Warning: Permanently added '[localhost]:44852' (ECDSA) to the list of known hosts. 2025/01/18 14:11:16 fuzzer started 2025/01/18 14:11:16 dialing manager at localhost:44245 syzkaller login: [ 67.913627] cgroup: Unknown subsys name 'net' [ 68.025005] cgroup: Unknown subsys name 'cpuset' [ 68.058574] cgroup: Unknown subsys name 'rlimit' [ 73.756528] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 85.639281] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/18 14:11:34 syscalls: 2217 2025/01/18 14:11:34 code coverage: enabled 2025/01/18 14:11:34 comparison tracing: enabled 2025/01/18 14:11:34 extra coverage: enabled 2025/01/18 14:11:34 setuid sandbox: enabled 2025/01/18 14:11:34 namespace sandbox: enabled 2025/01/18 14:11:34 Android sandbox: enabled 2025/01/18 14:11:34 fault injection: enabled 2025/01/18 14:11:34 leak checking: enabled 2025/01/18 14:11:34 net packet injection: enabled 2025/01/18 14:11:34 net device setup: enabled 2025/01/18 14:11:34 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/18 14:11:34 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/18 14:11:34 USB emulation: enabled 2025/01/18 14:11:34 hci packet injection: enabled 2025/01/18 14:11:34 wifi device emulation: enabled 2025/01/18 14:11:34 802.15.4 emulation: enabled 2025/01/18 14:11:34 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/18 14:11:35 fetching corpus: 50, signal 23740/26833 (executing program) 2025/01/18 14:11:35 fetching corpus: 100, signal 34512/38589 (executing program) 2025/01/18 14:11:35 fetching corpus: 150, signal 46581/51119 (executing program) 2025/01/18 14:11:35 fetching corpus: 200, signal 52145/57267 (executing program) 2025/01/18 14:11:35 fetching corpus: 250, signal 57346/62833 (executing program) 2025/01/18 14:11:36 fetching corpus: 300, signal 60826/66838 (executing program) 2025/01/18 14:11:36 fetching corpus: 350, signal 64691/71024 (executing program) 2025/01/18 14:11:36 fetching corpus: 400, signal 67265/73906 (executing program) 2025/01/18 14:11:36 fetching corpus: 450, signal 70226/77081 (executing program) 2025/01/18 14:11:36 fetching corpus: 500, signal 72675/79705 (executing program) 2025/01/18 14:11:36 fetching corpus: 550, signal 76750/83498 (executing program) 2025/01/18 14:11:37 fetching corpus: 600, signal 78886/85655 (executing program) 2025/01/18 14:11:37 fetching corpus: 650, signal 81296/88014 (executing program) 2025/01/18 14:11:37 fetching corpus: 700, signal 83730/90220 (executing program) 2025/01/18 14:11:37 fetching corpus: 750, signal 87905/93553 (executing program) 2025/01/18 14:11:37 fetching corpus: 800, signal 89992/95294 (executing program) 2025/01/18 14:11:37 fetching corpus: 850, signal 92021/96926 (executing program) 2025/01/18 14:11:38 fetching corpus: 900, signal 94029/98494 (executing program) 2025/01/18 14:11:38 fetching corpus: 950, signal 95554/99709 (executing program) 2025/01/18 14:11:38 fetching corpus: 1000, signal 97053/100836 (executing program) 2025/01/18 14:11:38 fetching corpus: 1050, signal 99469/102399 (executing program) 2025/01/18 14:11:38 fetching corpus: 1100, signal 100759/103295 (executing program) 2025/01/18 14:11:38 fetching corpus: 1150, signal 102176/104158 (executing program) 2025/01/18 14:11:39 fetching corpus: 1200, signal 103615/105032 (executing program) 2025/01/18 14:11:39 fetching corpus: 1250, signal 104596/105563 (executing program) 2025/01/18 14:11:39 fetching corpus: 1264, signal 104923/105761 (executing program) 2025/01/18 14:11:39 fetching corpus: 1264, signal 104923/105792 (executing program) 2025/01/18 14:11:39 fetching corpus: 1264, signal 104923/105821 (executing program) 2025/01/18 14:11:39 fetching corpus: 1264, signal 104923/105859 (executing program) 2025/01/18 14:11:39 fetching corpus: 1264, signal 104923/105914 (executing program) 2025/01/18 14:11:39 fetching corpus: 1264, signal 104923/105951 (executing program) 2025/01/18 14:11:39 fetching corpus: 1264, signal 104923/105976 (executing program) 2025/01/18 14:11:39 fetching corpus: 1264, signal 104923/106016 (executing program) 2025/01/18 14:11:39 fetching corpus: 1264, signal 104923/106045 (executing program) 2025/01/18 14:11:39 fetching corpus: 1264, signal 