Warning: Permanently added '[localhost]:28675' (ECDSA) to the list of known hosts. 2025/01/18 11:36:03 fuzzer started 2025/01/18 11:36:03 dialing manager at localhost:44245 syzkaller login: [ 69.718121] cgroup: Unknown subsys name 'net' [ 69.831089] cgroup: Unknown subsys name 'cpuset' [ 69.876390] cgroup: Unknown subsys name 'rlimit' [ 75.395477] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 86.108834] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/18 11:36:20 syscalls: 2217 2025/01/18 11:36:20 code coverage: enabled 2025/01/18 11:36:20 comparison tracing: enabled 2025/01/18 11:36:20 extra coverage: enabled 2025/01/18 11:36:20 setuid sandbox: enabled 2025/01/18 11:36:20 namespace sandbox: enabled 2025/01/18 11:36:20 Android sandbox: enabled 2025/01/18 11:36:20 fault injection: enabled 2025/01/18 11:36:20 leak checking: enabled 2025/01/18 11:36:20 net packet injection: enabled 2025/01/18 11:36:20 net device setup: enabled 2025/01/18 11:36:20 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/18 11:36:20 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/18 11:36:20 USB emulation: enabled 2025/01/18 11:36:20 hci packet injection: enabled 2025/01/18 11:36:20 wifi device emulation: enabled 2025/01/18 11:36:20 802.15.4 emulation: enabled 2025/01/18 11:36:20 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/18 11:36:20 fetching corpus: 50, signal 29706/32587 (executing program) 2025/01/18 11:36:21 fetching corpus: 100, signal 36227/40227 (executing program) 2025/01/18 11:36:21 fetching corpus: 150, signal 45064/49746 (executing program) 2025/01/18 11:36:21 fetching corpus: 200, signal 52097/57239 (executing program) 2025/01/18 11:36:21 fetching corpus: 250, signal 57549/63070 (executing program) 2025/01/18 11:36:21 fetching corpus: 300, signal 61832/67724 (executing program) 2025/01/18 11:36:21 fetching corpus: 350, signal 65035/71266 (executing program) 2025/01/18 11:36:22 fetching corpus: 400, signal 68162/74662 (executing program) 2025/01/18 11:36:22 fetching corpus: 450, signal 71120/77786 (executing program) 2025/01/18 11:36:22 fetching corpus: 500, signal 73357/80256 (executing program) 2025/01/18 11:36:22 fetching corpus: 550, signal 76098/82961 (executing program) 2025/01/18 11:36:22 fetching corpus: 600, signal 79870/86323 (executing program) 2025/01/18 11:36:22 fetching corpus: 650, signal 81521/88028 (executing program) 2025/01/18 11:36:23 fetching corpus: 700, signal 83755/90098 (executing program) 2025/01/18 11:36:23 fetching corpus: 750, signal 88173/93648 (executing program) 2025/01/18 11:36:23 fetching corpus: 800, signal 89858/95121 (executing program) 2025/01/18 11:36:23 fetching corpus: 850, signal 92367/97117 (executing program) 2025/01/18 11:36:23 fetching corpus: 900, signal 94271/98638 (executing program) 2025/01/18 11:36:23 fetching corpus: 950, signal 95617/99698 (executing program) 2025/01/18 11:36:24 fetching corpus: 1000, signal 97164/100884 (executing program) 2025/01/18 11:36:24 fetching corpus: 1050, signal 98959/102103 (executing program) 2025/01/18 11:36:24 fetching corpus: 1100, signal 100947/103360 (executing program) 2025/01/18 11:36:24 fetching corpus: 1150, signal 102393/104273 (executing program) 2025/01/18 11:36:24 fetching corpus: 1200, signal 103675/105030 (executing program) 2025/01/18 11:36:24 fetching corpus: 1250, signal 104785/105649 (executing program) 2025/01/18 11:36:24 fetching corpus: 1262, signal 104892/105741 (executing program) 2025/01/18 11:36:24 fetching corpus: 1262, signal 104892/105772 (executing program) 2025/01/18 11:36:24 fetching corpus: 1262, signal 104892/105806 (executing program) 2025/01/18 11:36:24 fetching corpus: 1262, signal 104892/105832 (executing program) 2025/01/18 11:36:25 fetching corpus: 1262, signal 104892/105865 (executing program) 2025/01/18 11:36:25 fetching corpus: 1262, signal 104892/105901 (executing program) 2025/01/18 11:36:25 fetching corpus: 1262, signal 104892/105936 (executing program) 2025/01/18 11:36:25 fetching corpus: 1262, signal 104892/105969 (executing program) 2025/01/18 11:36:25 fetching corpus: 1262, signal 104892/106003 (executing program) 2025/01/18 11:36:25 fetching corpus: 1262, signal 104892/106039 (executing program) 2025/01/18 11:36:25 fetching corpus: 1262, signal 104892/106072 (executing program) 2025/01/18 11:36:25 fetching corpus: 1262, signal 