Warning: Permanently added '[localhost]:21566' (ECDSA) to the list of known hosts. 2025/01/18 08:47:29 fuzzer started 2025/01/18 08:47:29 dialing manager at localhost:44245 syzkaller login: [ 66.741246] cgroup: Unknown subsys name 'net' [ 66.862264] cgroup: Unknown subsys name 'cpuset' [ 66.908202] cgroup: Unknown subsys name 'rlimit' [ 72.129468] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 83.044495] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/18 08:47:46 syscalls: 2217 2025/01/18 08:47:46 code coverage: enabled 2025/01/18 08:47:46 comparison tracing: enabled 2025/01/18 08:47:46 extra coverage: enabled 2025/01/18 08:47:46 setuid sandbox: enabled 2025/01/18 08:47:46 namespace sandbox: enabled 2025/01/18 08:47:46 Android sandbox: enabled 2025/01/18 08:47:46 fault injection: enabled 2025/01/18 08:47:46 leak checking: enabled 2025/01/18 08:47:46 net packet injection: enabled 2025/01/18 08:47:46 net device setup: enabled 2025/01/18 08:47:46 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/18 08:47:46 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/18 08:47:46 USB emulation: enabled 2025/01/18 08:47:46 hci packet injection: enabled 2025/01/18 08:47:46 wifi device emulation: enabled 2025/01/18 08:47:46 802.15.4 emulation: enabled 2025/01/18 08:47:46 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/18 08:47:46 fetching corpus: 50, signal 23948/26793 (executing program) 2025/01/18 08:47:47 fetching corpus: 100, signal 36746/40071 (executing program) 2025/01/18 08:47:47 fetching corpus: 150, signal 43772/47413 (executing program) 2025/01/18 08:47:47 fetching corpus: 200, signal 51510/55181 (executing program) 2025/01/18 08:47:47 fetching corpus: 250, signal 56351/60048 (executing program) 2025/01/18 08:47:47 fetching corpus: 300, signal 61537/64910 (executing program) 2025/01/18 08:47:47 fetching corpus: 350, signal 67492/70092 (executing program) 2025/01/18 08:47:48 fetching corpus: 400, signal 71083/73208 (executing program) 2025/01/18 08:47:48 fetching corpus: 450, signal 75455/76772 (executing program) 2025/01/18 08:47:48 fetching corpus: 500, signal 77520/78428 (executing program) 2025/01/18 08:47:48 fetching corpus: 529, signal 79062/79606 (executing program) 2025/01/18 08:47:48 fetching corpus: 529, signal 79062/79657 (executing program) 2025/01/18 08:47:48 fetching corpus: 529, signal 79062/79714 (executing program) 2025/01/18 08:47:48 fetching corpus: 529, signal 79062/79777 (executing program) 2025/01/18 08:47:48 fetching corpus: 529, signal 79062/79820 (executing program) 2025/01/18 08:47:48 fetching corpus: 529, signal 79062/79854 (executing program) 2025/01/18 08:47:48 fetching corpus: 529, signal 79062/79900 (executing program) 2025/01/18 08:47:48 fetching corpus: 529, signal 79062/79952 (executing program) 2025/01/18 08:47:48 fetching corpus: 529, signal 79062/80004 (executing program) 2025/01/18 08:47:48 fetching corpus: 529, signal 79062/80055 (executing program) 2025/01/18 08:47:48 fetching corpus: 529, signal 79062/80095 (executing program) 2025/01/18 08:47:48 fetching corpus: 529, signal 79062/80139 (executing program) 2025/01/18 08:47:48 fetching corpus: 529, signal 79062/80185 (executing program) 2025/01/18 08:47:48 fetching corpus: 529, signal 79062/80243 (executing program) 2025/01/18 08:47:48 fetching corpus: 529, signal 79062/80289 (executing program) 2025/01/18 08:47:48 fetching corpus: 529, signal 79062/80338 (executing program) 2025/01/18 08:47:48 fetching corpus: 529, signal 79062/80379 (executing program) 2025/01/18 08:47:48 fetching corpus: 529, signal 79062/80422 (executing program) 2025/01/18 08:47:48 fetching corpus: 529, signal 79062/80478 (executing program) 2025/01/18 08:47:48 fetching corpus: 529, signal 79062/80523 (executing program) 2025/01/18 08:47:48 fetching corpus: 529, signal 79062/80576 (executing program) 2025/01/18 08:47:48 fetching corpus: 529, signal 79062/80623 (executing program) 2025/01/18 08:47:48 fetching corpus: 529, signal 79062/80672 (executing program) 2025/01/18 08:47:48 fetching corpus: 529, signal 79062/80708 (executing program) 2025/01/18 08:47:48 fetching corpus: 529, signal 79062/80764 (executing program) 2025/01/18 08:47:48 fetching corpus: 529, signal 79062/80811 (executing program) 2025/01/18 08:47:48 fetching corpus: 529, signal 79062/80858 (executing program) 2025/01/18 08:47:49 fetching corpus: 529, signal 79062/80898 (executing program) 2025/01/18 08:47:49 fetching corpus: 529, signal 79062/80944 (executing program) 2025/01/18 08:47:49 fetching corpus: 529, signal 79062/80964 (executing program) 2025/01/18 08:47:49 fetching corpus: 529, signal 79062/80964 (executing program) 2025/01/18 08:47:52 starting 8 fuzzer processes 08:47:52 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) fallocate(r0, 