Warning: Permanently added '[localhost]:40456' (ECDSA) to the list of known hosts. 2025/01/21 16:43:32 fuzzer started 2025/01/21 16:43:33 dialing manager at localhost:44689 syzkaller login: [ 76.629915] cgroup: Unknown subsys name 'net' [ 76.733078] cgroup: Unknown subsys name 'cpuset' [ 76.770334] cgroup: Unknown subsys name 'rlimit' [ 82.542463] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/21 16:43:49 syscalls: 2217 2025/01/21 16:43:49 code coverage: enabled 2025/01/21 16:43:49 comparison tracing: enabled 2025/01/21 16:43:49 extra coverage: enabled 2025/01/21 16:43:49 setuid sandbox: enabled 2025/01/21 16:43:49 namespace sandbox: enabled 2025/01/21 16:43:49 Android sandbox: enabled 2025/01/21 16:43:49 fault injection: enabled 2025/01/21 16:43:49 leak checking: enabled 2025/01/21 16:43:49 net packet injection: enabled 2025/01/21 16:43:49 net device setup: enabled 2025/01/21 16:43:49 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/21 16:43:49 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/21 16:43:49 USB emulation: enabled 2025/01/21 16:43:49 hci packet injection: enabled 2025/01/21 16:43:49 wifi device emulation: enabled 2025/01/21 16:43:49 802.15.4 emulation: enabled 2025/01/21 16:43:49 fetching corpus: 0, signal 0/0 (executing program) 2025/01/21 16:43:49 fetching corpus: 0, signal 0/0 (executing program) 2025/01/21 16:43:52 starting 8 fuzzer processes 16:43:52 executing program 0: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da07000000000001090224000100000000090400000903000000092100000001222200090581030800000000"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x9, "2313"}, @global=@item_012={0x2, 0x1, 0x0, "e53f"}, @global=@item_4={0x3, 0x1, 0x0, '\f\x00'}, @local=@item_012={0x2, 0x2, 0x2, "9000"}, @global=@item_4={0x3, 0x1, 0x0, "0900be00"}, @main=@item_4={0x3, 0x0, 0x8}, @local=@item_4={0x3, 0x2, 0x0, "09007a15"}, @local=@item_4={0x3, 0x2, 0x0, "5d8c3dda"}]}}, 0x0}, 0x0) syz_usb_ep_write(r0, 0x81, 0x7, &(0x7f0000000000)='BBBBBBB') syz_usb_ep_write(r0, 0x81, 0x7, &(0x7f0000000000)='BBBBBBB') syz_usb_ep_write(r0, 0x81, 0x7, &(0x7f0000000000)='BBBBBBB') 16:43:52 executing program 1: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x47f, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x9, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x29}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000040)={0x24, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0x371, {0x9}}}, &(0x7f0000000080)={0xffffffffffffffeb, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0) 16:43:52 executing program 2: r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x3f0, 0x6c17, 0x40, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x12, 0x7, 0x1, 0x3, 0x0, "", {{}, [{}]}}}]}}]}}, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000400)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x20, 0x0, 0x1}}) 16:43:52 executing program 3: syz_emit_ethernet(0xbe, &(0x7f00000000c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x9c, 0x0, @wg}}}}}, 0x0) syz_emit_ethernet(0x9e, &(0x7f0000000180)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x90, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x7c, 0x0, @wg=@data={0x4, 0x0, 0x0, '\x00'/100}}}}}}, 0x0) 16:43:52 executing program 4: epoll_pwait2(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000080), &(0x7f00000000c0)={[0x3]}, 0x8) 16:43:52 executing program 5: syz_mount_image$iso9660(0x0, &(0x7f0000000fc0)='./file0/file0\x00', 0x7fffffff, 0x4, &(0x7f00000011c0)=[{&(0x7f0000001000)='.', 0x1, 0x8}, {&(0x7f0000001040)="01", 0x1}, {&(0x7f00000010c0)='(', 0x1}, {&(0x7f0000001180)="b2", 0x1, 0x3}], 0x0, 0x0) socket(0x0, 0x0, 0x0) [ 96.029180] audit: type=1400 audit(1737477832.774:7): avc: denied { execmem } for pid=273 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 16:43:52 executing program 7: syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0) syz_80211_inject_frame(&(0x7f00000000c0), &(0x7f0000000100)=@mgmt_frame=@beacon={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}, 0x36) 16:43:52 executing program 6: r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) r1 = socket$inet_udp(0x2, 0x2, 0x0) sendto$inet(r1, &(0x7f0000000080)='\x00'/10, 0xa, 0x0, &(0x7f00000000c0)={0x2, 0x4e20, @empty}, 0x10) recvfrom(r0, &(0x7f0000000100)=""/10, 0xa, 0x0, 0x0, 0x0) [ 97.577417] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 97.580419] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 97.581125] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 