Warning: Permanently added '[localhost]:32055' (ECDSA) to the list of known hosts. 2025/01/18 03:38:41 fuzzer started 2025/01/18 03:38:41 dialing manager at localhost:44245 syzkaller login: [ 76.815747] cgroup: Unknown subsys name 'net' [ 76.903730] cgroup: Unknown subsys name 'cpuset' [ 76.915771] cgroup: Unknown subsys name 'rlimit' [ 83.725043] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/18 03:38:59 syscalls: 2217 2025/01/18 03:38:59 code coverage: enabled 2025/01/18 03:38:59 comparison tracing: enabled 2025/01/18 03:38:59 extra coverage: enabled 2025/01/18 03:38:59 setuid sandbox: enabled 2025/01/18 03:38:59 namespace sandbox: enabled 2025/01/18 03:38:59 Android sandbox: enabled 2025/01/18 03:38:59 fault injection: enabled 2025/01/18 03:38:59 leak checking: enabled 2025/01/18 03:38:59 net packet injection: enabled 2025/01/18 03:38:59 net device setup: enabled 2025/01/18 03:38:59 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/18 03:38:59 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/18 03:38:59 USB emulation: enabled 2025/01/18 03:38:59 hci packet injection: enabled 2025/01/18 03:38:59 wifi device emulation: enabled 2025/01/18 03:38:59 802.15.4 emulation: enabled 2025/01/18 03:38:59 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/18 03:38:59 fetching corpus: 50, signal 31738/34173 (executing program) 2025/01/18 03:38:59 fetching corpus: 100, signal 41437/44354 (executing program) 2025/01/18 03:38:59 fetching corpus: 150, signal 46586/49984 (executing program) 2025/01/18 03:39:00 fetching corpus: 200, signal 50905/54644 (executing program) 2025/01/18 03:39:00 fetching corpus: 250, signal 55353/59187 (executing program) 2025/01/18 03:39:00 fetching corpus: 300, signal 61249/64664 (executing program) 2025/01/18 03:39:00 fetching corpus: 350, signal 64533/67776 (executing program) 2025/01/18 03:39:01 fetching corpus: 400, signal 69278/71863 (executing program) 2025/01/18 03:39:01 fetching corpus: 450, signal 74531/76130 (executing program) 2025/01/18 03:39:01 fetching corpus: 500, signal 77806/78648 (executing program) 2025/01/18 03:39:01 fetching corpus: 528, signal 78927/79494 (executing program) 2025/01/18 03:39:01 fetching corpus: 528, signal 78927/79546 (executing program) 2025/01/18 03:39:01 fetching corpus: 528, signal 78927/79600 (executing program) 2025/01/18 03:39:01 fetching corpus: 528, signal 78927/79643 (executing program) 2025/01/18 03:39:01 fetching corpus: 528, signal 78927/79686 (executing program) 2025/01/18 03:39:01 fetching corpus: 528, signal 78927/79737 (executing program) 2025/01/18 03:39:01 fetching corpus: 528, signal 78927/79780 (executing program) 2025/01/18 03:39:01 fetching corpus: 528, signal 78927/79824 (executing program) 2025/01/18 03:39:01 fetching corpus: 528, signal 78927/79865 (executing program) 2025/01/18 03:39:01 fetching corpus: 528, signal 78927/79914 (executing program) 2025/01/18 03:39:01 fetching corpus: 528, signal 78927/79965 (executing program) 2025/01/18 03:39:01 fetching corpus: 528, signal 78927/80009 (executing program) 2025/01/18 03:39:01 fetching corpus: 528, signal 78927/80052 (executing program) 2025/01/18 03:39:01 fetching corpus: 528, signal 78927/80093 (executing program) 2025/01/18 03:39:01 fetching corpus: 528, signal 78927/80145 (executing program) 2025/01/18 03:39:01 fetching corpus: 528, signal 78927/80192 (executing program) 2025/01/18 03:39:01 fetching corpus: 528, signal 78927/80236 (executing program) 2025/01/18 03:39:01 fetching corpus: 528, signal 78927/80284 (executing program) 2025/01/18 03:39:01 fetching corpus: 528, signal 78927/80333 (executing program) 2025/01/18 03:39:01 fetching corpus: 528, signal 78927/80373 (executing program) 2025/01/18 03:39:01 fetching corpus: 528, signal 78927/80416 (executing program) 2025/01/18 03:39:01 fetching corpus: 528, signal 78927/80465 (executing program) 2025/01/18 03:39:01 fetching corpus: 528, signal 78927/80514 (executing program) 2025/01/18 03:39:01 fetching corpus: 528, signal 78927/80556 (executing program) 2025/01/18 03:39:01 fetching corpus: 528, signal 78927/80609 (executing program) 2025/01/18 03:39:01 fetching corpus: 528, signal 78927/80665 (executing program) 2025/01/18 03:39:02 fetching corpus: 528, signal 78927/80716 (executing program) 2025/01/18 03:39:02 fetching corpus: 528, signal 78927/80758 (executing program) 2025/01/18 03:39:02 fetching corpus: 528, signal 78927/80798 (executing program) 