104923/106073 (executing program) 2025/01/18 14:11:39 fetching corpus: 1264, signal 104923/106102 (executing program) 2025/01/18 14:11:39 fetching corpus: 1264, signal 104923/106132 (executing program) 2025/01/18 14:11:39 fetching corpus: 1264, signal 104923/106166 (executing program) 2025/01/18 14:11:39 fetching corpus: 1264, signal 104923/106197 (executing program) 2025/01/18 14:11:39 fetching corpus: 1264, signal 104923/106233 (executing program) 2025/01/18 14:11:39 fetching corpus: 1264, signal 104923/106273 (executing program) 2025/01/18 14:11:39 fetching corpus: 1264, signal 104923/106306 (executing program) 2025/01/18 14:11:39 fetching corpus: 1264, signal 104923/106337 (executing program) 2025/01/18 14:11:39 fetching corpus: 1264, signal 104923/106381 (executing program) 2025/01/18 14:11:39 fetching corpus: 1264, signal 104923/106411 (executing program) 2025/01/18 14:11:39 fetching corpus: 1264, signal 104923/106446 (executing program) 2025/01/18 14:11:39 fetching corpus: 1264, signal 104923/106482 (executing program) 2025/01/18 14:11:39 fetching corpus: 1264, signal 104923/106526 (executing program) 2025/01/18 14:11:39 fetching corpus: 1264, signal 104923/106551 (executing program) 2025/01/18 14:11:39 fetching corpus: 1264, signal 104923/106591 (executing program) 2025/01/18 14:11:39 fetching corpus: 1264, signal 104923/106614 (executing program) 2025/01/18 14:11:39 fetching corpus: 1264, signal 104923/106640 (executing program) 2025/01/18 14:11:39 fetching corpus: 1264, signal 104923/106655 (executing program) 2025/01/18 14:11:39 fetching corpus: 1264, signal 104923/106655 (executing program) 2025/01/18 14:11:43 starting 8 fuzzer processes 14:11:43 executing program 0: perf_event_open(&(0x7f0000001540)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfffffffdffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x0, 0xffffff7f}, 0xc) 14:11:43 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') lseek(r0, 0x0, 0x3) 14:11:43 executing program 4: ioperm(0x0, 0x6d1f, 0x8) getgroups(0x0, 0x0) 14:11:43 executing program 2: init_module(&(0x7f0000000400)='\x00', 0x1, &(0x7f0000000440)='user\x00') r0 = add_key$user(&(0x7f00000005c0), &(0x7f0000000600)={'syz', 0x0}, &(0x7f0000000640)="93efa0f44c866b0b96cfddb6fb0174d97208d83d4b77071f140d57b2d654ffefb7864adab9e919b70a0c2ae1b892de3ce46c252ded1f560c546dc8f0f1203be01cb8e45fc5322b6fc0aab548da98dc7f0d30e843799c25f76811d6585855d326bcc3ff261adda12940277406d6b941e70703d76e4de916a0862c7229b36eedfe99ddf2c3a801c635ecdf86a2084434f09454d3533182347c247c2e22c5577e0c2935085c93999020d030a372541aa794fa6ca46a37bcb1b671019116dd1a5008c05c235b2dc2986fe433676f6420832caa20008fa7427a0a95115d97dc7c3010d73ac2ce1183f114c61f4044bc845b28caf7d9021d07d8042dd2267ee875dd97eac7720bfdaa9347390ab9d84428342930a41724663e8f0b218c53a85834fe9ad71250a50d550ff6c9d39b410f3774b531ffca1bc42c6cf34cd812e297e63905ce92f7e716344ef0e4ff12fae6b53428db39aacdf1653e49d6120d065ec1dfbe4f8435de223d48dabb32e4d33e5549cd26bd0fa412d2d66585961b55be0ba1aead11e66ab47c01a3198fe2f1d8b333322f32859cd5d6e97897f19bf2e3c12eb8f118b099180ca22ea9252603201d27007ba587d13435633f42c72921d15f0fab", 0x1c0, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) r2 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000100)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "be52c58e23fffc8e3137f5652f08ad0fbc860ffdef5764ecc2babdf4532bd3481826cf6eef3eda8fb88f66cf58d882bd67f6b5830b6a36cb74fe0fd62f8aea60"}, 0x48, 0xfffffffffffffffd) r3 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000100)={'fscrypt:', @desc3}, &(0x7f0000000080)={0x0, "be52c58e23fffc8e3137f5652f08ad0fbc860ffdef5764ecc2babdf4532bd3481826cf6eef3eda8fb88f66cf58d882bd67f6b5830b6a36cb74fe0fd62f8aea60"}, 0x48, 0xfffffffffffffffd) r4 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r4, 0xc0506617, &(0x7f0000000140)=ANY=[@ANYBLOB="01a25e05395ef433d0ba3f74f0cb1142000000000000", @ANYRES32=r3, @ANYBLOB="000000000000000000000000000000000000000000000080fa84d392d76a8a0061f3efc4936caf566263646566676809bde98319cb767778797a3031323334353604000000000000"]) keyctl$set_timeout(0xf, r3, 0xef6) r5 = add_key(&(0x7f0000000380)='.request_key_auth\x00', &(0x7f0000000480)={'syz', 