97.585778] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 97.586992] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 97.587792] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 97.716721] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 97.719112] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 97.720118] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 97.722804] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 97.725694] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 97.727201] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 97.729763] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 97.730922] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 97.732870] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 97.739536] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 97.747843] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 97.752837] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 97.814780] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 97.820915] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 97.828257] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 97.845705] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 97.858358] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 97.865162] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 97.866741] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 97.880172] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 97.883539] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 97.894854] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 97.901733] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 97.902994] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 97.911798] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 97.930517] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 97.932524] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 97.934765] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 97.936402] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 97.940077] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 97.948438] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 97.950598] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 97.951749] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 97.953828] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 97.955391] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 97.956435] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 97.958920] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 97.969172] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 97.975456] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 97.977018] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 97.978156] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 98.013913] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 99.610461] Bluetooth: hci0: command tx timeout [ 99.800480] Bluetooth: hci1: command tx timeout [ 99.864429] Bluetooth: hci2: command tx timeout [ 99.931597] Bluetooth: hci3: command tx timeout [ 99.993374] Bluetooth: hci4: command tx timeout [ 100.057837] Bluetooth: hci7: command tx timeout [ 100.121588] Bluetooth: hci5: command tx timeout [ 100.121668] Bluetooth: hci6: command tx timeout [ 101.657219] Bluetooth: hci0: command tx timeout [ 101.849634] Bluetooth: hci1: command tx timeout [ 101.913655] Bluetooth: hci2: command tx timeout [ 101.976506] Bluetooth: hci3: command tx timeout [ 102.043389] Bluetooth: hci4: command tx timeout [ 102.104399] Bluetooth: hci7: command tx timeout [ 102.168516] Bluetooth: hci6: command tx timeout [ 102.169331] Bluetooth: hci5: command tx timeout [ 103.704391] Bluetooth: hci0: command tx timeout [ 103.896387] Bluetooth: hci1: command tx timeout [ 103.960486] Bluetooth: hci2: command tx timeout [ 104.024379] Bluetooth: hci3: command tx timeout [ 104.089371] Bluetooth: hci4: command tx timeout [ 104.152528] Bluetooth: hci7: command tx timeout [ 104.216424] Bluetooth: hci5: command tx timeout [ 104.217072] Bluetooth: hci6: command tx timeout [ 105.754510] Bluetooth: hci0: command tx timeout [ 105.946470] Bluetooth: hci1: command tx timeout [ 106.008422] Bluetooth: hci2: command tx timeout [ 106.073571] Bluetooth: hci3: command tx timeout [ 106.137426] Bluetooth: hci4: command tx timeout [ 106.200450] Bluetooth: hci7: command tx timeout [ 106.266378] Bluetooth: hci6: command tx timeout [ 106.266404] Bluetooth: hci5: command tx timeout [ 160.035801] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 160.037154] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 