2025/01/18 03:39:02 fetching corpus: 528, signal 78927/80820 (executing program) 2025/01/18 03:39:02 fetching corpus: 528, signal 78927/80820 (executing program) 2025/01/18 03:39:05 starting 8 fuzzer processes 03:39:05 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) fremovexattr(r0, &(0x7f0000001400)=@known='user.incfs.metadata\x00') 03:39:05 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() rt_sigqueueinfo(r2, 0x0, &(0x7f0000000000)) perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x7, 0x6, 0x6, 0x3, 0x0, 0x1, 0x201, 0x8, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x574, 0x0, @perf_bp={&(0x7f0000000040), 0xc}, 0x8000, 0x80, 0x90000000, 0x6, 0x8, 0x2, 0x9b, 0x0, 0x5}, r2, 0xe, r1, 0x0) perf_event_open(&(0x7f0000000100)={0x4, 0x80, 0x81, 0x4, 0x9, 0x3f, 0x0, 0xfffffffffffffff9, 0x800, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x6, 0x4, @perf_bp={&(0x7f0000000000), 0x12}, 0x10000, 0x4, 0x200000, 0x5, 0xf10, 0x40, 0x4, 0x0, 0x5, 0x0, 0x7f}, 0x0, 0x6, r0, 0x3) r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x26e1, 0x0) syncfs(r3) 03:39:05 executing program 2: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_SETSEL(r0, 0x5609, &(0x7f0000000000)) 03:39:05 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x30, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_MCAST_RATE={0x8}]}, 0x30}}, 0x0) [ 100.464034] audit: type=1400 audit(1737171545.733:7): avc: denied { execmem } for pid=285 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 03:39:05 executing program 4: prctl$PR_SET_MM_MAP(0xd, 0xe, 0x0, 0x0) 03:39:05 executing program 5: mknod(&(0x7f0000000200)='./file0\x00', 0x1000, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x189002, 0x0) open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) 03:39:05 executing program 6: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file1\x00', 0x0, 0x30, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000000)='devpts\x00', 0x0, 0x0) r0 = syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000080)='./file1\x00', 0x0, 0x0, 0x0, 0x460, &(0x7f0000000180)) mknodat$loop(r0, &(0x7f0000000140)='./file1\x00', 0x2000, 0x0) 03:39:05 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x80000, 0xc, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400028020000200000004f8000020004000000000000000000001000000000000000200000001000600000000000000000000000000800029a3169df153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa5252614100"/64, 0x40, 0x1e0}, {&(0x7f0000010200)="00000000727241610100000007000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="eb58906d6b66732e66617400028020000200000004f8000020004000000000000000000001000000000000000200000001000600000000000000000000000000800029a3169df153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0, 0xc00}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4000}, {&(0x7f0000010600)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4200}, {&(0x7f0000010700)="53595a4b414c4c45522020080000ea80325132510000ea80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100034eb70325132510000eb70325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200034eb70325132510000eb70325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200035eb70325132510000eb70325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200035eb70325132510000eb703251070064000000", 0x120, 0x4400}, {&(0x7f0000010900)="2e20202020202020202020100034eb70325132510000eb7032510300000000002e2e202020202020202020100034eb70325132510000eb70325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200034eb70325132510000eb70325104001a040000", 0x80, 0x14400}, {&(0x7f0000010a00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x24400}, {&(0x7f0000010f00)='syzkallers\x00'/32, 0x20, 0x34400}, {&(0x7f0000011000)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x54400}], 0x0, &(0x7f0000011100)) [ 101.748541] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 101.749090] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 101.757011] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 101.758397] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 101.758651] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 101.760540] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 101.770696] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 101.776080] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 101.777573] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 