Warning: Permanently added '[localhost]:25786' (ECDSA) to the list of known hosts. 2025/01/18 11:21:14 fuzzer started 2025/01/18 11:21:15 dialing manager at localhost:44245 syzkaller login: [ 62.335642] cgroup: Unknown subsys name 'net' [ 62.446586] cgroup: Unknown subsys name 'cpuset' [ 62.479252] cgroup: Unknown subsys name 'rlimit' [ 68.554508] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/18 11:21:33 syscalls: 2217 2025/01/18 11:21:33 code coverage: enabled 2025/01/18 11:21:33 comparison tracing: enabled 2025/01/18 11:21:33 extra coverage: enabled 2025/01/18 11:21:33 setuid sandbox: enabled 2025/01/18 11:21:33 namespace sandbox: enabled 2025/01/18 11:21:33 Android sandbox: enabled 2025/01/18 11:21:33 fault injection: enabled 2025/01/18 11:21:33 leak checking: enabled 2025/01/18 11:21:33 net packet injection: enabled 2025/01/18 11:21:33 net device setup: enabled 2025/01/18 11:21:33 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/18 11:21:33 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/18 11:21:33 USB emulation: enabled 2025/01/18 11:21:33 hci packet injection: enabled 2025/01/18 11:21:33 wifi device emulation: enabled 2025/01/18 11:21:33 802.15.4 emulation: enabled 2025/01/18 11:21:33 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/18 11:21:33 fetching corpus: 50, signal 21958/25172 (executing program) 2025/01/18 11:21:33 fetching corpus: 100, signal 32873/37085 (executing program) 2025/01/18 11:21:34 fetching corpus: 150, signal 43525/48292 (executing program) 2025/01/18 11:21:34 fetching corpus: 200, signal 48696/54156 (executing program) 2025/01/18 11:21:34 fetching corpus: 250, signal 54315/60244 (executing program) 2025/01/18 11:21:34 fetching corpus: 300, signal 59272/65545 (executing program) 2025/01/18 11:21:34 fetching corpus: 350, signal 63814/70309 (executing program) 2025/01/18 11:21:35 fetching corpus: 400, signal 66650/73461 (executing program) 2025/01/18 11:21:35 fetching corpus: 450, signal 69526/76528 (executing program) 2025/01/18 11:21:35 fetching corpus: 500, signal 73397/80323 (executing program) 2025/01/18 11:21:35 fetching corpus: 550, signal 76291/83159 (executing program) 2025/01/18 11:21:35 fetching corpus: 600, signal 79141/85873 (executing program) 2025/01/18 11:21:35 fetching corpus: 650, signal 81167/87865 (executing program) 2025/01/18 11:21:36 fetching corpus: 700, signal 83127/89742 (executing program) 2025/01/18 11:21:36 fetching corpus: 750, signal 84483/91104 (executing program) 2025/01/18 11:21:36 fetching corpus: 800, signal 86334/92773 (executing program) 2025/01/18 11:21:36 fetching corpus: 850, signal 87923/94208 (executing program) 2025/01/18 11:21:36 fetching corpus: 900, signal 90811/96435 (executing program) 2025/01/18 11:21:36 fetching corpus: 950, signal 92438/97756 (executing program) 2025/01/18 11:21:37 fetching corpus: 1000, signal 94573/99342 (executing program) 2025/01/18 11:21:37 fetching corpus: 1050, signal 96505/100738 (executing program) 2025/01/18 11:21:37 fetching corpus: 1100, signal 99782/102810 (executing program) 2025/01/18 11:21:37 fetching corpus: 1150, signal 101597/103892 (executing program) 2025/01/18 11:21:37 fetching corpus: 1200, signal 103230/104841 (executing program) 2025/01/18 11:21:37 fetching corpus: 1250, signal 104620/105591 (executing program) 2025/01/18 11:21:37 fetching corpus: 1262, signal 104892/105773 (executing program) 2025/01/18 11:21:37 fetching corpus: 1262, signal 104892/105809 (executing program) 2025/01/18 11:21:37 fetching corpus: 1262, signal 104892/105852 (executing program) 2025/01/18 11:21:37 fetching corpus: 1262, signal 104892/105886 (executing program) 2025/01/18 11:21:37 fetching corpus: 1262, signal 104892/105914 (executing program) 2025/01/18 11:21:37 fetching corpus: 1262, signal 104892/105953 (executing program) 2025/01/18 11:21:37 fetching corpus: 1262, signal 104892/105982 (executing program) 