160.038502] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 160.044477] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 160.046167] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 160.047543] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 160.174163] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 160.176198] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 160.177587] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 160.183698] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 160.185924] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 160.186532] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 160.234577] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 160.238005] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 160.246003] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 160.261525] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 160.273665] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 160.276217] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 160.460534] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 160.461948] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 160.463173] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 160.468197] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 160.475391] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 160.476759] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 160.526511] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 160.531678] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 160.549487] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 160.557422] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 160.559411] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 160.560616] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 160.582667] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 160.605876] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 160.608482] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 160.612701] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 160.621434] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 160.623481] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 160.624983] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 160.632592] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 160.635587] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 160.638444] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 160.647677] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 160.660443] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 160.690498] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 160.692436] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 160.722550] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 160.722914] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 160.724873] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 160.725954] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 162.072414] Bluetooth: hci0: command tx timeout [ 162.201537] Bluetooth: hci1: command tx timeout [ 162.328499] Bluetooth: hci2: command tx timeout [ 162.523388] Bluetooth: hci3: command tx timeout [ 162.712415] Bluetooth: hci7: command tx timeout [ 162.712475] Bluetooth: hci4: command tx timeout [ 162.840778] Bluetooth: hci5: command tx timeout [ 162.904434] Bluetooth: hci6: command tx timeout [ 164.120371] Bluetooth: hci0: command tx timeout [ 164.249379] Bluetooth: hci1: command tx timeout [ 164.377431] Bluetooth: hci2: command tx timeout [ 164.568363] Bluetooth: hci3: command tx timeout [ 164.760345] Bluetooth: hci4: command tx timeout [ 164.761755] Bluetooth: hci7: command tx timeout [ 164.888370] Bluetooth: hci5: command tx timeout [ 164.952378] Bluetooth: hci6: command tx timeout [ 166.169381] Bluetooth: hci0: command tx timeout [ 166.296426] Bluetooth: hci1: command tx timeout [ 166.426351] Bluetooth: hci2: command tx timeout [ 166.616444] Bluetooth: hci3: command tx timeout [ 166.808595] Bluetooth: hci7: command tx timeout [ 166.808801] Bluetooth: hci4: command tx timeout [ 166.936531] Bluetooth: hci5: command tx timeout [ 167.000406] Bluetooth: hci6: command tx timeout [ 168.216476] Bluetooth: hci0: command tx timeout [ 168.344395] Bluetooth: hci1: command tx timeout [ 168.472411] Bluetooth: hci2: command tx timeout [ 168.664363] Bluetooth: hci3: command tx timeout [ 168.856455] Bluetooth: hci4: command tx timeout [ 168.856556] Bluetooth: hci7: command tx timeout [ 168.985494] Bluetooth: hci5: command