Warning: Permanently added '[localhost]:57084' (ECDSA) to the list of known hosts. 2025/01/18 11:11:08 fuzzer started 2025/01/18 11:11:08 dialing manager at localhost:44245 syzkaller login: [ 68.938979] cgroup: Unknown subsys name 'net' [ 69.031582] cgroup: Unknown subsys name 'cpuset' [ 69.072109] cgroup: Unknown subsys name 'rlimit' [ 74.529473] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/18 11:11:25 syscalls: 2217 2025/01/18 11:11:25 code coverage: enabled 2025/01/18 11:11:25 comparison tracing: enabled 2025/01/18 11:11:25 extra coverage: enabled 2025/01/18 11:11:25 setuid sandbox: enabled 2025/01/18 11:11:25 namespace sandbox: enabled 2025/01/18 11:11:25 Android sandbox: enabled 2025/01/18 11:11:25 fault injection: enabled 2025/01/18 11:11:25 leak checking: enabled 2025/01/18 11:11:25 net packet injection: enabled 2025/01/18 11:11:25 net device setup: enabled 2025/01/18 11:11:25 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/18 11:11:25 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/18 11:11:25 USB emulation: enabled 2025/01/18 11:11:25 hci packet injection: enabled 2025/01/18 11:11:25 wifi device emulation: enabled 2025/01/18 11:11:25 802.15.4 emulation: enabled 2025/01/18 11:11:25 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/18 11:11:26 fetching corpus: 50, signal 23163/26312 (executing program) 2025/01/18 11:11:26 fetching corpus: 100, signal 38709/42545 (executing program) 2025/01/18 11:11:26 fetching corpus: 150, signal 45918/50457 (executing program) 2025/01/18 11:11:26 fetching corpus: 200, signal 51195/56373 (executing program) 2025/01/18 11:11:26 fetching corpus: 250, signal 55233/60942 (executing program) 2025/01/18 11:11:26 fetching corpus: 300, signal 59472/65596 (executing program) 2025/01/18 11:11:27 fetching corpus: 350, signal 64286/70548 (executing program) 2025/01/18 11:11:27 fetching corpus: 400, signal 68078/74489 (executing program) 2025/01/18 11:11:27 fetching corpus: 450, signal 70928/77535 (executing program) 2025/01/18 11:11:27 fetching corpus: 500, signal 73616/80364 (executing program) 2025/01/18 11:11:27 fetching corpus: 550, signal 75385/82379 (executing program) 2025/01/18 11:11:28 fetching corpus: 600, signal 77696/84742 (executing program) 2025/01/18 11:11:28 fetching corpus: 650, signal 79757/86816 (executing program) 2025/01/18 11:11:28 fetching corpus: 700, signal 81499/88570 (executing program) 2025/01/18 11:11:28 fetching corpus: 750, signal 85047/91547 (executing program) 2025/01/18 11:11:28 fetching corpus: 800, signal 87258/93462 (executing program) 2025/01/18 11:11:28 fetching corpus: 850, signal 89134/95059 (executing program) 2025/01/18 11:11:29 fetching corpus: 900, signal 93221/98004 (executing program) 2025/01/18 11:11:29 fetching corpus: 950, signal 95079/99351 (executing program) 2025/01/18 11:11:29 fetching corpus: 1000, signal 97100/100766 (executing program) 2025/01/18 11:11:29 fetching corpus: 1050, signal 98629/101881 (executing program) 2025/01/18 11:11:29 fetching corpus: 1100, signal 99857/102744 (executing program) 2025/01/18 11:11:29 fetching corpus: 1150, signal 101213/103617 (executing program) 2025/01/18 11:11:30 fetching corpus: 1200, signal 103535/104944 (executing program) 2025/01/18 11:11:30 fetching corpus: 1250, signal 104673/105599 (executing program) 2025/01/18 11:11:30 fetching corpus: 1262, signal 104892/105741 (executing program) 2025/01/18 11:11:30 fetching corpus: 1262, signal 104892/105773 (executing program) 2025/01/18 11:11:30 fetching corpus: 1262, signal 104892/105807 (executing program) 2025/01/18 11:11:30 fetching corpus: 1262, signal 104892/105836 (executing program) 2025/01/18 11:11:30 fetching corpus: 1262, signal 104892/105870 (executing program) 2025/01/18 11:11:30 fetching corpus: 1262, signal 104892/105902 (executing program) 2025/01/18 11:11:30 fetching corpus: 1262, signal 104892/105931 (executing program) 2025/01/18 11:11:30 fetching corpus: 1262, signal 104892/105970 (executing program) 2025/01/18 11:11:30 fetching corpus: 1262, signal 104892/106010 (executing program) 2025/01/18 11:11:30 fetching corpus: 1262, signal 104892/106035 (executing program) 2025/01/18 11:11:30 fetching corpus: 1262, signal 104892/106065 (executing program) 2025/01/18 11:11:30 fetching corpus: 1262, signal 104892/106103 (executing program) 2025/01/18 11:11:30 fetching corpus: 1262, signal 104892/106135 (executing program) 2025/01/18 11:11:30 fetching corpus: 1262, signal 104892/106170 (executing program) 2025/01/18 11:11:30 fetching corpus: 1262, signal 104892/106208 (executing program) 2025/01/18 11:11:30 fetching corpus: 1262, signal 104892/106239 (executing program) 2025/01/18 11:11:30 fetching corpus: 1262, signal 104892/106270 (executing program) 2025/01/18 11:11:30 fetching corpus: 1262, signal 104892/106311 (executing program) 2025/01/18 11:11:30 fetching corpus: 1262, signal 104892/106339 (executing program) 2025/01/18 11:11:30 fetching corpus: 1262, signal 104892/106370 (executing program) 2025/01/18 11:11:30 fetching corpus: 1262, signal 104892/106400 (executing program) 2025/01/18 11:11:30 fetching corpus: 1262, signal 104892/106436 (executing program) 2025/01/18 11:11:30 fetching corpus: 1262, signal 104892/106476 (executing program) 2025/01/18 11:11:30 fetching corpus: 1262, signal 104892/106512 (executing program) 2025/01/18 11:11:30 fetching corpus: 1262, signal 104892/106548 (executing program) 2025/01/18 11:11:30 fetching corpus: 1262, signal 104892/106581 (executing program) 2025/01/18 11:11:30 fetching corpus: 1262, signal 104892/106617 (executing program) 2025/01/18 11:11:30 fetching corpus: 1262, signal 104892/106624 (executing program) 2025/01/18 11:11:30 fetching corpus: 1262, signal 104892/106624 (executing program) 2025/01/18 11:11:33 starting 8 fuzzer processes 11:11:33 executing program 0: r0 = syz_io_uring_setup(0x921, &(0x7f00000004c0)={0x0, 0x0, 0x2}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000540), &(0x7f0000000580)) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x0, 0x0, 0x3, 0x0, 0x0) 11:11:33 executing program 1: syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='mpol=interleave,huge']) 11:11:33 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) ioctl$SG_GET_RESERVED_SIZE(r0, 0x2284, &(0x7f0000000000)) 11:11:33 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) gettid() r1 = gettid() sendmmsg$unix(r0, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000380)=[@cred={{0x1c, 0x1, 0x2, {r1, 0xee00}}}], 0x20}}], 0x2, 0x0) 11:11:33 executing program 4: r0 = syz_io_uring_setup(0x1e53, &(0x7f0000000080), &(0x7f0000ffb000/0x1000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000001440), &(0x7f0000000040)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x11, r1, 0x0) io_uring_register$IORING_REGISTER_FILES(r0, 0x19, &(0x7f00000002c0), 0x0) 11:11:33 executing program 5: r0 = fsopen(&(0x7f0000000140)='devtmpfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='{.,-^\x00', &(0x7f0000000040)='\x00', 0x0) 11:11:33 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xfc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TIOCSTI(r0, 0x545d, &(0x7f00000004c0)) [ 93.355443] audit: type=1400 audit(1737198693.567:7): avc: denied { execmem } for pid=274 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 11:11:33 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x20) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x300000e, 0x2811, r0, 0x0) [ 94.626384] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 94.631197] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 94.635084] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 94.641344] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 94.648103] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 94.650702] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 94.867448] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 94.871979] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 94.874873] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 94.880811] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 94.886951] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 94.889031] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 94.913066] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 94.915754] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 94.919529] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 94.926815] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 94.939279] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 94.947564] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 94.949885] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 94.954597] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 94.955480] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 94.966096] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 94.972998] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 94.974971] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 94.977039] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 94.977927] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 94.983247] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 94.987084] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 94.988281] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 