2025/01/18 11:21:37 fetching corpus: 1262, signal 104892/106021 (executing program) 2025/01/18 11:21:38 fetching corpus: 1262, signal 104892/106057 (executing program) 2025/01/18 11:21:38 fetching corpus: 1262, signal 104892/106091 (executing program) 2025/01/18 11:21:38 fetching corpus: 1262, signal 104892/106123 (executing program) 2025/01/18 11:21:38 fetching corpus: 1262, signal 104892/106150 (executing program) 2025/01/18 11:21:38 fetching corpus: 1262, signal 104892/106186 (executing program) 2025/01/18 11:21:38 fetching corpus: 1262, signal 104892/106210 (executing program) 2025/01/18 11:21:38 fetching corpus: 1262, signal 104892/106240 (executing program) 2025/01/18 11:21:38 fetching corpus: 1262, signal 104892/106269 (executing program) 2025/01/18 11:21:38 fetching corpus: 1262, signal 104892/106300 (executing program) 2025/01/18 11:21:38 fetching corpus: 1262, signal 104892/106334 (executing program) 2025/01/18 11:21:38 fetching corpus: 1262, signal 104892/106364 (executing program) 2025/01/18 11:21:38 fetching corpus: 1262, signal 104892/106395 (executing program) 2025/01/18 11:21:38 fetching corpus: 1262, signal 104892/106432 (executing program) 2025/01/18 11:21:38 fetching corpus: 1262, signal 104892/106467 (executing program) 2025/01/18 11:21:38 fetching corpus: 1262, signal 104892/106491 (executing program) 2025/01/18 11:21:38 fetching corpus: 1262, signal 104892/106522 (executing program) 2025/01/18 11:21:38 fetching corpus: 1262, signal 104892/106540 (executing program) 2025/01/18 11:21:38 fetching corpus: 1262, signal 104892/106582 (executing program) 2025/01/18 11:21:38 fetching corpus: 1262, signal 104892/106614 (executing program) 2025/01/18 11:21:38 fetching corpus: 1262, signal 104892/106624 (executing program) 2025/01/18 11:21:38 fetching corpus: 1262, signal 104892/106624 (executing program) 2025/01/18 11:21:42 starting 8 fuzzer processes 11:21:42 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) 11:21:42 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000080c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) recvmmsg$unix(r0, &(0x7f0000002c80)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{0xfffffffffffffffc}], 0x1}}], 0x2, 0x0, 0x0) write(r0, 0x0, 0x0) 11:21:42 executing program 2: prctl$PR_SET_MM(0x23, 0x3, &(0x7f0000ffb000/0x2000)=nil) prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000ffc000/0x1000)=nil) 11:21:42 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000005c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_TX_POWER(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000600)={0x28, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x28}}, 0x0) [ 89.532770] audit: type=1400 audit(1737199302.689:7): avc: denied { execmem } for pid=272 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 11:21:42 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000880), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000a80)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r0, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000ac0)={0x1c, r1, 0x225, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0) 11:21:42 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup3(r1, r0, 0x0) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000080)={'syz_tun\x00', &(0x7f0000000140)=@ethtool_stats={0x1d, 0x1, [0x0]}}) 11:21:42 executing program 6: r0 = memfd_create(&(0x7f0000000900)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed9\xc9\xe0E\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\x01\x00\x00\x80\x05\x00\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\xff#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\xcf_\xb6\x91\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x04\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf}\x19\x1d)\x062\xe0\x9e\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x103#\xa1J\xae\x89f\xc3\x10\a\x1d\xe7s\xa7\xc4\xf273\x01\x00\xb3_\xe8!N;\xaax\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9\x11\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\x01\x01\x00\x00\x00\x00\x00\x00\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/\\\x01\xe2\xba\x0e\xe3\xf95\x1d\x10\xa7\xe0?