0x1}, &(0x7f00000004c0)="3450ea01b80e52fe9a2c40dc91fba3a1abdd5bcfcfc76403414cc272b107df0c95166aa5b8061b0fdc8b1cc98fc137e8749068fe55d3b56fedf85290c45501681abafa996de9352c6556d3a7f75876f33dc158c66ba46454682a15", 0x5b, r2) keyctl$KEYCTL_MOVE(0x1e, r1, r3, r5, 0x1) r6 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r6, 0xc0506617, &(0x7f0000000140)=ANY=[@ANYBLOB="01a25e05395ef433d0ba3f74f0cb1142000000000000", @ANYRES32=r2, @ANYBLOB="000000000000000000000000000000000000000000000080fa84d392d76a8a0061f3efc4936caf566263646566676809bde98319cb767778797a3031323334353604000000000000"]) keyctl$set_timeout(0xf, r2, 0xef6) add_key(&(0x7f0000000300)='big_key\x00', &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, r2) keyctl$KEYCTL_MOVE(0x1e, r0, 0xfffffffffffffffd, r1, 0x1) r7 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f0000000040)={{{@in=@broadcast, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xa0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {0x0, 0x0, 0x0, 0x101}, 0x0, 0x0, 0x1}, {{@in=@private=0xa010100, 0x0, 0x2b}, 0x0, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}, 0xe8) sendmmsg$inet6(r7, &(0x7f0000001b80)=[{{&(0x7f0000000000)={0x2, 0x4e20, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0) 14:11:43 executing program 3: r0 = socket$inet6(0xa, 0x801, 0x0) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @local}, 0x1c) 14:11:43 executing program 5: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r0, 0xc058534b, &(0x7f0000000100)) [ 94.480086] audit: type=1400 audit(1737209503.425:7): avc: denied { execmem } for pid=273 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 14:11:43 executing program 6: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendmmsg$inet6(r0, &(0x7f0000002580)=[{{&(0x7f00000013c0)={0xa, 0x0, 0x0, @remote}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000000)="d706", 0x2}], 0x1}}], 0x1, 0x892579224e46bd5c) 14:11:43 executing program 7: mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0x0) mlock(&(0x7f0000ffd000/0x2000)=nil, 0x2000) mlock2(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1) [ 95.919632] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 95.920505] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 95.924334] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 95.930444] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 95.932335] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 95.933686] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 95.984119] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 95.984474] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 95.992357] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 95.993134] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 95.994448] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 95.997640] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 95.999244] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 96.003368] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 96.012976] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 96.013473] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 96.019936] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 96.020665] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 96.021236] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 96.021548] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 96.022102] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 96.026347] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 96.027430] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 96.034412] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 96.158994] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 96.162921] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 96.164542] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 96.172133] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 96.172700] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 96.173123] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 96.175991] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 96.178869] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 96.179238] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 