101.778758] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 101.782865] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 101.787593] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 101.916321] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 101.921923] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 101.928275] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 101.932889] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 101.934963] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 101.955886] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 101.957949] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 101.966018] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 101.971579] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 101.985933] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 102.016180] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 102.027998] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 102.048629] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 102.065736] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 102.067555] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 102.079672] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 102.090938] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 102.095895] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 102.102131] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 102.102622] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 102.111154] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 102.111944] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 102.113042] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 102.119356] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 102.126799] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 102.127179] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 102.132516] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 102.135171] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 102.136982] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 102.148803] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 102.152708] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 102.156940] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 102.162178] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 102.170083] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 102.177091] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 102.180084] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 103.829641] Bluetooth: hci0: command tx timeout [ 103.892670] Bluetooth: hci1: command tx timeout [ 104.020886] Bluetooth: hci2: command tx timeout [ 104.085745] Bluetooth: hci3: command tx timeout [ 104.213587] Bluetooth: hci4: command tx timeout [ 104.213948] Bluetooth: hci5: command tx timeout [ 104.276784] Bluetooth: hci6: command tx timeout [ 104.276830] Bluetooth: hci7: command tx timeout [ 105.877284] Bluetooth: hci0: command tx timeout [ 105.940730] Bluetooth: hci1: command tx timeout [ 106.068564] Bluetooth: hci2: command tx timeout [ 106.132693] Bluetooth: hci3: command tx timeout [ 106.261188] Bluetooth: hci5: command tx timeout [ 106.261278] Bluetooth: hci4: command tx timeout [ 106.324669] Bluetooth: hci7: command tx timeout [ 106.324725] Bluetooth: hci6: command tx timeout [ 107.925607] Bluetooth: hci0: command tx timeout [ 107.989795] Bluetooth: hci1: command tx timeout [ 108.116992] Bluetooth: hci2: command tx timeout [ 108.181307] Bluetooth: hci3: command tx timeout [ 108.308588] Bluetooth: hci4: command tx timeout [ 108.308683] Bluetooth: hci5: command tx timeout [ 108.372582] Bluetooth: hci7: command tx timeout [ 108.372661] Bluetooth: hci6: command tx timeout [ 109.972691] Bluetooth: hci0: command tx timeout [ 110.036662] Bluetooth: hci1: command tx timeout [ 110.164730] Bluetooth: hci2: command tx timeout [ 110.228664] Bluetooth: hci3: command tx timeout [ 110.356605] Bluetooth: hci5: command tx timeout [ 110.356745] Bluetooth: hci4: command tx timeout [ 110.420705] Bluetooth: hci6: command tx timeout [ 110.420920] Bluetooth: hci7: command tx timeout [ 161.784710] syz-executor.5 (291) used greatest stack depth: 23696 bytes left [ 161.991616] [ 161.991848] ====================================================== [ 161.992430] WARNING: possible circular locking dependency detected [ 161.993040] 6.13.0-rc7-next-20250117 #1 Not tainted [ 161.993533] ------------------------------------------------------ [ 161.994821] kworker/u8:1/66 is trying to acquire lock: [ 161.995580] ffffffff8621b968 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 161.997080] [ 161.997080] but task is already holding lock: [ 161.997944] ffff888016910768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 161.999366] [ 161.999366] which lock already depends on the new lock. [ 161.999366] [ 162.000554] [ 162.000554] the existing dependency chain (in reverse order) is: [ 162.002423] [ 162.002423] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 162.003439] __mutex_lock+0x13d/0xb50 [ 162.004113] wiphy_register+0x1b2e/0x25d0 [ 162.005907] ieee80211_register_hw+0x23a4/0x3d60 [ 162.006544] mac80211_hwsim_new_radio+0x2759/0x4d50 [ 162.007258] init_mac80211_hwsim+0x389/0x870 [ 162.007888] do_one_initcall+0xf9/0x640 [ 162.008404] kernel_init_freeable+0x53d/0x7a0 [ 162.008930] kernel_init+0x1e/0x2d0 [ 162.009422] ret_from_fork+0x48/0x80 [ 162.009949] ret_from_fork_asm+0x1a/0x30 [ 162.010548] [ 162.010548] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 162.011231] __lock_acquire+0x29fd/0x4580 [ 162.011707] lock_acquire+0x19b/0x520 [ 162.012145] __mutex_lock+0x13d/0xb50 [ 162.012591] unregister_netdevice_many_notify+0x1612/0x1c80 [ 162.013192] unregister_netdevice_queue+0x224/0x2e0 [ 162.013730] _cfg80211_unregister_wdev+0x57b/0x700 [ 162.014298] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 162.014885] ieee80211_unregister_hw+0x55/0x3a0 [ 162.015507] hwsim_exit_net+0x3a0/0x730 [ 162.016002] ops_exit_list+0xb3/0x180 [ 162.016440] cleanup_net+0x546/0xad0 [ 162.016869] process_one_work+0x8ee/0x1a10 [ 162.017361] worker_thread+0x674/0xe70 [ 162.017871] kthread+0x3ab/0x720 [ 162.018396] ret_from_fork+0x48/0x80 [ 162.018928] ret_from_fork_asm+0x1a/0x30 [ 162.019529] [ 162.019529] other info that might help us debug this: [ 162.019529] [ 162.020341] Possible unsafe locking scenario: [ 162.020341] [ 162.020902] CPU0 CPU1 [ 162.021339] ---- ---- [ 162.021771] lock(&rdev->wiphy.mtx); [ 162.022210] lock(rtnl_mutex); [ 162.022911] lock(&rdev->wiphy.mtx); [ 162.023644] lock(rtnl_mutex); [ 162.024078] [ 162.024078] *** DEADLOCK *** [ 162.024078] [ 162.024757] 4 locks held by kworker/u8:1/66: [ 162.025267] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 162.026460] #1: ffff88800bd67d30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 162.027636] #2: ffffffff8620f810 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 162.028741] #3: ffff888016910768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 162.029956] [ 162.029956] stack backtrace: [ 162.030482] CPU: 0 UID: 0 PID: 66 Comm: kworker/u8:1 Not tainted 6.13.0-rc7-next-20250117 #1 [ 162.031450] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 162.032386] Workqueue: netns cleanup_net [ 162.032884] Call Trace: [ 162.033188] [ 162.033459] dump_stack_lvl+0xca/0x120 [ 162.033956] print_circular_bug+0x47b/0x750 [ 162.034481] check_noncircular+0x2e9/0x3c0 [ 162.034952] ? srso_return_thunk+0x5/0x5f [ 162.035387] ? __pfx_check_noncircular+0x10/0x10 [ 162.035856] ? hlock_class+0x4e/0x130 [ 162.036231] ? mark_lock+0xac/0xed0 [ 162.036603] ? srso_return_thunk+0x5/0x5f [ 162.037033] ? dl_scaled_delta_exec+0xd4/0x2c0 [ 162.037491] ? lockdep_lock+0xba/0x1b0 [ 162.037908] ? __pfx_lockdep_lock+0x10/0x10 [ 162.038356] __lock_acquire+0x29fd/0x4580 [ 162.038801] ? __pfx___lock_acquire+0x10/0x10 [ 162.039248] ? lock_release+0x20f/0x6f0 [ 162.039651] ? __pfx_lock_release+0x10/0x10 [ 162.040089] lock_acquire+0x19b/0x520 [ 162.040479] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 162.041062] ? __pfx_lock_acquire+0x10/0x10 [ 162.041499] ? srso_return_thunk+0x5/0x5f [ 162.041935] ? lock_release+0x20f/0x6f0 [ 162.042349] ? srso_return_thunk+0x5/0x5f [ 162.042790] ? lock_is_held_type+0x9e/0x120 [ 162.043235] ? srso_return_thunk+0x5/0x5f [ 162.043660] __mutex_lock+0x13d/0xb50 [ 162.044055] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 162.044639] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 162.045207] ? srso_return_thunk+0x5/0x5f [ 162.045644] ? synchronize_rcu_expedited+0x38a/0x420 [ 162.046146] ? __pfx___mutex_lock+0x10/0x10 [ 162.046591] ? __pfx_autoremove_wake_function+0x10/0x10 [ 162.047136] ? srso_return_thunk+0x5/0x5f [ 162.047564] ? kasan_quarantine_put+0x84/0x1e0 [ 162.048032] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 