/0x260 [ 113.349376] ieee80211_unregister_hw+0x55/0x3a0 [ 113.350373] hwsim_exit_net+0x3a0/0x730 [ 113.351217] ? __pfx_hwsim_exit_net+0x10/0x10 [ 113.352222] ? srso_return_thunk+0x5/0x5f [ 113.353191] ? netdev_run_todo+0x788/0x1040 [ 113.354173] ? __pfx_hwsim_exit_net+0x10/0x10 [ 113.355196] ops_exit_list+0xb3/0x180 [ 113.356073] cleanup_net+0x546/0xad0 [ 113.356894] ? __pfx_cleanup_net+0x10/0x10 [ 113.357804] process_one_work+0x8ee/0x1a10 [ 113.358806] ? __pfx_lock_acquire+0x10/0x10 [ 113.359717] ? __pfx_process_one_work+0x10/0x10 [ 113.360698] ? srso_return_thunk+0x5/0x5f [ 113.361596] ? move_linked_works+0x172/0x270 [ 113.362532] ? srso_return_thunk+0x5/0x5f [ 113.363432] ? assign_work+0x196/0x240 [ 113.364303] worker_thread+0x674/0xe70 [ 113.365162] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 113.366238] ? __pfx_worker_thread+0x10/0x10 [ 113.367345] kthread+0x3ab/0x720 [ 113.368286] ? __pfx_kthread+0x10/0x10 [ 113.369224] ? srso_return_thunk+0x5/0x5f [ 113.370192] ? finish_task_switch.isra.0+0x206/0x840 [ 113.371359] ? __pfx_kthread+0x10/0x10 [ 113.372268] ret_from_fork+0x48/0x80 [ 113.373090] ? __pfx_kthread+0x10/0x10 [ 113.374128] ret_from_fork_asm+0x1a/0x30 [ 113.375107] executing program executing program [ 118.505853] audit: type=1400 audit(1737475355.670:8): avc: denied { create } for pid=253 comm="syz-fuzzer" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dccp_socket permissive=1 [ 119.384376] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list executing program [ 120.419986] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list 2025/01/21 16:02:39 syscalls: 2217 2025/01/21 16:02:39 code coverage: enabled 2025/01/21 16:02:39 comparison tracing: enabled 2025/01/21 16:02:39 extra coverage: ioctl(KCOV_DISABLE) failed: invalid argument 2025/01/21 16:02:39 setuid sandbox: enabled 2025/01/21 16:02:39 namespace sandbox: enabled 2025/01/21 16:02:39 Android sandbox: enabled 2025/01/21 16:02:39 fault injection: enabled 2025/01/21 16:02:39 leak checking: enabled 2025/01/21 16:02:39 net packet injection: enabled 2025/01/21 16:02:39 net device setup: enabled 2025/01/21 16:02:39 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/21 16:02:39 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/21 16:02:39 USB emulation: enabled 2025/01/21 16:02:39 hci packet injection: enabled 2025/01/21 16:02:39 wifi device emulation: enabled 2025/01/21 16:02:39 802.15.4 emulation: enabled 2025/01/21 16:02:39 fetching corpus: 0, signal 0/0 (executing program) 2025/01/21 16:02:39 fetching corpus: 0, signal 0/0 (executing program) VM DIAGNOSIS: 16:02:30 Registers: info registers vcpu 0 RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8283eba5 RDI=ffffffff886990a0 RBP=ffffffff88699060 RSP=ffff8880095debb8 R8 =0000000000000001 R9 =ffffed10012bbd67 R10=0000000000000030 R11=6465746e69612e36 R12=0000000000000030 R13=0000000000000001 R14=ffff888008fea015 R15=ffff8880095deeb8 RIP=ffffffff8283ebfd RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f71432ade80 CR3=000000001302a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=0000000000000000bfe62e42fefa39ef XMM03=0000ff00000000000000000000000000 XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962 XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000001 RBX=ffffffff8163dd60 RCX=ffffffff81601fff RDX=ffff888013968000 RSI=0000000000000000 RDI=0000000000000001 RBP=ffff88806cf2cb88 RSP=ffff88806cf09e30 R8 =0000000000000000 R9 =fffffbfff0c80afa R10=0000000000000001 R11=ffff88806cf09ff8 R12=000000000003a64c R13=ffff88806cf2d3d8 R14=ffff88806cf2cb40 R15=dffffc0000000000 RIP=ffffffff81602004 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000000c000030410 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe4300000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000c000885000 CR3=000000001302a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=776f68735f65646f6d5f69736d207420 XMM02=79735f69736d5f7866705f5f20742030 XMM03=30336234363531386666666666666666 XMM04=30303030303030303030303030303030 XMM05=30336234363531386666666666666666 XMM06=6d65725f73667379735f69736d207420 XMM07=666666666666660a637365645f65766f XMM08=66705f5f207420306563343635313866 XMM09=0a637365645f646e69665f69736d5f78 XMM10=30666334363531386666666666666666 XMM11=637365645f646e69665f69736d207420 XMM12=3965343635313866666666666666660a XMM13=00000000008a4dee00000000008a69cf XMM14=000000000089d9b900000000008a4694 XMM15=00000000004643c100000000004360f2