\x02\xb3\xf3\xb5d\xa1\xcf\x1d\x92\x9b\x9b\xa7\x12F\xa0\xe0\xff\x1a\x8e\xe2ae^=\n\xe1\xa6\xb8\xe9v\x8f2\xf4\xac\xe5\xdf\xffi`Mo\x1e\x1cMN<\x1b\xd8\xfe\xd6P\xcdQ\x83\xfa\xe7\x1d\xd5\x01n\xa7~\xad\x90/62\xff;.S\xf7\x0flwa\x16\xf0\xf2(\x96V,\xd7s\xaaOE\xd3H\xfd`}\xd8\xbc\x9a\xca\xe3\n\xd7fCe\xd8\xbb\xdao\xb0\x85\xcc\xedv\x94\xb5\xc4\xb6[>\xb9,\xfch_-s\x94,F\x15\xd8m5>\x94\x84\xf5\x00\xc3\xf6m\xc7B\t{\xe0d\xc65(\x18\x9c\xad\x13b6\xca\x16\x95\xcb^zF\xd0\x1a\x8dP\x94\x19\xa4\x96\xed\xaaDQ\xae|Zc\xbbu\x02A\x12\xb1\xb6\xd7\x9b\x86-X\xe4\x97!\x0e\xac\xf0\xaa\x00\x18\a<\xd3\x8f\x94JKL><\xbc\x95\xfc\xa2E\xd1\f%No\xfbfX\x8e\x0f\xd7\xb5\x1df\x86\xc2\x16\xccX\xe4\xf4rg\x92\xac\x84\x11\xb0\x8244\xdb\x02\xa8\x81\x1e\xcam\xad3\xdf\x03\x812\xa2;\xe7\x02{Q0z\x8d\\\xf1R\x8a\x8b\x8cO0\x90c\x9e\xdc\xbd=}\x0ej\xf2\x98\x9e\x1eC(7\xba7\xdb\xe3\xca\f\xcc+\xd7\x9c\xfb\xbf\x15\xb6\xd9\xab@\xd7I\xe1M1\xd1\x11#\'\xb6\xc7T,\xf2]\xef\xfct(h?\x04\xdc\xb7\xcb|\xeb\xb8\xcd\x93S\x92@>\x1d\xa7\xe3/\xca\xd9[\xc3e\x84\xca:\xb0\xbd\x18!\"vN\xc9$\v\x97\xb05\xc6\xfa\xc3A4\xef\xdftV\x14\x88\xf5\x1c\xdf6OG0Z\x17\xf8\t\v\x12:\xae\x1f\xec\xfb\xe5rW\x02P\x80\\wlJ\x18\xeaqrp\xb0?\xa1x\xc4\x90\xbfN\xb8v3g\x8d\x8cX\xbaL\x04x6\x98\f\xe9\x01\x14m\x1c\x8b\xed{\xb7\xce\xc0p\x8d\x94\x0e#\xd4', 0x7) ftruncate(r0, 0x2000000) readv(r0, &(0x7f0000000480)=[{&(0x7f0000000880)=""/107, 0x200002}], 0x1) 11:21:42 executing program 7: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) getpeername(r0, 0x0, &(0x7f00000001c0)) [ 90.731970] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 90.734363] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 90.735035] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 90.740064] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 90.742690] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 90.744910] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 90.998731] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 90.999725] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 91.005301] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 91.005823] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 91.010635] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 91.010992] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 91.015049] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 91.019910] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 91.023601] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 91.025810] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 91.029971] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 91.033722] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 91.037842] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 91.039783] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 91.046498] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 91.048278] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 91.050691] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 91.054011] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 91.055305] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 91.056300] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 91.056661] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 91.061486] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 91.065812] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 91.068672] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 91.071638] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 91.076245] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 91.078580] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 