162.048474] ? srso_return_thunk+0x5/0x5f [ 162.048903] unregister_netdevice_many_notify+0x1612/0x1c80 [ 162.049446] ? __virt_addr_valid+0x2e8/0x5d0 [ 162.049898] ? __pfx_lock_release+0x10/0x10 [ 162.050324] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 162.050921] ? find_held_lock+0x2c/0x110 [ 162.051359] ? srso_return_thunk+0x5/0x5f [ 162.051793] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 162.052296] ? srso_return_thunk+0x5/0x5f [ 162.052740] ? lock_release+0x20f/0x6f0 [ 162.053149] ? __pfx_lock_release+0x10/0x10 [ 162.053587] ? srso_return_thunk+0x5/0x5f [ 162.054020] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 162.054538] ? srso_return_thunk+0x5/0x5f [ 162.054992] unregister_netdevice_queue+0x224/0x2e0 [ 162.055511] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 162.056073] ? up_write+0x195/0x520 [ 162.056463] _cfg80211_unregister_wdev+0x57b/0x700 [ 162.056972] ? srso_return_thunk+0x5/0x5f [ 162.057410] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 162.057915] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 162.058458] ? srso_return_thunk+0x5/0x5f [ 162.058898] ? srso_return_thunk+0x5/0x5f [ 162.059327] ? synchronize_rcu+0x1ff/0x260 [ 162.059772] ieee80211_unregister_hw+0x55/0x3a0 [ 162.060253] hwsim_exit_net+0x3a0/0x730 [ 162.060663] ? __pfx_hwsim_exit_net+0x10/0x10 [ 162.061113] ? srso_return_thunk+0x5/0x5f [ 162.061559] ? netdev_run_todo+0x788/0x1040 [ 162.062000] ? srso_return_thunk+0x5/0x5f [ 162.062440] ? __pfx_hwsim_exit_net+0x10/0x10 [ 162.062903] ops_exit_list+0xb3/0x180 [ 162.063288] cleanup_net+0x546/0xad0 [ 162.063675] ? __pfx_cleanup_net+0x10/0x10 [ 162.064119] process_one_work+0x8ee/0x1a10 [ 162.064573] ? __pfx_lock_acquire+0x10/0x10 [ 162.065010] ? __pfx_process_one_work+0x10/0x10 [ 162.065488] ? srso_return_thunk+0x5/0x5f [ 162.065914] ? move_linked_works+0x172/0x270 [ 162.066360] ? srso_return_thunk+0x5/0x5f [ 162.066801] ? assign_work+0x196/0x240 [ 162.067209] worker_thread+0x674/0xe70 [ 162.067617] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 162.068142] ? srso_return_thunk+0x5/0x5f [ 162.068570] ? __pfx_worker_thread+0x10/0x10 [ 162.069025] kthread+0x3ab/0x720 [ 162.069388] ? __pfx_kthread+0x10/0x10 [ 162.069793] ? srso_return_thunk+0x5/0x5f [ 162.070227] ? finish_task_switch.isra.0+0x206/0x840 [ 162.070743] ? __pfx_kthread+0x10/0x10 [ 162.071151] ret_from_fork+0x48/0x80 [ 162.071520] ? __pfx_kthread+0x10/0x10 [ 162.071931] ret_from_fork_asm+0x1a/0x30 [ 162.072365] [ 164.328148] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 164.333024] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 164.341907] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 164.350672] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 164.355722] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 164.358029] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 164.360309] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 164.362617] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 164.364273] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 164.366012] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 164.367766] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 164.369449] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 164.370002] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 164.373735] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 164.376191] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 164.378868] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 164.385665] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 164.394055] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 164.394810] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 164.405064] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 164.407211] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 164.409879] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 164.417232] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 164.419654] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 164.422267] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 164.425132] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 164.425340] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 164.429241] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 164.430959] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 164.431657] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 