104892/106101 (executing program) 2025/01/18 11:36:25 fetching corpus: 1262, signal 104892/106136 (executing program) 2025/01/18 11:36:25 fetching corpus: 1262, signal 104892/106171 (executing program) 2025/01/18 11:36:25 fetching corpus: 1262, signal 104892/106193 (executing program) 2025/01/18 11:36:25 fetching corpus: 1262, signal 104892/106229 (executing program) 2025/01/18 11:36:25 fetching corpus: 1262, signal 104892/106268 (executing program) 2025/01/18 11:36:25 fetching corpus: 1262, signal 104892/106300 (executing program) 2025/01/18 11:36:25 fetching corpus: 1262, signal 104892/106334 (executing program) 2025/01/18 11:36:25 fetching corpus: 1262, signal 104892/106363 (executing program) 2025/01/18 11:36:25 fetching corpus: 1262, signal 104892/106393 (executing program) 2025/01/18 11:36:25 fetching corpus: 1262, signal 104892/106423 (executing program) 2025/01/18 11:36:25 fetching corpus: 1262, signal 104892/106459 (executing program) 2025/01/18 11:36:25 fetching corpus: 1262, signal 104892/106495 (executing program) 2025/01/18 11:36:25 fetching corpus: 1262, signal 104892/106548 (executing program) 2025/01/18 11:36:25 fetching corpus: 1262, signal 104892/106588 (executing program) 2025/01/18 11:36:25 fetching corpus: 1262, signal 104892/106617 (executing program) 2025/01/18 11:36:25 fetching corpus: 1262, signal 104892/106624 (executing program) 2025/01/18 11:36:25 fetching corpus: 1262, signal 104892/106624 (executing program) 2025/01/18 11:36:28 starting 8 fuzzer processes 11:36:28 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) setreuid(0x0, 0xee01) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETOBJ_RESET(r0, &(0x7f0000000c00)={&(0x7f0000000b40), 0xc, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x14}, 0x14}}, 0x0) 11:36:28 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000740)=@acquire={0x1ac, 0x17, 0x1, 0x0, 0x0, {{@in=@loopback}, @in=@private, {@in=@broadcast, @in=@dev}, {{@in=@dev, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0xa}}}, [@tmpl={0x84, 0x5, [{{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x2b}, 0x0, @in=@multicast2}, {{@in=@loopback}, 0x0, @in6=@empty}]}]}, 0x1ac}}, 0x0) 11:36:28 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000440)={'wlan1\x00', &(0x7f0000000400)=@ethtool_ringparam={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}}) 11:36:28 executing program 3: clone(0x48adbf40, 0x0, 0x0, 0x0, 0x0) [ 94.751121] audit: type=1400 audit(1737200188.754:7): avc: denied { execmem } for pid=279 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 11:36:28 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x163008, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x10040aa, &(0x7f0000000180)={[{@commit}, {@grpquota}]}) 11:36:28 executing program 5: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000500), 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc058534f, 0x0) 11:36:28 executing program 6: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x4b, &(0x7f0000003300), 0x4) 11:36:28 executing program 7: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000), 0x6) write$bt_hci(r0, &(0x7f0000000080)={0x1, @write_auth_payload_to={{0xc7c, 0x4}}}, 0x8) [ 96.170808] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 96.173498] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 96.175729] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 96.182778] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 96.186054] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 96.189550] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 96.363071] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 96.365724] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 96.373694] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 96.383044] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 96.386819] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 96.389735] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 96.394023] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 96.408493] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 96.411517] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 96.415658] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 96.417758] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 96.420290] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 