91.081257] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 91.086974] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 91.096025] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 91.098863] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 91.100786] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 91.103366] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 91.119616] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 91.124647] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 91.126990] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 91.146460] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 91.150636] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 91.152598] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 91.157877] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 91.160719] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 91.162502] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 92.828036] Bluetooth: hci0: command tx timeout [ 93.148467] Bluetooth: hci4: command tx timeout [ 93.148548] Bluetooth: hci5: command tx timeout [ 93.148920] Bluetooth: hci3: command tx timeout [ 93.148932] Bluetooth: hci2: command tx timeout [ 93.149207] Bluetooth: hci1: command tx timeout [ 93.211522] Bluetooth: hci6: command tx timeout [ 93.211560] Bluetooth: hci7: command tx timeout [ 94.875515] Bluetooth: hci0: command tx timeout [ 95.195532] Bluetooth: hci1: command tx timeout [ 95.195608] Bluetooth: hci2: command tx timeout [ 95.195680] Bluetooth: hci3: command tx timeout [ 95.195732] Bluetooth: hci5: command tx timeout [ 95.195810] Bluetooth: hci4: command tx timeout [ 95.259461] Bluetooth: hci6: command tx timeout [ 95.259481] Bluetooth: hci7: command tx timeout [ 96.925504] Bluetooth: hci0: command tx timeout [ 97.243511] Bluetooth: hci4: command tx timeout [ 97.244186] Bluetooth: hci5: command tx timeout [ 97.244260] Bluetooth: hci3: command tx timeout [ 97.244361] Bluetooth: hci2: command tx timeout [ 97.246439] Bluetooth: hci1: command tx timeout [ 97.307482] Bluetooth: hci7: command tx timeout [ 97.309504] Bluetooth: hci6: command tx timeout [ 98.972528] Bluetooth: hci0: command tx timeout [ 99.291592] Bluetooth: hci5: command tx timeout [ 99.291625] Bluetooth: hci1: command tx timeout [ 99.291712] Bluetooth: hci2: command tx timeout [ 99.291801] Bluetooth: hci3: command tx timeout [ 99.291852] Bluetooth: hci4: command tx timeout [ 99.356174] Bluetooth: hci6: command tx timeout [ 99.356195] Bluetooth: hci7: command tx timeout [ 151.226735] [ 151.226992] ====================================================== [ 151.227593] WARNING: possible circular locking dependency detected [ 151.228187] 6.13.0-rc7-next-20250117 #1 Not tainted [ 151.228670] ------------------------------------------------------ [ 151.229971] kworker/u8:0/11 is trying to acquire lock: [ 151.231232] ffffffff8621b968 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 151.233227] [ 151.233227] but task is already holding lock: [ 151.234950] ffff8880156c0768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 151.236962] [ 151.236962] which lock already depends on the new lock. [ 151.236962] [ 151.238466] [ 151.238466] the existing dependency chain (in reverse order) is: [ 151.239168] [ 151.239168] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 151.239807] __mutex_lock+0x13d/0xb50 [ 151.240271] wiphy_register+0x1b2e/0x25d0 [ 151.240763] ieee80211_register_hw+0x23a4/0x3d60 [ 151.241304] mac80211_hwsim_new_radio+0x2759/0x4d50 [ 151.241870] init_mac80211_hwsim+0x389/0x870 [ 151.242376] do_one_initcall+0xf9/0x640 [ 151.242851] kernel_init_freeable+0x53d/0x7a0 [ 151.243345] kernel_init+0x1e/0x2d0 [ 151.243743] ret_from_fork+0x48/0x80 [ 151.244153] ret_from_fork_asm+0x1a/0x30 [ 151.244643] [ 151.244643] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 151.245266] __lock_acquire+0x29fd/0x4580 [ 