tx timeout [ 169.049375] Bluetooth: hci6: command tx timeout [ 219.422134] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 219.422289] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 220.367706] [ 220.368178] ====================================================== [ 220.369390] WARNING: possible circular locking dependency detected [ 220.370600] 6.13.0-next-20250121 #1 Not tainted [ 220.372348] ------------------------------------------------------ [ 220.375736] kworker/u8:1/67 is trying to acquire lock: [ 220.378866] ffffffff8621ece8 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 220.381687] [ 220.381687] but task is already holding lock: [ 220.382449] ffff8880289c8768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 220.383509] [ 220.383509] which lock already depends on the new lock. [ 220.383509] [ 220.384330] [ 220.384330] the existing dependency chain (in reverse order) is: [ 220.385088] [ 220.385088] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 220.385808] __mutex_lock+0x13d/0xb50 [ 220.386311] wiphy_register+0x1b2e/0x25d0 [ 220.386836] ieee80211_register_hw+0x23a4/0x3d60 [ 220.387413] mac80211_hwsim_new_radio+0x2759/0x4d60 [ 220.388018] init_mac80211_hwsim+0x389/0x870 [ 220.388578] do_one_initcall+0xf9/0x640 [ 220.389094] kernel_init_freeable+0x53d/0x7a0 [ 220.389668] kernel_init+0x1e/0x2d0 [ 220.390127] ret_from_fork+0x48/0x80 [ 220.390590] ret_from_fork_asm+0x1a/0x30 [ 220.391107] [ 220.391107] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 220.391770] __lock_acquire+0x29fd/0x4580 [ 220.392289] lock_acquire+0x19b/0x520 [ 220.392771] __mutex_lock+0x13d/0xb50 [ 220.393262] unregister_netdevice_many_notify+0x1612/0x1c80 [ 220.393931] unregister_netdevice_queue+0x224/0x2e0 [ 220.394529] _cfg80211_unregister_wdev+0x57b/0x700 [ 220.395126] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 220.395731] ieee80211_unregister_hw+0x55/0x3a0 [ 220.396293] hwsim_exit_net+0x3a0/0x730 [ 220.396793] ops_exit_list+0xb3/0x180 [ 220.397272] cleanup_net+0x546/0xad0 [ 220.397749] process_one_work+0x8ee/0x1a10 [ 220.398287] worker_thread+0x674/0xe70 [ 220.398788] kthread+0x3ab/0x720 [ 220.399235] ret_from_fork+0x48/0x80 [ 220.399693] ret_from_fork_asm+0x1a/0x30 [ 220.400208] [ 220.400208] other info that might help us debug this: [ 220.400208] [ 220.401008] Possible unsafe locking scenario: [ 220.401008] [ 220.401611] CPU0 CPU1 [ 220.402097] ---- ---- [ 220.402576] lock(&rdev->wiphy.mtx); [ 220.403008] lock(rtnl_mutex); [ 220.403631] lock(&rdev->wiphy.mtx); [ 220.404290] lock(rtnl_mutex); [ 220.404668] [ 220.404668] *** DEADLOCK *** [ 220.404668] [ 220.405272] 4 locks held by kworker/u8:1/67: [ 220.405738] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 220.406808] #1: ffff88800bc5fd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 220.407848] #2: ffffffff86212d10 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 220.408823] #3: ffff8880289c8768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 220.409909] [ 220.409909] stack backtrace: [ 220.410373] CPU: 1 UID: 0 PID: 67 Comm: kworker/u8:1 Not tainted 6.13.0-next-20250121 #1 [ 220.411177] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 220.411992] Workqueue: netns cleanup_net [ 220.412434] Call Trace: [ 220.412701] [ 220.412940] dump_stack_lvl+0xca/0x120 [ 220.413380] print_circular_bug+0x47b/0x750 [ 220.413849] check_noncircular+0x2e9/0x3c0 [ 220.414296] ? lock_repin_lock+0x207/0x320 [ 220.414766] ? __pfx_check_noncircular+0x10/0x10 [ 220.415267] ? hlock_class+0x4e/0x130 [ 220.415666] ? mark_lock+0xac/0xed0 [ 220.416062] ? __pfx_lock_repin_lock+0x10/0x10 [ 220.416569] ? lockdep_lock+0xba/0x1b0 [ 220.417005] ? __pfx_lockdep_lock+0x10/0x10 [ 220.417491] __lock_acquire+0x29fd/0x4580 [ 220.417952] ? __pfx___lock_acquire+0x10/0x10 [ 220.418432] ? lock_release+0x20f/0x6f0 [ 220.418863] ? __pfx_lock_release+0x10/0x10 [ 220.419329] lock_acquire+0x19b/0x520 [ 220.419748] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 220.420361] ? __pfx_lock_acquire+0x10/0x10 [ 220.420837] ? srso_return_thunk+0x5/0x5f [ 220.421300] ? lock_release+0x20f/0x6f0 [ 220.421737] ? srso_return_thunk+0x5/0x5f [ 220.422194] ? lock_is_held_type+0x9e/0x120 [ 220.422672] ? srso_return_thunk+0x5/0x5f [ 220.423132] __mutex_lock+0x13d/0xb50 [ 220.423567] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 220.424170] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 220.424780] ? srso_return_thunk+0x5/0x5f [ 220.425241] ? synchronize_rcu_expedited+0x38a/0x420 [ 220.425784] ? __pfx___mutex_lock+0x10/0x10 [ 220.426256] ? __pfx_autoremove_wake_function+0x10/0x10 [ 220.426822] ? srso_return_thunk+0x5/0x5f [ 220.427278] ? kasan_quarantine_put+0x84/0x1e0 [ 220.427782] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 220.428253] ? srso_return_thunk+0x5/0x5f [ 220.428716] unregister_netdevice_many_notify+0x1612/0x1c80 [ 220.429305] ? __virt_addr_valid+0x2e8/0x5d0 [ 220.429790] ? srso_return_thunk+0x5/0x5f [ 220.430247] ? mark_held_locks+0x9e/0xe0 [ 220.430681] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 220.431305] ? srso_return_thunk+0x5/0x5f [ 220.431766] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 220.432317] ? srso_return_thunk+0x5/0x5f [ 220.432778] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 220.433312] ? srso_return_thunk+0x5/0x5f [ 220.433777] ? lock_release+0x20f/0x6f0 [ 220.434206] ? __pfx_lock_release+0x10/0x10 [ 220.434662] ? __call_rcu_common.constprop.0+0x67b/0xb70 [ 220.435221] ? __call_rcu_common.constprop.0+0x680/0xb70 [ 220.435783] unregister_netdevice_queue+0x224/0x2e0 [ 220.436310] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 220.436878] ? up_write+0x195/0x520 [ 220.437289] _cfg80211_unregister_wdev+0x57b/0x700 [ 220.437828] ? srso_return_thunk+0x5/0x5f [ 220.438286] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 220.438811] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 220.439379] ? srso_return_thunk+0x5/0x5f [ 220.439838] ? srso_return_thunk+0x5/0x5f [ 220.440294] ? synchronize_rcu+0x1ff/0x260 [ 220.440745] ieee80211_unregister_hw+0x55/0x3a0 [ 220.441241] hwsim_exit_net+0x3a0/0x730 [ 220.441682] ? __pfx_hwsim_exit_net+0x10/0x10 [ 220.442163] ? srso_return_thunk+0x5/0x5f [ 220.442622] ? netdev_run_todo+0x788/0x1040 [ 220.443082] ? __pfx_hwsim_exit_net+0x10/0x10 [ 220.443552] ops_exit_list+0xb3/0x180 [ 220.443959] cleanup_net+0x546/0xad0 [ 220.444360] ? __pfx_cleanup_net+0x10/0x10 [ 220.444813] process_one_work+0x8ee/0x1a10 [ 220.445282] ? __pfx_lock_acquire+0x10/0x10 [ 220.445744] ? __pfx_process_one_work+0x10/0x10 [ 220.446251] ? srso_return_thunk+0x5/0x5f [ 220.446720] ? move_linked_works+0x172/0x270 [ 220.447185] ? srso_return_thunk+0x5/0x5f [ 220.447639] ? assign_work+0x196/0x240 [ 220.448074] worker_thread+0x674/0xe70 [ 220.448509] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 220.449059] ? srso_return_thunk+0x5/0x5f [ 220.449518] ? __pfx_worker_thread+0x10/0x10 [ 220.450011] kthread+0x3ab/0x720 [ 220.450394] ? __pfx_kthread+0x10/0x10 [ 220.450824] ? srso_return_thunk+0x5/0x5f [ 220.451279] ? finish_task_switch.isra.0+0x206/0x840 [ 220.451809] ? __pfx_kthread+0x10/0x10 [ 220.452235] ret_from_fork+0x48/0x80 [ 220.452622] ? __pfx_kthread+0x10/0x10 [ 220.453049] ret_from_fork_asm+0x1a/0x30 [ 220.453505] [ 221.857872] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 221.858541] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 221.864836] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 221.873775] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 221.875839] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 221.877746] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 221.918612] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 221.921312] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 221.923444] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 221.927080] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 221.930844] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 221.932500] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 222.137857] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 222.140043] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 222.146690] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 222.155529] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 222.155905] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 222.157497] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 222.158993] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 222.160094] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 222.162888] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 222.163115] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 222.166463] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 222.167011] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 222.187868] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 222.198804] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 222.201832] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 222.236507] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 