0x4b, 0x0, 0x3) 08:47:52 executing program 1: r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) symlinkat(&(0x7f0000000140)='./file0/../file0\x00', r1, &(0x7f00000001c0)='./file0\x00') renameat(r1, &(0x7f0000000200)='./file0/../file0\x00', 0xffffffffffffffff, 0x0) 08:47:52 executing program 2: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sysvipc/sem\x00', 0x0, 0x0) pread64(r0, &(0x7f0000000040)=""/15, 0xf, 0x1) 08:47:53 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_SET_RESERVED_SIZE(r0, 0x2289, &(0x7f0000000840)) 08:47:53 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet6_udp_int(r0, 0x11, 0xa, &(0x7f00000000c0), &(0x7f0000000100)=0x4) [ 89.789778] audit: type=1400 audit(1737190073.035:7): avc: denied { execmem } for pid=273 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 08:47:53 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000100)=[{0x1d}, {0x6, 0x0, 0x0, 0x7fffffff}]}) pipe2(&(0x7f0000000000), 0x0) 08:47:53 executing program 6: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r0, 0x29, 0x44, 0x0, &(0x7f0000000140)) 08:47:53 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000007f00)={0x18, 0x15, 0x1, 0x0, 0x0, "", [@generic="026b02db13"]}, 0x18}], 0x1}, 0x0) [ 91.180894] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 91.184047] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 91.187656] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 91.192895] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 91.197960] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 91.200418] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 91.245002] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 91.250854] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 91.253492] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 91.258611] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 91.263527] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 91.266498] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 91.319961] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 91.324124] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 91.329499] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 91.338524] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 91.339346] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 91.341710] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 91.347860] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 91.348715] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 91.364417] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 91.366251] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 91.377261] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 91.377848] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 91.378469] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 91.378949] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 91.382732] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 91.387366] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 91.388662] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 91.388997] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 91.394385] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 91.424848] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 91.428472] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 91.434188] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 91.438427] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 91.456548] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 91.456930] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 91.462576] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 91.503784] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 91.508638] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 91.518342] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 91.543576] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 91.549723] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 91.560600] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 91.568666] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 91.571016] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 91.584980] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 91.586990] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 93.268671] Bluetooth: hci0: command tx timeout [ 93.331305] Bluetooth: hci1: command tx timeout [ 93.460138] Bluetooth: hci3: command tx timeout [ 93.525114] Bluetooth: hci5: command tx timeout [ 93.525278] Bluetooth: hci2: command tx timeout [ 93.587553] Bluetooth: hci4: command tx timeout [ 93.651197] Bluetooth: hci7: command tx timeout [ 93.715175] Bluetooth: hci6: command tx timeout [ 95.315761] Bluetooth: hci0: command tx timeout [ 95.379322] Bluetooth: hci1: command tx timeout [ 95.507226] Bluetooth: hci3: command tx timeout [ 95.571441] Bluetooth: hci2: command tx timeout [ 95.571544] Bluetooth: hci5: command tx timeout [ 95.635208] Bluetooth: hci4: command tx timeout [ 95.699201] Bluetooth: hci7: command tx timeout [ 95.766154] Bluetooth: hci6: command tx timeout [ 97.364328] Bluetooth: hci0: command tx timeout [ 97.427476] Bluetooth: hci1: command tx timeout [ 97.556355] Bluetooth: hci3: command tx timeout [ 97.619316] Bluetooth: hci5: command tx timeout [ 97.621038] Bluetooth: hci2: command tx timeout [ 97.683627] Bluetooth: hci4: command tx timeout [ 97.747159] Bluetooth: hci7: command tx timeout [ 97.811386] Bluetooth: hci6: command tx timeout [ 99.411580] Bluetooth: hci0: command tx timeout [ 99.475290] Bluetooth: hci1: command tx timeout [ 99.603638] Bluetooth: hci3: command tx timeout [ 99.667196] Bluetooth: hci2: command tx timeout [ 99.667918] Bluetooth: hci5: command tx timeout [ 99.731184] Bluetooth: hci4: command tx timeout [ 99.797119] Bluetooth: hci7: command tx timeout [ 99.859460] Bluetooth: hci6: command tx timeout [ 151.017094] syz-executor.1 (282) used greatest stack depth: 23360 bytes left [ 153.769627] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 153.774681] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 153.776954] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 153.782728] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 153.785569] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 153.789260] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 153.892686] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 153.897859] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 153.901616] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 153.908446] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 153.913589] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 153.919255] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 153.954700] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 153.960650] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 153.970128] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 153.981358] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 153.989401] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 153.991357] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 154.037921] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 154.040236] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 154.048770] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 154.050200] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 154.061704] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 154.062693] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 154.066715] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 154.072751] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 154.075754] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 154.082565] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 154.110602] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 154.122003] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 154.142648] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 154.152144] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 154.157600] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 154.174845] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 154.175286] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 154.175547] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 154.175999] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 154.185632] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 154.186326] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 154.187734] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 154.198190] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 154.201781] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 154.202269] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 154.203216] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 154.204276] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 154.239650] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 154.244326] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 154.250300] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 155.859193] Bluetooth: hci0: command tx timeout [ 155.987214] Bluetooth: hci1: command tx timeout [ 156.051165] Bluetooth: hci2: command tx timeout [ 156.244115] Bluetooth: hci6: command tx timeout [ 156.307150] Bluetooth: hci3: command tx timeout [ 156.308020] Bluetooth: hci4: command tx timeout [ 156.308141] Bluetooth: hci5: command tx timeout [ 156.371127] Bluetooth: hci7: command tx timeout [ 157.907142] Bluetooth: hci0: command tx timeout [ 158.035488] Bluetooth: hci1: command tx timeout [ 158.099256] Bluetooth: hci2: command tx timeout [ 158.291424] Bluetooth: hci6: command tx timeout [ 158.355198] Bluetooth: hci3: command tx timeout [ 158.355773] Bluetooth: hci4: command tx timeout [ 158.356278] Bluetooth: hci5: command tx timeout [ 158.421083] Bluetooth: hci7: command tx timeout [ 159.956435] Bluetooth: hci0: command tx timeout [ 160.083613] Bluetooth: hci1: command tx timeout [ 160.147133] Bluetooth: hci2: command tx timeout [ 160.341398] Bluetooth: hci6: command tx timeout [ 160.403845] Bluetooth: hci3: command tx timeout [ 160.403905] Bluetooth: hci5: command tx timeout [ 160.404126] Bluetooth: hci4: command tx timeout [ 160.469153] Bluetooth: hci7: command tx timeout [ 162.003241] Bluetooth: hci0: command tx timeout [ 162.131380] Bluetooth: hci1: command tx timeout [ 162.197095] Bluetooth: hci2: command tx timeout [ 162.387133] Bluetooth: hci6: command tx timeout [ 162.451119] Bluetooth: hci5: command tx timeout [ 162.451746] Bluetooth: hci4: command tx timeout [ 162.455083] Bluetooth: hci3: command tx timeout [ 162.515230] Bluetooth: hci7: command tx timeout [ 214.013326] [ 214.013579] ====================================================== [ 214.014209] WARNING: possible circular locking dependency detected [ 214.014782] 6.13.0-rc7-next-20250117 #1 Not tainted [ 214.015292] ------------------------------------------------------ [ 214.016525] kworker/u8:0/11 is trying to acquire lock: [ 214.017438] ffffffff8621b968 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 214.019419] [ 214.019419] but task is already holding lock: [ 214.020389] ffff888033298768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 214.021983] [ 214.021983] which lock already depends on the new lock. [ 214.021983] [ 214.023264] [ 214.023264] the existing dependency chain (in reverse order) is: [ 214.024878] [ 214.024878] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 214.025985] __mutex_lock+0x13d/0xb50 [ 214.026774] wiphy_register+0x1b2e/0x25d0 [ 214.027637] ieee80211_register_hw+0x23a4/0x3d60 [ 214.028590] mac80211_hwsim_new_radio+0x2759/0x4d50 [ 214.030032] init_mac80211_hwsim+0x389/0x870 [ 214.030724] do_one_initcall+0xf9/0x640 [ 214.031372] kernel_init_freeable+0x53d/0x7a0 [ 214.032093] kernel_init+0x1e/0x2d0 [ 214.032674] ret_from_fork+0x48/0x80 [ 214.033262] ret_from_fork_asm+0x1a/0x30 [ 214.033949] [ 214.033949] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 214.034792] __lock_acquire+0x29fd/0x4580 [ 214.035457] lock_acquire+0x19b/0x520 [ 214.036071] __mutex_lock+0x13d/0xb50 [ 214.036696] unregister_netdevice_many_notify+0x1612/0x1c80 [ 214.037542] unregister_netdevice_queue+0x224/0x2e0 [ 214.038303] _cfg80211_unregister_wdev+0x57b/0x700 [ 214.039071] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 214.039795] ieee80211_unregister_hw+0x55/0x3a0 [ 214.040483] hwsim_exit_net+0x3a0/0x730 [ 214.041111] ops_exit_list+0xb3/0x180 [ 214.041724] cleanup_net+0x546/0xad0 [ 214.042333] process_one_work+0x8ee/0x1a10 [ 214.043024] worker_thread+0x674/0xe70 [ 214.043681] kthread+0x3ab/0x720 [ 214.044257] ret_from_fork+0x48/0x80 [ 214.044842] ret_from_fork_asm+0x1a/0x30 [ 214.045496] [ 214.045496] other info that might help us debug this: [ 214.045496] [ 214.046500] Possible unsafe locking scenario: [ 214.046500] [ 214.047265] CPU0 CPU1 [ 214.047858] ---- ---- [ 214.048441] lock(&rdev->wiphy.mtx); [ 214.048972] lock(rtnl_mutex); [ 214.049752] lock(&rdev->wiphy.mtx); [ 214.050523] lock(rtnl_mutex); [ 214.050893] [ 214.050893] *** DEADLOCK *** [ 214.050893] [ 214.051456] 4 locks held by kworker/u8:0/11: [ 214.051905] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 214.052948] #1: ffff8880095dfd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 214.053956] #2: ffffffff8620f810 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 214.054872] #3: ffff888033298768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 214.055856] [ 214.055856] stack backtrace: [ 214.056290] CPU: 1 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.13.0-rc7-next-20250117 #1 [ 214.057116] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 214.057919] Workqueue: netns cleanup_net [ 214.058348] Call Trace: [ 214.058608] [ 214.058842] dump_stack_lvl+0xca/0x120 [ 214.059265] print_circular_bug+0x47b/0x750 [ 214.059696] check_noncircular+0x2e9/0x3c0 [ 214.060114] ? __pfx_check_noncircular+0x10/0x10 [ 214.060570] ? hlock_class+0x4e/0x130 [ 214.060959] ? mark_lock+0xac/0xed0 [ 214.061340] ? srso_return_thunk+0x5/0x5f [ 214.061793] ? dl_scaled_delta_exec+0xd4/0x2c0 [ 214.062272] ? lockdep_lock+0xba/0x1b0 [ 214.062787] ? __pfx_lockdep_lock+0x10/0x10 [ 214.063356] __lock_acquire+0x29fd/0x4580 [ 214.063903] ? __pfx___lock_acquire+0x10/0x10 [ 214.064474] ? lock_release+0x20f/0x6f0 [ 214.064901] ? __pfx_lock_release+0x10/0x10 [ 214.065365] lock_acquire+0x19b/0x520 [ 214.065777] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 214.066367] ? __pfx_lock_acquire+0x10/0x10 [ 214.066786] ? srso_return_thunk+0x5/0x5f [ 214.067218] ? lock_release+0x20f/0x6f0 [ 214.067646] ? srso_return_thunk+0x5/0x5f [ 214.068077] ? lock_is_held_type+0x9e/0x120 [ 214.068572] ? srso_return_thunk+0x5/0x5f [ 214.068997] __mutex_lock+0x13d/0xb50 [ 214.069382] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 214.069936] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 214.070489] ? srso_return_thunk+0x5/0x5f [ 214.070902] ? synchronize_rcu_expedited+0x38a/0x420 [ 214.071391] ? __pfx___mutex_lock+0x10/0x10 [ 214.071817] ? __pfx_autoremove_wake_function+0x10/0x10 [ 214.072330] ? srso_return_thunk+0x5/0x5f [ 214.072744] ? kasan_quarantine_put+0x84/0x1e0 [ 214.073202] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 214.073638] ? srso_return_thunk+0x5/0x5f [ 214.074063] unregister_netdevice_many_notify+0x1612/0x1c80 [ 214.074637] ? __virt_addr_valid+0x2e8/0x5d0 [ 214.075105] ? __pfx_lock_release+0x10/0x10 [ 214.075548] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 214.076149] ? find_held_lock+0x2c/0x110 [ 214.076586] ? srso_return_thunk+0x5/0x5f [ 214.077027] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 214.077542] ? srso_return_thunk+0x5/0x5f [ 214.077987] ? lock_release+0x20f/0x6f0 [ 214.078405] ? __pfx_lock_release+0x10/0x10 [ 214.078835] ? srso_return_thunk+0x5/0x5f [ 214.079245] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 214.079741] ? srso_return_thunk+0x5/0x5f [ 214.080158] unregister_netdevice_queue+0x224/0x2e0 [ 214.080662] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 214.081212] ? up_write+0x195/0x520 [ 214.081606] _cfg80211_unregister_wdev+0x57b/0x700 [ 214.082110] ? srso_return_thunk+0x5/0x5f [ 214.082531] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 214.083008] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 214.083562] ? srso_return_thunk+0x5/0x5f [ 214.084001] ? srso_return_thunk+0x5/0x5f [ 214.084461] ? synchronize_rcu+0x1ff/0x260 [ 214.084902] ieee80211_unregister_hw+0x55/0x3a0 [ 214.085392] hwsim_exit_net+0x3a0/0x730 [ 214.085798] ? __pfx_hwsim_exit_net+0x10/0x10 [ 214.086234] ? srso_return_thunk+0x5/0x5f [ 214.086647] ? netdev_run_todo+0x788/0x1040 [ 214.087091] ? srso_return_thunk+0x5/0x5f [ 214.087547] ? __pfx_hwsim_exit_net+0x10/0x10 [ 214.088008] ops_exit_list+0xb3/0x180 [ 214.088427] cleanup_net+0x546/0xad0 [ 214.088818] ? __pfx_cleanup_net+0x10/0x10 [ 214.089274] process_one_work+0x8ee/0x1a10 [ 214.089736] ? __pfx_lock_acquire+0x10/0x10 [ 214.090202] ? __pfx_process_one_work+0x10/0x10 [ 214.090694] ? srso_return_thunk+0x5/0x5f [ 214.091132] ? move_linked_works+0x172/0x270 [ 214.091604] ? srso_return_thunk+0x5/0x5f [ 214.092040] ? assign_work+0x196/0x240 [ 214.092475] worker_thread+0x674/0xe70 [ 214.092890] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 214.093394] ? __pfx_worker_thread+0x10/0x10 [ 214.093851] kthread+0x3ab/0x720 [ 214.094220] ? __pfx_kthread+0x10/0x10 [ 214.094631] ? srso_return_thunk+0x5/0x5f [ 214.095069] ? finish_task_switch.isra.0+0x206/0x840 [ 214.095583] ? __pfx_kthread+0x10/0x10 [ 214.095995] ret_from_fork+0x48/0x80 [ 214.096368] ? __pfx_kthread+0x10/0x10 [ 214.096766] ret_from_fork_asm+0x1a/0x30 [ 214.097179] [ 215.645690] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 215.649720] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 215.652898] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 215.662996] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 215.667425] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 215.669006] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 215.780715] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 215.782795] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 215.784679] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 215.788783] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 215.792694] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 215.794797] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 215.850501] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 215.859362] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 215.861624] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 215.871365] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 215.875153] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 215.878880] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 215.965096] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 215.976765] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 215.978634] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 