96.420920] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 96.431658] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 96.432724] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 96.441218] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 96.443312] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 96.446774] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 96.451314] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 96.458503] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 96.461859] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 96.463315] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 96.463780] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 96.467165] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 96.468145] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 96.470161] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 96.471028] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 96.471923] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 96.514535] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 96.516160] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 96.523444] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 96.533843] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 96.535789] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 96.536539] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 96.539251] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 96.541348] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 96.542177] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 96.548977] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 96.552333] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 96.561834] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 96.565204] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 96.568395] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 98.246141] Bluetooth: hci0: command tx timeout [ 98.565697] Bluetooth: hci1: command tx timeout [ 98.566016] Bluetooth: hci4: command tx timeout [ 98.630695] Bluetooth: hci3: command tx timeout [ 98.631130] Bluetooth: hci6: command tx timeout [ 98.631314] Bluetooth: hci7: command tx timeout [ 98.631464] Bluetooth: hci2: command tx timeout [ 98.694846] Bluetooth: hci5: command tx timeout [ 100.293770] Bluetooth: hci0: command tx timeout [ 100.613703] Bluetooth: hci1: command tx timeout [ 100.614299] Bluetooth: hci4: command tx timeout [ 100.677786] Bluetooth: hci2: command tx timeout [ 100.678337] Bluetooth: hci7: command tx timeout [ 100.678396] Bluetooth: hci6: command tx timeout [ 100.678488] Bluetooth: hci3: command tx timeout [ 100.741831] Bluetooth: hci5: command tx timeout [ 102.341987] Bluetooth: hci0: command tx timeout [ 102.662715] Bluetooth: hci4: command tx timeout [ 102.662853] Bluetooth: hci1: command tx timeout [ 102.725696] Bluetooth: hci6: command tx timeout [ 102.726699] Bluetooth: hci3: command tx timeout [ 102.726808] Bluetooth: hci2: command tx timeout [ 102.726915] Bluetooth: hci7: command tx timeout [ 102.789756] Bluetooth: hci5: command tx timeout [ 104.391630] Bluetooth: hci0: command tx timeout [ 104.709682] Bluetooth: hci1: command tx timeout [ 104.709771] Bluetooth: hci4: command tx timeout [ 104.773844] Bluetooth: hci7: command tx timeout [ 104.774852] Bluetooth: hci2: command tx timeout [ 104.775094] Bluetooth: hci3: command tx timeout [ 104.775159] Bluetooth: hci6: command tx timeout [ 104.837782] Bluetooth: hci5: command tx timeout [ 158.705358] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 158.712882] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 158.720044] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 158.732838] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 158.739297] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 158.741506] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 158.808531] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 158.813718] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 158.816065] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 158.820907] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 158.825812] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 158.827837] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 158.933272] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 