164.440149] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 164.443100] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 164.447866] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 164.449878] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 164.459007] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 164.460539] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 164.466113] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 164.467279] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 164.467898] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 164.472042] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 164.474150] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 164.475197] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 164.475819] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 164.482205] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 164.490112] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 164.501393] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 164.507178] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 164.509349] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 166.420585] Bluetooth: hci2: command tx timeout [ 166.484550] Bluetooth: hci7: command tx timeout [ 166.549547] Bluetooth: hci6: command tx timeout [ 166.549618] Bluetooth: hci5: command tx timeout [ 166.549684] Bluetooth: hci0: command tx timeout [ 166.549734] Bluetooth: hci1: command tx timeout [ 166.549782] Bluetooth: hci3: command tx timeout [ 166.613501] Bluetooth: hci4: command tx timeout [ 168.469539] Bluetooth: hci2: command tx timeout [ 168.533606] Bluetooth: hci7: command tx timeout [ 168.596774] Bluetooth: hci3: command tx timeout [ 168.599936] Bluetooth: hci1: command tx timeout [ 168.600008] Bluetooth: hci0: command tx timeout [ 168.600069] Bluetooth: hci5: command tx timeout [ 168.600128] Bluetooth: hci6: command tx timeout [ 168.661648] Bluetooth: hci4: command tx timeout [ 170.518497] Bluetooth: hci2: command tx timeout [ 170.581680] Bluetooth: hci7: command tx timeout [ 170.646574] Bluetooth: hci6: command tx timeout [ 170.647531] Bluetooth: hci5: command tx timeout [ 170.647960] Bluetooth: hci0: command tx timeout [ 170.648009] Bluetooth: hci1: command tx timeout [ 170.648058] Bluetooth: hci3: command tx timeout [ 170.708685] Bluetooth: hci4: command tx timeout VM DIAGNOSIS: 03:40:07 Registers: info registers vcpu 0 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8283cdc5 RDI=ffffffff886930a0 RBP=ffffffff88693060 RSP=ffff88800bd66bb8 R8 =0000000000000001 R9 =ffffed10017acd67 R10=0000000000000020 R11=7369786520656874 R12=0000000000000020 R13=0000000000000001 R14=ffff888008fea01f R15=ffff88800bd66eb8 RIP=ffffffff8283ce1d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00005593cc2ed948 CR3=00000000129b6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=000000000000000040ce480000000000 XMM03=000000c0009a6a00000000c0009a6980 XMM04=000000c00099fd40000000c00099f500 XMM05=000000c00020bd40000000c00020b180 XMM06=000000c00035fc00000000c00035ecc0 XMM07=000000c00037e3e0000000c0006fc040 XMM08=000000c0009a7400000000c0009a7280 XMM09=000000c0009a7800000000c0009a7640 XMM10=000000c00065e240000000c00065e0c0 XMM11=000000c00065eb00000000c00065e440 XMM12=000000c00065eec0000000c00065ecc0 XMM13=000000c00065f640000000c00065f240 XMM14=000000c00065fb80000000c00065f7c0 XMM15=000000c000a167c0000000c00065fe00 info registers vcpu 1 RAX=0000000000000001 RBX=ffff88800bdcd800 RCX=ffffffff81429a4a RDX=ffffed10017b9b01 RSI=0000000000000008 RDI=ffff88800bdcd800 RBP=0000000000200000 RSP=ffff88800f3dfdb8 R8 =0000000000000000 R9 =ffffed10017b9b00 R10=ffff88800bdcd807 R11=00000000fa83b2da R12=ffff88800731b3c9 R13=ffff88800731fde0 R14=ffff88800bbe3780 R15=0000000000000086 RIP=ffffffff81429a4a RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe2700000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000c000339000 CR3=000000000c438000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=f69d1100428fbab40343ae382ed7b035 XMM02=ee7587d5db12e8e300000000000fd428 XMM03=a835d97a3e3ab0580000000000134e68 XMM04=7f245a1d1e54eeab00000000000ae988 XMM05=9f165a4fe6c971ad00000000001391a0 XMM06=7c8d2a4f1e787a980000000000139100 XMM07=a835d97a3e3ab0580000000000134e68 XMM08=ee7587d5db12e8e300000000000fd428 XMM09=00000000000000000000000000000000 XMM10=20000000000000002000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000