215.981472] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 215.983835] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 215.985662] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 216.067958] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 216.088145] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 216.091250] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 216.093082] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 216.093329] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 216.096731] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 216.104402] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 216.106941] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 216.108905] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 216.144360] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 216.146866] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 216.151417] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 216.157082] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 216.163904] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 216.165579] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 216.211138] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 216.246472] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 216.246755] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 216.279171] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 216.279848] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 216.301408] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 216.358450] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 216.373428] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 216.380458] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 217.685392] Bluetooth: hci0: command tx timeout [ 217.811176] Bluetooth: hci1: command tx timeout [ 217.939174] Bluetooth: hci2: command tx timeout [ 218.003910] Bluetooth: hci3: command tx timeout [ 218.132175] Bluetooth: hci5: command tx timeout [ 218.259387] Bluetooth: hci4: command tx timeout [ 218.515288] Bluetooth: hci7: command tx timeout [ 218.515416] Bluetooth: hci6: command tx timeout [ 219.731282] Bluetooth: hci0: command tx timeout [ 219.859123] Bluetooth: hci1: command tx timeout [ 219.987291] Bluetooth: hci2: command tx timeout [ 220.051147] Bluetooth: hci3: command tx timeout [ 220.179396] Bluetooth: hci5: command tx timeout [ 220.308308] Bluetooth: hci4: command tx timeout [ 220.563168] Bluetooth: hci7: command tx timeout [ 220.563416] Bluetooth: hci6: command tx timeout [ 221.779218] Bluetooth: hci0: command tx timeout [ 221.907325] Bluetooth: hci1: command tx timeout [ 222.036111] Bluetooth: hci2: command tx timeout [ 222.100251] Bluetooth: hci3: command tx timeout [ 222.228067] Bluetooth: hci5: command tx timeout [ 222.355173] Bluetooth: hci4: command tx timeout [ 222.614106] Bluetooth: hci6: command tx timeout [ 222.614188] Bluetooth: hci7: command tx timeout [ 223.828068] Bluetooth: hci0: command tx timeout [ 223.956147] Bluetooth: hci1: command tx timeout VM DIAGNOSIS: 08:49:57 Registers: info registers vcpu 0 RAX=ffff8880128cb180 RBX=ffff888008c504a0 RCX=ffffffff81429a4a RDX=ffff8880128cb1c0 RSI=0000000000000001 RDI=ffffffff87b94638 RBP=ffffffff87b94638 RSP=ffff88800f1c7da0 R8 =0000000000000000 R9 =ffffed10017b7580 R10=ffff88800bdbac07 R11=ffff88800bbe57f8 R12=ffff8880128cae48 R13=ffff888008c504a0 R14=ffff88800bbe5340 R15=0000000000000086 RIP=ffffffff81aecef4 RFL=00000097 [--S-APC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fca34b720a8 CR3=0000000015400000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=0000000000000000411cad0000000000 XMM03=0000ff00000000000000000000000000 XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962 XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000032 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8283cdc5 RDI=ffffffff886930a0 RBP=ffffffff88693060 RSP=ffff8880095deb38 R8 =0000000000000001 R9 =ffffed10012bbd57 R10=0000000000000032 R11=6d20202020202020 R12=0000000000000032 R13=0000000000000001 R14=ffff888008fea032 R15=ffff8880095dee38 RIP=ffffffff8283ce1d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055ecf5457a00 CR3=0000000015400000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000000000000000000000 XMM03=000000c000084db0000000c000084cb0 XMM04=000000c000084c20000000c000084dc0 XMM05=000000c000084c70000000c000084c80 XMM06=000000c000084c30000000c000084d00 XMM07=000000c000084c10000000c000084df0 XMM08=000000c000084b00000000c000084280 XMM09=000000c000084260000000c000084250 XMM10=000000c0003065a0000000c000306590 XMM11=000000c000084010000000c000084000 XMM12=000000c000084480000000c000084490 XMM13=000000c0000846e0000000c0000846f0 XMM14=000000c000084100000000c000084700 XMM15=000000c000084110000000c000084140