151.245752] lock_acquire+0x19b/0x520 [ 151.246200] __mutex_lock+0x13d/0xb50 [ 151.246667] unregister_netdevice_many_notify+0x1612/0x1c80 [ 151.247295] unregister_netdevice_queue+0x224/0x2e0 [ 151.247851] _cfg80211_unregister_wdev+0x57b/0x700 [ 151.248411] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 151.248966] ieee80211_unregister_hw+0x55/0x3a0 [ 151.249492] hwsim_exit_net+0x3a0/0x730 [ 151.249957] ops_exit_list+0xb3/0x180 [ 151.250412] cleanup_net+0x546/0xad0 [ 151.250869] process_one_work+0x8ee/0x1a10 [ 151.251348] worker_thread+0x674/0xe70 [ 151.251795] kthread+0x3ab/0x720 [ 151.252194] ret_from_fork+0x48/0x80 [ 151.252597] ret_from_fork_asm+0x1a/0x30 [ 151.253056] [ 151.253056] other info that might help us debug this: [ 151.253056] [ 151.253792] Possible unsafe locking scenario: [ 151.253792] [ 151.254365] CPU0 CPU1 [ 151.254800] ---- ---- [ 151.255218] lock(&rdev->wiphy.mtx); [ 151.255595] lock(rtnl_mutex); [ 151.256136] lock(&rdev->wiphy.mtx); [ 151.256718] lock(rtnl_mutex); [ 151.257077] [ 151.257077] *** DEADLOCK *** [ 151.257077] [ 151.257642] 4 locks held by kworker/u8:0/11: [ 151.258049] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 151.259024] #1: ffff8880095dfd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 151.260053] #2: ffffffff8620f810 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 151.260949] #3: ffff8880156c0768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 151.261974] [ 151.261974] stack backtrace: [ 151.262417] CPU: 0 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.13.0-rc7-next-20250117 #1 [ 151.263244] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 151.264020] Workqueue: netns cleanup_net [ 151.264440] Call Trace: [ 151.264695] [ 151.264923] dump_stack_lvl+0xca/0x120 [ 151.265340] print_circular_bug+0x47b/0x750 [ 151.265786] check_noncircular+0x2e9/0x3c0 [ 151.266218] ? lock_repin_lock+0x207/0x320 [ 151.266650] ? __pfx_check_noncircular+0x10/0x10 [ 151.267114] ? hlock_class+0x4e/0x130 [ 151.267497] ? mark_lock+0xac/0xed0 [ 151.267872] ? __pfx_lock_repin_lock+0x10/0x10 [ 151.268334] ? lockdep_lock+0xba/0x1b0 [ 151.268725] ? __pfx_lockdep_lock+0x10/0x10 [ 151.269153] __lock_acquire+0x29fd/0x4580 [ 151.269560] ? __pfx___lock_acquire+0x10/0x10 [ 151.269989] ? lock_release+0x20f/0x6f0 [ 151.270373] ? __pfx_lock_release+0x10/0x10 [ 151.270804] lock_acquire+0x19b/0x520 [ 151.271175] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 151.271757] ? __pfx_lock_acquire+0x10/0x10 [ 151.272199] ? srso_return_thunk+0x5/0x5f [ 151.272637] ? lock_release+0x20f/0x6f0 [ 151.273043] ? srso_return_thunk+0x5/0x5f [ 151.273481] ? lock_is_held_type+0x9e/0x120 [ 151.273927] ? srso_return_thunk+0x5/0x5f [ 151.274365] __mutex_lock+0x13d/0xb50 [ 151.274785] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 151.275361] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 151.275938] ? srso_return_thunk+0x5/0x5f [ 151.276382] ? synchronize_rcu_expedited+0x38a/0x420 [ 151.276889] ? __pfx___mutex_lock+0x10/0x10 [ 151.277339] ? __pfx_autoremove_wake_function+0x10/0x10 [ 151.277882] ? srso_return_thunk+0x5/0x5f [ 151.278321] ? kasan_quarantine_put+0x84/0x1e0 [ 151.278822] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 151.279277] ? srso_return_thunk+0x5/0x5f [ 151.279720] unregister_netdevice_many_notify+0x1612/0x1c80 [ 151.280274] ? __virt_addr_valid+0x2e8/0x5d0 [ 151.280730] ? __pfx_lock_release+0x10/0x10 [ 151.281165] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 151.281750] ? find_held_lock+0x2c/0x110 [ 151.282176] ? srso_return_thunk+0x5/0x5f [ 151.282609] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 151.283126] ? srso_return_thunk+0x5/0x5f [ 151.283563] ? lock_release+0x20f/0x6f0 [ 151.283971] ? __pfx_lock_release+0x10/0x10 [ 151.284391] ? srso_return_thunk+0x5/0x5f [ 151.284801] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 151.285296] ? srso_return_thunk+0x5/0x5f [ 151.285709] unregister_netdevice_queue+0x224/0x2e0 [ 151.286177] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 151.286694] ? up_write+0x195/0x520 [ 151.287072] _cfg80211_unregister_wdev+0x57b/0x700 [ 151.287542] ? srso_return_thunk+0x5/0x5f [ 151.287958] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 151.288426] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 151.288937] ? srso_return_thunk+0x5/0x5f [ 151.289345] ? srso_return_thunk+0x5/0x5f [ 151.289769] ? synchronize_rcu+0x1ff/0x260 [ 151.290200] ieee80211_unregister_hw+0x55/0x3a0 [ 151.290682] hwsim_exit_net+0x3a0/0x730 [ 151.291100] ? __pfx_hwsim_exit_net+0x10/0x10 [ 151.291558] ? srso_return_thunk+0x5/0x5f [ 151.291992] ? netdev_run_todo+0x788/0x1040 [ 151.292437] ? __pfx_hwsim_exit_net+0x10/0x10 [ 151.292888] ops_exit_list+0xb3/0x180 [ 151.293282] cleanup_net+0x546/0xad0 [ 151.293672] ? __pfx_cleanup_net+0x10/0x10 [ 151.294112] process_one_work+0x8ee/0x1a10 [ 151.294570] ? __pfx_lock_acquire+0x10/0x10 [ 151.295031] ? __pfx_process_one_work+0x10/0x10 [ 151.295519] ? srso_return_thunk+0x5/0x5f [ 151.295955] ? move_linked_works+0x172/0x270 [ 151.296401] ? srso_return_thunk+0x5/0x5f [ 151.296830] ? assign_work+0x196/0x240 [ 151.297244] worker_thread+0x674/0xe70 [ 151.297658] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 151.298337] ? __pfx_worker_thread+0x10/0x10 [ 151.298820] kthread+0x3ab/0x720 [ 151.299186] ? __pfx_kthread+0x10/0x10 [ 151.299596] ? srso_return_thunk+0x5/0x5f [ 151.300024] ? finish_task_switch.isra.0+0x206/0x840 [ 151.300545] ? __pfx_kthread+0x10/0x10 [ 151.300957] ret_from_fork+0x48/0x80 [ 151.301333] ? __pfx_kthread+0x10/0x10 [ 151.301746] ret_from_fork_asm+0x1a/0x30 [ 151.302182] [ 153.253445] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 153.257211] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 153.259669] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 153.264345] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 153.268140] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 153.270825] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 153.384647] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 153.385009] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 153.386522] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 153.389338] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 153.389846] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 153.392067] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 153.396287] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 153.397295] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 153.398993] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 153.405200] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 153.405565] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 153.410046] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 153.453763] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 153.458305] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 153.464064] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 153.464308] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 153.472034] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 153.472297] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 153.473472] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 153.475879] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 153.479441] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 153.480278] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 153.480754] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 153.501215] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 153.501561] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 153.502246] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 153.504003] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 153.504480] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 