94.991482] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 95.001046] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 95.008944] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 95.009854] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 95.011742] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 95.014428] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 95.015904] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 95.016403] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 95.019118] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 95.030690] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 95.033473] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 95.038014] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 95.039996] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 95.041071] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 95.044527] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 95.055738] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 95.056445] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 95.068438] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 95.073247] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 96.712982] Bluetooth: hci0: command tx timeout [ 96.969660] Bluetooth: hci1: command tx timeout [ 97.034205] Bluetooth: hci2: command tx timeout [ 97.034219] Bluetooth: hci3: command tx timeout [ 97.095757] Bluetooth: hci4: command tx timeout [ 97.095814] Bluetooth: hci5: command tx timeout [ 97.159710] Bluetooth: hci7: command tx timeout [ 97.159804] Bluetooth: hci6: command tx timeout [ 98.760789] Bluetooth: hci0: command tx timeout [ 99.016727] Bluetooth: hci1: command tx timeout [ 99.079698] Bluetooth: hci2: command tx timeout [ 99.079780] Bluetooth: hci3: command tx timeout [ 99.145662] Bluetooth: hci4: command tx timeout [ 99.145749] Bluetooth: hci5: command tx timeout [ 99.208694] Bluetooth: hci7: command tx timeout [ 99.208780] Bluetooth: hci6: command tx timeout [ 100.809664] Bluetooth: hci0: command tx timeout [ 101.064684] Bluetooth: hci1: command tx timeout [ 101.127710] Bluetooth: hci2: command tx timeout [ 101.127795] Bluetooth: hci3: command tx timeout [ 101.191775] Bluetooth: hci4: command tx timeout [ 101.191904] Bluetooth: hci5: command tx timeout [ 101.255742] Bluetooth: hci7: command tx timeout [ 101.255826] Bluetooth: hci6: command tx timeout [ 102.856521] Bluetooth: hci0: command tx timeout [ 103.111729] Bluetooth: hci1: command tx timeout [ 103.176685] Bluetooth: hci3: command tx timeout [ 103.176775] Bluetooth: hci2: command tx timeout [ 103.239863] Bluetooth: hci5: command tx timeout [ 103.239994] Bluetooth: hci4: command tx timeout [ 103.303760] Bluetooth: hci6: command tx timeout [ 103.303851] Bluetooth: hci7: command tx timeout [ 151.704912] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 151.705064] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 151.978764] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 151.978856] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 152.272352] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 152.272441] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 152.611312] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 152.611395] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 152.782682] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 152.782759] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 152.990477] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 152.990560] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 153.119079] audit: type=1400 audit(1737198753.331:8): avc: denied { open } for pid=3880 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 153.119262] audit: type=1400 audit(1737198753.331:9): avc: denied { kernel } for pid=3880 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 153.129422] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 153.129496] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 153.238984] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 153.239056] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 153.380571] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 153.380684] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 153.711188] [ 153.711430] ====================================================== [ 153.712022] WARNING: possible circular locking dependency detected [ 153.712611] 6.13.0-rc7-next-20250117 #1 Not tainted [ 153.713088] ------------------------------------------------------ [ 153.714168] kworker/u8:2/3844 is trying to acquire lock: [ 153.714968] ffffffff8621b968 