158.945394] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 158.946495] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 158.959650] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 158.961444] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 158.963383] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 159.067399] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 159.070710] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 159.076043] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 159.086199] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 159.088821] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 159.093987] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 159.140126] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 159.142922] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 159.148746] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 159.181534] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 159.188689] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 159.190266] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 159.192937] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 159.196043] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 159.200076] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 159.204063] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 159.206664] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 159.210157] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 159.214221] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 159.219351] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 159.220083] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 159.234295] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 159.244879] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 159.245465] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 159.251533] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 159.261106] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 159.286903] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 159.295802] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 159.306812] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 159.307987] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 160.773652] Bluetooth: hci0: command tx timeout [ 160.901711] Bluetooth: hci1: command tx timeout [ 161.030308] Bluetooth: hci2: command tx timeout [ 161.159163] Bluetooth: hci3: command tx timeout [ 161.288710] Bluetooth: hci4: command tx timeout [ 161.289201] Bluetooth: hci7: command tx timeout [ 161.415738] Bluetooth: hci6: command tx timeout [ 161.478697] Bluetooth: hci5: command tx timeout [ 162.821638] Bluetooth: hci0: command tx timeout [ 162.950079] Bluetooth: hci1: command tx timeout [ 163.077650] Bluetooth: hci2: command tx timeout [ 163.206750] Bluetooth: hci3: command tx timeout [ 163.333662] Bluetooth: hci7: command tx timeout [ 163.333756] Bluetooth: hci4: command tx timeout [ 163.461640] Bluetooth: hci6: command tx timeout [ 163.527625] Bluetooth: hci5: command tx timeout [ 164.869800] Bluetooth: hci0: command tx timeout [ 164.997640] Bluetooth: hci1: command tx timeout [ 165.125738] Bluetooth: hci2: command tx timeout [ 165.253798] Bluetooth: hci3: command tx timeout [ 165.381693] Bluetooth: hci4: command tx timeout [ 165.381722] Bluetooth: hci7: command tx timeout [ 165.509740] Bluetooth: hci6: command tx timeout [ 165.574837] Bluetooth: hci5: command tx timeout [ 166.918464] Bluetooth: hci0: command tx timeout [ 167.046347] Bluetooth: hci1: command tx timeout [ 167.173711] Bluetooth: hci2: command tx timeout [ 167.301781] Bluetooth: hci3: command tx timeout [ 167.430651] Bluetooth: hci7: command tx timeout [ 167.431821] Bluetooth: hci4: command tx timeout [ 167.557682] Bluetooth: hci6: command tx timeout [ 167.621718] Bluetooth: hci5: command tx timeout [ 217.822371] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 217.822526] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 218.193393] [ 218.193666] ====================================================== [ 218.194251] WARNING: possible circular locking dependency detected [ 218.194843] 6.13.0-rc7-next-20250117 #1 Not tainted [ 218.195321] ------------------------------------------------------ [ 218.196826] kworker/u8:0/11 is trying to acquire lock: [ 218.198114] ffffffff8621b968 