222.243793] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 222.247505] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 222.329567] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 222.363324] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 222.371211] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 222.372352] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 222.378503] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 222.380217] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 222.380804] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 222.381100] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 222.390316] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 222.406304] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 222.417158] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 222.425003] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 222.425397] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 222.426216] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 222.426768] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 222.427042] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 222.444386] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 222.444783] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 223.897346] Bluetooth: hci0: command tx timeout [ 223.960373] Bluetooth: hci1: command tx timeout [ 224.216419] Bluetooth: hci2: command tx timeout [ 224.218323] Bluetooth: hci3: command tx timeout [ 224.281311] Bluetooth: hci4: command tx timeout [ 224.472523] Bluetooth: hci6: command tx timeout [ 224.472657] Bluetooth: hci5: command tx timeout [ 224.536444] Bluetooth: hci7: command tx timeout [ 225.945115] Bluetooth: hci0: command tx timeout [ 226.008397] Bluetooth: hci1: command tx timeout [ 226.264442] Bluetooth: hci3: command tx timeout [ 226.264564] Bluetooth: hci2: command tx timeout [ 226.328435] Bluetooth: hci4: command tx timeout [ 226.521273] Bluetooth: hci5: command tx timeout [ 226.521351] Bluetooth: hci6: command tx timeout [ 226.584573] Bluetooth: hci7: command tx timeout [ 227.992300] Bluetooth: hci0: command tx timeout [ 228.058275] Bluetooth: hci1: command tx timeout [ 228.312331] Bluetooth: hci2: command tx timeout [ 228.312405] Bluetooth: hci3: command tx timeout [ 228.376519] Bluetooth: hci4: command tx timeout [ 228.568436] Bluetooth: hci5: command tx timeout [ 228.569019] Bluetooth: hci6: command tx timeout [ 228.632386] Bluetooth: hci7: command tx timeout [ 230.040352] Bluetooth: hci0: command tx timeout [ 230.104306] Bluetooth: hci1: command tx timeout [ 230.360316] Bluetooth: hci3: command tx timeout [ 230.360390] Bluetooth: hci2: command tx timeout VM DIAGNOSIS: 16:45:57 Registers: info registers vcpu 0 RAX=ffff88800bc4b780 RBX=ffff888015aab9a8 RCX=ffffffff81429a4a RDX=1ffff11001782e00 RSI=0000000000000008 RDI=ffff88800bc17000 RBP=0000000000000000 RSP=ffff88800f26fdc8 R8 =0000000000000000 R9 =ffffed1001782e00 R10=ffff88800bc17007 R11=0000000000000532 R12=ffff888015aaba29 R13=ffff88800c16a000 R14=ffff88800bc4b780 R15=0000000000000082 RIP=ffffffff81ab92a3 RFL=00000057 [---ZAPC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055a1b8675090 CR3=000000000e7be000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=35343a3631203132206e614a3e30333c XMM01=7420646570706f7453203a5d315b646d XMM02=6c694b20465220657661532f64616f4c XMM03=747379732036353a35343a3631203132 XMM04=6456774875434142334f726f59427469 XMM05=485320415352203a3268737320303839 XMM06=206d6f726620746f6f7220726f662079 XMM07=00000000000000000000000000000000 XMM08=3a677562656420676f6c737973720000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000032 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8283eba5 RDI=ffffffff886990a0 RBP=ffffffff88699060 RSP=ffff88800bc5eb28 R8 =0000000000000001 R9 =ffffed100178bd55 R10=0000000000000032 R11=6666666666666666 R12=0000000000000032 R13=0000000000000001 R14=ffff888008fea005 R15=ffff88800bc5ee28 RIP=ffffffff8283ebfd RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f58571ab450 CR3=000000000e7e2000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=4253b27a825a61b865411113f829ca66 XMM02=00000000000fd4e85d82995fcda31112 XMM03=000000000012fc90ee7587d5db12e8e3 XMM04=92fa8a02738cd87900000000000ae988 XMM05=3cc027b654ebc5060000000000141058 XMM06=9f165a4fe6c971ad00000000001384c0 XMM07=711fbe8126c5d34400000000001383b8 XMM08=ee7587d5db12e8e300000000000fd540 XMM09=00000000000000000000000000000000 XMM10=20000000000000002000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000