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 153.716443] [ 153.716443] but task is already holding lock: [ 153.717351] ffff888013930768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 153.718746] [ 153.718746] which lock already depends on the new lock. [ 153.718746] [ 153.719887] [ 153.719887] the existing dependency chain (in reverse order) is: [ 153.720922] [ 153.720922] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 153.722234] __mutex_lock+0x13d/0xb50 [ 153.723005] wiphy_register+0x1b2e/0x25d0 [ 153.723918] ieee80211_register_hw+0x23a4/0x3d60 [ 153.724957] mac80211_hwsim_new_radio+0x2759/0x4d50 [ 153.725919] init_mac80211_hwsim+0x389/0x870 [ 153.726431] do_one_initcall+0xf9/0x640 [ 153.726907] kernel_init_freeable+0x53d/0x7a0 [ 153.727424] kernel_init+0x1e/0x2d0 [ 153.727848] ret_from_fork+0x48/0x80 [ 153.728278] ret_from_fork_asm+0x1a/0x30 [ 153.728764] [ 153.728764] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 153.729376] __lock_acquire+0x29fd/0x4580 [ 153.729856] lock_acquire+0x19b/0x520 [ 153.730307] __mutex_lock+0x13d/0xb50 [ 153.730759] unregister_netdevice_many_notify+0x1612/0x1c80 [ 153.731362] unregister_netdevice_queue+0x224/0x2e0 [ 153.731905] _cfg80211_unregister_wdev+0x57b/0x700 [ 153.732460] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 153.733010] ieee80211_unregister_hw+0x55/0x3a0 [ 153.733531] hwsim_exit_net+0x3a0/0x730 [ 153.734000] ops_exit_list+0xb3/0x180 [ 153.734445] cleanup_net+0x546/0xad0 [ 153.734880] process_one_work+0x8ee/0x1a10 [ 153.735387] worker_thread+0x674/0xe70 [ 153.735863] kthread+0x3ab/0x720 [ 153.736290] ret_from_fork+0x48/0x80 [ 153.736717] ret_from_fork_asm+0x1a/0x30 [ 153.737202] [ 153.737202] other info that might help us debug this: [ 153.737202] [ 153.737943] Possible unsafe locking scenario: [ 153.737943] [ 153.738502] CPU0 CPU1 [ 153.738943] ---- ---- [ 153.739383] lock(&rdev->wiphy.mtx); [ 153.739782] lock(rtnl_mutex); [ 153.740355] lock(&rdev->wiphy.mtx); [ 153.740970] lock(rtnl_mutex); [ 153.741327] [ 153.741327] *** DEADLOCK *** [ 153.741327] [ 153.741903] 4 locks held by kworker/u8:2/3844: [ 153.742356] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 153.743364] #1: ffff8880158d7d30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 153.744343] #2: ffffffff8620f810 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 153.745247] #3: ffff888013930768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 153.746273] [ 153.746273] stack backtrace: [ 153.746700] CPU: 0 UID: 0 PID: 3844 Comm: kworker/u8:2 Not tainted 6.13.0-rc7-next-20250117 #1 [ 153.747500] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 153.748261] Workqueue: netns cleanup_net [ 153.748671] Call Trace: [ 153.748921] [ 153.749143] dump_stack_lvl+0xca/0x120 [ 153.749550] print_circular_bug+0x47b/0x750 [ 153.749988] check_noncircular+0x2e9/0x3c0 [ 153.750409] ? srso_return_thunk+0x5/0x5f [ 153.750846] ? __pfx_check_noncircular+0x10/0x10 [ 153.751329] ? hlock_class+0x4e/0x130 [ 153.751708] ? mark_lock+0xac/0xed0 [ 153.752084] ? srso_return_thunk+0x5/0x5f [ 153.752517] ? lock_release+0x20f/0x6f0 [ 153.752931] ? lockdep_lock+0xba/0x1b0 [ 153.753345] ? __pfx_lockdep_lock+0x10/0x10 [ 153.753798] __lock_acquire+0x29fd/0x4580 [ 153.754234] ? __pfx___lock_acquire+0x10/0x10 [ 153.754691] ? lock_release+0x20f/0x6f0 [ 153.755096] ? __pfx_lock_release+0x10/0x10 [ 153.755529] lock_acquire+0x19b/0x520 [ 153.755924] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 153.756499] ? __pfx_lock_acquire+0x10/0x10 [ 153.756933] ? srso_return_thunk+0x5/0x5f [ 153.757366] ? lock_release+0x20f/0x6f0 [ 153.757775] ? srso_return_thunk+0x5/0x5f [ 153.758210] ? lock_is_held_type+0x9e/0x120 [ 153.758661] ? srso_return_thunk+0x5/0x5f [ 153.759093] __mutex_lock+0x13d/0xb50 [ 153.759488] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 153.760053] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 153.760620] ? srso_return_thunk+0x5/0x5f [ 153.761046] ? synchronize_rcu_expedited+0x38a/0x420 [ 153.761546] ? __pfx___mutex_lock+0x10/0x10 [ 153.761992] ? __pfx_autoremove_wake_function+0x10/0x10 [ 153.762526] ? srso_return_thunk+0x5/0x5f [ 153.762955] ? kasan_quarantine_put+0x84/0x1e0 [ 153.763429] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 153.763879] ? srso_return_thunk+0x5/0x5f [ 153.764310] unregister_netdevice_many_notify+0x1612/0x1c80 [ 153.764859] ? __virt_addr_valid+0x2e8/0x5d0 [ 153.765307] ? __pfx_lock_release+0x10/0x10 [ 153.765738] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 153.766325] ? find_held_lock+0x2c/0x110 [ 153.766750] ? srso_return_thunk+0x5/0x5f [ 