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 218.200915] [ 218.200915] but task is already holding lock: [ 218.202254] ffff888039498768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 218.204192] [ 218.204192] which lock already depends on the new lock. [ 218.204192] [ 218.204940] [ 218.204940] the existing dependency chain (in reverse order) is: [ 218.205638] [ 218.205638] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 218.206281] __mutex_lock+0x13d/0xb50 [ 218.206732] wiphy_register+0x1b2e/0x25d0 [ 218.207202] ieee80211_register_hw+0x23a4/0x3d60 [ 218.207736] mac80211_hwsim_new_radio+0x2759/0x4d50 [ 218.208292] init_mac80211_hwsim+0x389/0x870 [ 218.208806] do_one_initcall+0xf9/0x640 [ 218.209288] kernel_init_freeable+0x53d/0x7a0 [ 218.209811] kernel_init+0x1e/0x2d0 [ 218.210229] ret_from_fork+0x48/0x80 [ 218.210659] ret_from_fork_asm+0x1a/0x30 [ 218.211147] [ 218.211147] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 218.211764] __lock_acquire+0x29fd/0x4580 [ 218.212247] lock_acquire+0x19b/0x520 [ 218.212688] __mutex_lock+0x13d/0xb50 [ 218.213128] unregister_netdevice_many_notify+0x1612/0x1c80 [ 218.213720] unregister_netdevice_queue+0x224/0x2e0 [ 218.214264] _cfg80211_unregister_wdev+0x57b/0x700 [ 218.214813] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 218.215364] ieee80211_unregister_hw+0x55/0x3a0 [ 218.215890] hwsim_exit_net+0x3a0/0x730 [ 218.216339] ops_exit_list+0xb3/0x180 [ 218.216769] cleanup_net+0x546/0xad0 [ 218.217198] process_one_work+0x8ee/0x1a10 [ 218.217704] worker_thread+0x674/0xe70 [ 218.218172] kthread+0x3ab/0x720 [ 218.218594] ret_from_fork+0x48/0x80 [ 218.219025] ret_from_fork_asm+0x1a/0x30 [ 218.219512] [ 218.219512] other info that might help us debug this: [ 218.219512] [ 218.220265] Possible unsafe locking scenario: [ 218.220265] [ 218.220816] CPU0 CPU1 [ 218.221259] ---- ---- [ 218.221703] lock(&rdev->wiphy.mtx); [ 218.222101] lock(rtnl_mutex); [ 218.222680] lock(&rdev->wiphy.mtx); [ 218.223296] lock(rtnl_mutex); [ 218.223646] [ 218.223646] *** DEADLOCK *** [ 218.223646] [ 218.224210] 4 locks held by kworker/u8:0/11: [ 218.224638] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 218.225644] #1: ffff8880095dfd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 218.226697] #2: ffffffff8620f810 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 218.227644] #3: ffff888039498768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 218.228671] [ 218.228671] stack backtrace: [ 218.229098] CPU: 0 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.13.0-rc7-next-20250117 #1 [ 218.229888] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 218.230649] Workqueue: netns cleanup_net [ 218.231057] Call Trace: [ 218.231303] [ 218.231524] dump_stack_lvl+0xca/0x120 [ 218.231944] print_circular_bug+0x47b/0x750 [ 218.232418] check_noncircular+0x2e9/0x3c0 [ 218.232880] ? __pfx_check_noncircular+0x10/0x10 [ 218.233346] ? hlock_class+0x4e/0x130 [ 218.233721] ? mark_lock+0xac/0xed0 [ 218.234094] ? srso_return_thunk+0x5/0x5f [ 218.234530] ? lockdep_lock+0xba/0x1b0 [ 218.234943] ? __pfx_lockdep_lock+0x10/0x10 [ 218.235397] __lock_acquire+0x29fd/0x4580 [ 218.235836] ? __pfx___lock_acquire+0x10/0x10 [ 218.236287] ? lock_release+0x20f/0x6f0 [ 218.236692] ? __pfx_lock_release+0x10/0x10 [ 218.237124] lock_acquire+0x19b/0x520 [ 218.237512] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 218.238093] ? __pfx_lock_acquire+0x10/0x10 [ 218.238539] ? srso_return_thunk+0x5/0x5f [ 218.238974] ? lock_release+0x20f/0x6f0 [ 218.239377] ? srso_return_thunk+0x5/0x5f [ 218.239812] ? lock_is_held_type+0x9e/0x120 [ 218.240255] ? srso_return_thunk+0x5/0x5f [ 218.240692] __mutex_lock+0x13d/0xb50 [ 218.241091] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 218.241656] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 218.242221] ? srso_return_thunk+0x5/0x5f [ 218.242647] ? synchronize_rcu_expedited+0x38a/0x420 [ 218.243148] ? __pfx___mutex_lock+0x10/0x10 [ 218.243590] ? __pfx_autoremove_wake_function+0x10/0x10 [ 218.244152] ? srso_return_thunk+0x5/0x5f [ 218.244583] ? kasan_quarantine_put+0x84/0x1e0 [ 218.245050] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 218.245494] ? srso_return_thunk+0x5/0x5f [ 218.245930] unregister_netdevice_many_notify+0x1612/0x1c80 [ 218.246482] ? __virt_addr_valid+0x2e8/0x5d0 [ 218.246942] ? __pfx_lock_release+0x10/0x10 [ 218.247376] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 218.247957] ? find_held_lock+0x2c/0x110 [ 218.248372] ? srso_return_thunk+0x5/0x5f [ 218.248806] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 218.249318] ? srso_return_thunk+0x5/0x5f [ 218.249749] ? lock_release+0x20f/0x6f0 [ 218.250148] ? __pfx_lock_release+0x10/0x10 [ 218.250583] ? srso_return_thunk+0x5/0x5f [ 218.251020] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 218.251538] ? srso_return_thunk+0x5/0x5f [ 218.252022] unregister_netdevice_queue+0x224/0x2e0 [ 218.252521] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 218.253060] ? up_write+0x195/0x520 [ 218.253475] _cfg80211_unregister_wdev+0x57b/0x700 [ 218.254009] ? srso_return_thunk+0x5/0x5f [ 218.254456] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 218.254976] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 218.255563] ? srso_return_thunk+0x5/0x5f [ 218.256154] ? srso_return_thunk+0x5/0x5f [ 218.256684] ? synchronize_rcu+0x1ff/0x260 [ 218.257153] ieee80211_unregister_hw+0x55/0x3a0 [ 218.257646] hwsim_exit_net+0x3a0/0x730 [ 218.258084] ? __pfx_hwsim_exit_net+0x10/0x10 [ 218.258569] ? srso_return_thunk+0x5/0x5f [ 218.259022] ? netdev_run_todo+0x788/0x1040 [ 218.259478] ? nexthop_net_exit_batch_rtnl+0xa4/0x310 [ 218.260070] ? __pfx_hwsim_exit_net+0x10/0x10 [ 218.260545] ops_exit_list+0xb3/0x180 [ 218.260955] cleanup_net+0x546/0xad0 [ 218.261356] ? __pfx_cleanup_net+0x10/0x10 [ 218.261811] process_one_work+0x8ee/0x1a10 [ 218.262326] ? __pfx_lock_acquire+0x10/0x10 [ 218.262803] ? __pfx_process_one_work+0x10/0x10 [ 218.263317] ? srso_return_thunk+0x5/0x5f [ 218.263792] ? move_linked_works+0x172/0x270 [ 218.264297] ? srso_return_thunk+0x5/0x5f [ 218.264780] ? assign_work+0x196/0x240 [ 218.265246] worker_thread+0x674/0xe70 [ 218.265717] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 218.266311] ? __pfx_worker_thread+0x10/0x10 [ 218.266833] kthread+0x3ab/0x720 [ 218.267268] ? __pfx_kthread+0x10/0x10 [ 218.267734] ? srso_return_thunk+0x5/0x5f [ 218.268276] ? finish_task_switch.isra.0+0x206/0x840 [ 218.268845] ? __pfx_kthread+0x10/0x10 [ 218.269300] ret_from_fork+0x48/0x80 [ 218.269705] ? __pfx_kthread+0x10/0x10 [ 218.270154] ret_from_fork_asm+0x1a/0x30 [ 218.270630] [ 220.303047] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 220.306933] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 220.309324] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 220.313812] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 220.317736] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 220.320000] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 220.504586] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 220.506656] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 220.508310] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 220.511664] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 220.515099] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 220.516847] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 220.692101] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 220.694869] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 220.697946] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 220.704255] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 220.707184] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 220.708968] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 220.761646] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 220.766412] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 220.775133] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 220.781437] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 220.788101] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 220.790056] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 220.848254] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 220.857726] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 220.877996] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 220.897781] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 220.899039] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 220.899258] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 220.904301] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 220.907957] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 