153.505183] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 153.513491] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 153.520827] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 153.559734] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 153.562078] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 153.577882] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 153.586341] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 153.589003] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 153.612493] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 153.631733] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 153.637675] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 153.665710] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 153.670699] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 153.672713] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 155.291459] Bluetooth: hci0: command tx timeout [ 155.483474] Bluetooth: hci2: command tx timeout [ 155.483603] Bluetooth: hci1: command tx timeout [ 155.547577] Bluetooth: hci4: command tx timeout [ 155.547695] Bluetooth: hci3: command tx timeout [ 155.611508] Bluetooth: hci5: command tx timeout [ 155.676101] Bluetooth: hci6: command tx timeout [ 155.739724] Bluetooth: hci7: command tx timeout [ 157.339813] Bluetooth: hci0: command tx timeout [ 157.532958] Bluetooth: hci2: command tx timeout [ 157.533099] Bluetooth: hci1: command tx timeout [ 157.597437] Bluetooth: hci4: command tx timeout [ 157.597558] Bluetooth: hci3: command tx timeout [ 157.659517] Bluetooth: hci5: command tx timeout [ 157.723647] Bluetooth: hci6: command tx timeout [ 157.789448] Bluetooth: hci7: command tx timeout [ 159.387458] Bluetooth: hci0: command tx timeout [ 159.579624] Bluetooth: hci1: command tx timeout [ 159.579878] Bluetooth: hci2: command tx timeout [ 159.643589] Bluetooth: hci4: command tx timeout [ 159.645438] Bluetooth: hci3: command tx timeout [ 159.707483] Bluetooth: hci5: command tx timeout [ 159.774422] Bluetooth: hci6: command tx timeout [ 159.835480] Bluetooth: hci7: command tx timeout VM DIAGNOSIS: 11:22:44 Registers: info registers vcpu 0 RAX=0000000000000062 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8283cdc5 RDI=ffffffff886930a0 RBP=ffffffff88693060 RSP=ffff8880095debb8 R8 =0000000000000001 R9 =ffffed10012bbd67 R10=0000000000000062 R11=3a6b636f6c206762 R12=0000000000000062 R13=0000000000000001 R14=ffff888008fea020 R15=ffff8880095deeb8 RIP=ffffffff8283ce1d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f440b0f5000 CR3=0000000018bb6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000004180b00600000000 XMM03=0000ff00000000000000000000000000 XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962 XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=ffff88806f483740 RCX=ffffffff81429a4a RDX=1ffff11001d7c180 RSI=0000000000000008 RDI=ffff88800ebe0c00 RBP=0000000000000000 RSP=ffff88800f2bfdd0 R8 =0000000000000000 R9 =ffffed1001d7c180 R10=ffff88800ebe0c07 R11=ffff88800f2b04b8 R12=ffff88806f483ff9 R13=ffffffff88648900 R14=ffff88800f2b0000 R15=0000000000000086 RIP=ffffffff81aede14 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe7400000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000001f27f60 CR3=0000000018bb6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=000000000000000040c0000000000000 XMM03=000000c000329290000000c0000b2190 XMM04=000000c000057530000000c00017c510 XMM05=000000c00017c570000000c00017c540 XMM06=000000c00017c5d0000000c00017c5a0 XMM07=000000c00017fa20000000c00017c600 XMM08=000000c00017c4b0000000c00017c480 XMM09=000000c00017c510000000c00017c4e0 XMM10=000000c00017c540000000c000057530 XMM11=000000c00017c5a0000000c00017c570 XMM12=000000c00017c600000000c00017c5d0 XMM13=000000c00017c660000000c00017c630 XMM14=000000c00017c6c0000000c00017c690 XMM15=000000c000107080000000c00017c6f0