153.767185] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 153.767688] ? srso_return_thunk+0x5/0x5f [ 153.768115] ? lock_release+0x20f/0x6f0 [ 153.768521] ? __pfx_lock_release+0x10/0x10 [ 153.768957] ? srso_return_thunk+0x5/0x5f [ 153.769389] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 153.769912] ? srso_return_thunk+0x5/0x5f [ 153.770348] unregister_netdevice_queue+0x224/0x2e0 [ 153.770845] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 153.771376] ? up_write+0x195/0x520 [ 153.771762] _cfg80211_unregister_wdev+0x57b/0x700 [ 153.772254] ? srso_return_thunk+0x5/0x5f [ 153.772688] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 153.773178] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 153.773720] ? srso_return_thunk+0x5/0x5f [ 153.774150] ? srso_return_thunk+0x5/0x5f [ 153.774578] ? synchronize_rcu+0x1ff/0x260 [ 153.775001] ieee80211_unregister_hw+0x55/0x3a0 [ 153.775461] hwsim_exit_net+0x3a0/0x730 [ 153.775861] ? __pfx_hwsim_exit_net+0x10/0x10 [ 153.776306] ? srso_return_thunk+0x5/0x5f [ 153.776744] ? netdev_run_todo+0x788/0x1040 [ 153.777188] ? __pfx_hwsim_exit_net+0x10/0x10 [ 153.777642] ops_exit_list+0xb3/0x180 [ 153.778037] cleanup_net+0x546/0xad0 [ 153.778421] ? __pfx_cleanup_net+0x10/0x10 [ 153.778854] process_one_work+0x8ee/0x1a10 [ 153.779301] ? __pfx_lock_acquire+0x10/0x10 [ 153.779734] ? __pfx_process_one_work+0x10/0x10 [ 153.780239] ? srso_return_thunk+0x5/0x5f [ 153.780672] ? move_linked_works+0x172/0x270 [ 153.781117] ? srso_return_thunk+0x5/0x5f [ 153.781543] ? assign_work+0x196/0x240 [ 153.781957] worker_thread+0x674/0xe70 [ 153.782367] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 153.782892] ? srso_return_thunk+0x5/0x5f [ 153.783331] ? __pfx_worker_thread+0x10/0x10 [ 153.783797] kthread+0x3ab/0x720 [ 153.784161] ? __pfx_kthread+0x10/0x10 [ 153.784562] ? srso_return_thunk+0x5/0x5f [ 153.784992] ? finish_task_switch.isra.0+0x206/0x840 [ 153.785496] ? __pfx_kthread+0x10/0x10 [ 153.785928] ret_from_fork+0x48/0x80 [ 153.786302] ? __pfx_kthread+0x10/0x10 [ 153.786713] ret_from_fork_asm+0x1a/0x30 [ 153.787151] [ 156.046852] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 156.049102] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 156.052626] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 156.060513] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 156.062051] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 156.062929] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 158.087692] Bluetooth: hci0: command tx timeout [ 160.135886] Bluetooth: hci0: command tx timeout [ 162.186121] Bluetooth: hci0: command tx timeout VM DIAGNOSIS: 11:12:34 Registers: info registers vcpu 0 RAX=dffffc0000000005 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9 RSI=ffffffff8283cd30 RDI=ffffffff886930a0 RBP=ffffffff88693060 RSP=ffff8880158d6b68 R8 =0000000000000001 R9 =ffffed1002b1ad5c R10=0000000000000001 R11=0000000023203e2d R12=ffffffff886930b0 R13=ffff8880158d6e60 R14=ffffffff88693320 R15=0000000000000000 RIP=ffffffff8283cd85 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000559195130ac8 CR3=000000000c11a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=ffffffff0000000b0000559195127b20 XMM02=ffffff0f0e0d0c0b0a09080706050403 XMM03=696e656420737365636341002f737973 XMM04=313d4d554e514553003078303d4e4f53 XMM05=4b465200313d45544154535f4c4c494b XMM06=545f4c4c494b465200376963683d454d XMM07=3d4d455453595342555300396c6c696b XMM08=00000000000000410000000000000020 XMM09=00000000000000000000000000000000 XMM10=00000000202000000000000020200000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=ffff88802b0d8000 RCX=ffffffff8172e6b1 RDX=1ffff1100561b07f RSI=ffffffff8172e6d8 RDI=ffff88800da97c98 RBP=ffff88802b0d83f8 RSP=ffff88801674fdc0 R8 =0000000000000000 R9 =ffffed1001b52f86 R10=0000000000000000 R11=0000000000000000 R12=000000007fff0000 R13=dffffc0000000000 R14=ffff88801674fe28 R15=ffffc900006b1000 RIP=ffffffff81459b7c RFL=00000212 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fa150ef28c0 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f5dbc2e91c0 CR3=000000003b476000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=000000000000002f002f2e2e2f002e2e XMM01=0000000000000000696c61766e49002f XMM02=ffffffffffffff0f0e0d0c0b0a090807 XMM03=656565690030316d697377682f6d6973 XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=00000007000000080000559195147c20 XMM06=000055919512c9a00000000400000000 XMM07=00000000000000000000000000000000 XMM08=7269762f736563697665642f7379732f XMM09=00000000000000000000000000000000 XMM10=00000000202000000000000020200000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000