220.910814] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 220.912636] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 220.937880] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 220.946020] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 220.948133] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 220.956816] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 220.967685] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 220.982879] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 220.989244] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 220.992895] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 220.995129] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 221.003089] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 221.004823] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 221.009820] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 221.012862] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 221.016893] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 222.341607] Bluetooth: hci0: command tx timeout [ 222.533687] Bluetooth: hci1: command tx timeout [ 222.725702] Bluetooth: hci2: command tx timeout [ 222.853609] Bluetooth: hci3: command tx timeout [ 223.045711] Bluetooth: hci5: command tx timeout [ 223.045904] Bluetooth: hci6: command tx timeout [ 223.045945] Bluetooth: hci4: command tx timeout [ 223.109755] Bluetooth: hci7: command tx timeout [ 224.391593] Bluetooth: hci0: command tx timeout [ 224.581618] Bluetooth: hci1: command tx timeout [ 224.775284] Bluetooth: hci2: command tx timeout [ 224.901603] Bluetooth: hci3: command tx timeout [ 225.094926] Bluetooth: hci5: command tx timeout [ 225.094947] Bluetooth: hci4: command tx timeout [ 225.095003] Bluetooth: hci6: command tx timeout [ 225.157657] Bluetooth: hci7: command tx timeout [ 226.438592] Bluetooth: hci0: command tx timeout [ 226.629598] Bluetooth: hci1: command tx timeout [ 226.823565] Bluetooth: hci2: command tx timeout [ 226.949584] Bluetooth: hci3: command tx timeout [ 227.142683] Bluetooth: hci4: command tx timeout [ 227.142758] Bluetooth: hci6: command tx timeout [ 227.142831] Bluetooth: hci5: command tx timeout [ 227.205664] Bluetooth: hci7: command tx timeout VM DIAGNOSIS: 11:38:32 Registers: info registers vcpu 0 RAX=0000000000000061 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8283cdc5 RDI=ffffffff886930a0 RBP=ffffffff88693060 RSP=ffff8880095deb28 R8 =0000000000000001 R9 =ffffed10012bbd55 R10=0000000000000061 R11=6666666666666666 R12=0000000000000061 R13=0000000000000001 R14=ffff888008fea055 R15=ffff8880095dee28 RIP=ffffffff8283ce1d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055a512797280 CR3=000000000a820000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000000000000000000000 XMM03=000000c00006e230000000c00006e140 XMM04=000000c000146090000000c000146060 XMM05=000000c0001460f0000000c0001460c0 XMM06=000000c000146150000000c000146120 XMM07=000000c000145760000000c0000874d0 XMM08=000000c0001464b0000000c000146480 XMM09=000000c000146510000000c0001464e0 XMM10=000000c000146540000000c000087530 XMM11=000000c0001465a0000000c000146570 XMM12=000000c000146600000000c0001465d0 XMM13=000000c000146660000000c000146630 XMM14=000000c0001466c0000000c000146690 XMM15=000000c0000e7080000000c0001466f0 info registers vcpu 1 RAX=ffffffff81381c39 RBX=ffffffff815ec430 RCX=0000000000000001 RDX=1ffff11001e2aec8 RSI=ffffffff81381c39 RDI=ffff88800f1576b0 RBP=ffff88800f157680 RSP=ffff88800f1575d0 R8 =0000000000000001 R9 =ffff88800f157628 R10=000000000003ab4d R11=0000000000021804 R12=ffff88800f1576b0 R13=0000000000000000 R14=ffff88800a8b3780 R15=0000000000000cc0 RIP=ffffffff84ab0080 RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f57cca3f8c0 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffe045ebd70 CR3=000000000e96c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ffffffffffffffffffffffffffffffff XMM01=000000000000000034316c6c696b6672 XMM02=ffffffffffffffff00000000000000ff XMM03=ffffffffffff00ffffffffffffffffff XMM04=00000002ffffffff000055a51278e510 XMM05=000055a5127607e0000055a512743320 XMM06=000000000000550034316c6c696b6672 XMM07=00000000000000000000000000000000 XMM08=7269762f736563697665642f7379732f XMM09=00000000000000000000000000000000 XMM10=00000020000000000000002000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000