96.182818] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 96.183255] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 96.186636] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 96.187322] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 96.199216] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 96.214825] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 96.248174] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 96.248399] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 96.260392] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 96.285804] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 96.312993] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 96.319059] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 96.325946] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 96.326837] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 96.335078] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 98.006245] Bluetooth: hci0: command tx timeout [ 98.069844] Bluetooth: hci3: command tx timeout [ 98.071124] Bluetooth: hci2: command tx timeout [ 98.134800] Bluetooth: hci1: command tx timeout [ 98.197987] Bluetooth: hci7: command tx timeout [ 98.262091] Bluetooth: hci5: command tx timeout [ 98.389904] Bluetooth: hci6: command tx timeout [ 98.392829] Bluetooth: hci4: command tx timeout [ 100.053838] Bluetooth: hci0: command tx timeout [ 100.118005] Bluetooth: hci2: command tx timeout [ 100.118448] Bluetooth: hci3: command tx timeout [ 100.182027] Bluetooth: hci1: command tx timeout [ 100.246827] Bluetooth: hci7: command tx timeout [ 100.309848] Bluetooth: hci5: command tx timeout [ 100.437859] Bluetooth: hci4: command tx timeout [ 100.438368] Bluetooth: hci6: command tx timeout [ 102.102849] Bluetooth: hci0: command tx timeout [ 102.165913] Bluetooth: hci3: command tx timeout [ 102.166066] Bluetooth: hci2: command tx timeout [ 102.230126] Bluetooth: hci1: command tx timeout [ 102.293837] Bluetooth: hci7: command tx timeout [ 102.357903] Bluetooth: hci5: command tx timeout [ 102.486182] Bluetooth: hci6: command tx timeout [ 102.487353] Bluetooth: hci4: command tx timeout [ 104.149832] Bluetooth: hci0: command tx timeout [ 104.213934] Bluetooth: hci2: command tx timeout [ 104.213980] Bluetooth: hci3: command tx timeout [ 104.277831] Bluetooth: hci1: command tx timeout [ 104.341890] Bluetooth: hci7: command tx timeout [ 104.407006] Bluetooth: hci5: command tx timeout [ 104.533985] Bluetooth: hci4: command tx timeout [ 104.534717] Bluetooth: hci6: command tx timeout [ 156.059670] syz-executor.3 (282) used greatest stack depth: 24352 bytes left [ 156.279979] [ 156.280224] ====================================================== [ 156.280830] WARNING: possible circular locking dependency detected [ 156.281420] 6.13.0-rc7-next-20250117 #1 Not tainted [ 156.281902] ------------------------------------------------------ [ 156.283404] kworker/u8:0/11 is trying to acquire lock: [ 156.284328] ffffffff8621b968 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 156.286010] [ 156.286010] but task is already holding lock: [ 156.287380] ffff88803aff0768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 156.289007] [ 156.289007] which lock already depends on the new lock. [ 156.289007] [ 156.290507] [ 156.290507] the existing dependency chain (in reverse order) is: [ 156.291190] [ 156.291190] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 156.291813] __mutex_lock+0x13d/0xb50 [ 156.292245] wiphy_register+0x1b2e/0x25d0 [ 156.292722] ieee80211_register_hw+0x23a4/0x3d60 [ 156.293225] mac80211_hwsim_new_radio+0x2759/0x4d50 [ 156.293763] init_mac80211_hwsim+0x389/0x870 [ 156.294253] do_one_initcall+0xf9/0x640 [ 156.294707] kernel_init_freeable+0x53d/0x7a0 [ 156.295206] kernel_init+0x1e/0x2d0 [ 156.295602] ret_from_fork+0x48/0x80 [ 156.296009] ret_from_fork_asm+0x1a/0x30 [ 156.296479] [ 156.296479] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 156.297062] __lock_acquire+0x29fd/0x4580 [ 156.297516] lock_acquire+0x19b/0x520 [ 156.297936] __mutex_lock+0x13d/0xb50 [ 156.298366] unregister_netdevice_many_notify+0x1612/0x1c80 [ 156.298940] unregister_netdevice_queue+0x224/0x2e0 [ 156.299456] _cfg80211_unregister_wdev+0x57b/0x700 [ 156.299974] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 156.300502] ieee80211_unregister_hw+0x55/0x3a0 [ 156.300989] hwsim_exit_net+0x3a0/0x730 [ 156.301421] ops_exit_list+0xb3/0x180 [ 156.301836] cleanup_net+0x546/0xad0 [ 156.302251] process_one_work+0x8ee/0x1a10 [ 156.302731] worker_thread+0x674/0xe70 [ 156.303175] kthread+0x3ab/0x720 [ 156.303570] ret_from_fork+0x48/0x80 [ 156.303992] ret_from_fork_asm+0x1a/0x30 [ 156.304460] [ 156.304460] other info that might help us debug this: [ 156.304460] [ 156.305189] Possible unsafe locking scenario: [ 156.305189] [ 156.305752] CPU0 CPU1 [ 156.306196] ---- ---- [ 156.306642] lock(&rdev->wiphy.mtx); [ 156.307040] lock(rtnl_mutex); [ 156.307613] lock(&rdev->wiphy.mtx); [ 156.308322] lock(rtnl_mutex); [ 156.308695] [ 156.308695] *** DEADLOCK *** [ 156.308695] [ 156.309257] 4 locks held by kworker/u8:0/11: [ 156.309694] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 156.310704] #1: ffff8880095dfd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 156.311677] #2: ffffffff8620f810 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 156.312595] #3: ffff88803aff0768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 156.313617] [ 156.313617] stack backtrace: [ 156.314045] CPU: 0 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.13.0-rc7-next-20250117 #1 [ 156.314847] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 156.315625] Workqueue: netns cleanup_net [ 156.316041] Call Trace: [ 156.316295] [ 156.316537] dump_stack_lvl+0xca/0x120 [ 156.316952] print_circular_bug+0x47b/0x750 [ 156.317389] check_noncircular+0x2e9/0x3c0 [ 156.317815] ? __pfx_check_noncircular+0x10/0x10 [ 156.318292] ? hlock_class+0x4e/0x130 [ 156.318672] ? mark_lock+0xac/0xed0 [ 156.319044] ? srso_return_thunk+0x5/0x5f [ 156.319476] ? sched_clock+0x37/0x60 [ 156.319875] ? lockdep_lock+0xba/0x1b0 [ 156.320290] ? __pfx_lockdep_lock+0x10/0x10 [ 156.320769] __lock_acquire+0x29fd/0x4580 [ 156.321211] ? __pfx___lock_acquire+0x10/0x10 [ 156.321665] ? lock_release+0x20f/0x6f0 [ 156.322073] ? __pfx_lock_release+0x10/0x10 [ 156.322516] lock_acquire+0x19b/0x520 [ 156.322910] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 156.323486] ? __pfx_lock_acquire+0x10/0x10 [ 156.323923] ? srso_return_thunk+0x5/0x5f [ 156.324360] ? lock_release+0x20f/0x6f0 [ 156.324780] ? srso_return_thunk+0x5/0x5f [ 156.325217] ? lock_is_held_type+0x9e/0x120 [ 156.325668] ? srso_return_thunk+0x5/0x5f [ 156.326107] __mutex_lock+0x13d/0xb50 [ 156.326508] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 156.327090] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 156.327669] ? srso_return_thunk+0x5/0x5f [ 156.328107] ? synchronize_rcu_expedited+0x38a/0x420 [ 156.328634] ? __pfx___mutex_lock+0x10/0x10 [ 156.329087] ? __pfx_autoremove_wake_function+0x10/0x10 [ 156.329633] ? srso_return_thunk+0x5/0x5f [ 156.330073] ? kasan_quarantine_put+0x84/0x1e0 [ 156.330555] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 156.331014] ? srso_return_thunk+0x5/0x5f [ 156.331457] unregister_netdevice_many_notify+0x1612/0x1c80 [ 156.332019] ? __virt_addr_valid+0x2e8/0x5d0 [ 156.332495] ? __pfx_lock_release+0x10/0x10 [ 156.332940] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 156.333535] ? find_held_lock+0x2c/0x110 [ 156.333971] ? srso_return_thunk+0x5/0x5f [ 156.334411] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 156.334924] ? srso_return_thunk+0x5/0x5f [ 156.335364] ? lock_release+0x20f/0x6f0 [ 156.335777] ? __pfx_lock_release+0x10/0x10 [ 156.336213] ? srso_return_thunk+0x5/0x5f [ 156.336673] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 156.337201] ? srso_return_thunk+0x5/0x5f [ 156.337639] unregister_netdevice_queue+0x224/0x2e0 [ 156.338141] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 156.338688] ? up_write+0x195/0x520 [ 156.339062] _cfg80211_unregister_wdev+0x57b/0x700 [ 156.339530] ? srso_return_thunk+0x5/0x5f [ 156.339942] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 156.340414] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 156.340942] ? srso_return_thunk+0x5/0x5f [ 156.341354] ? srso_return_thunk+0x5/0x5f [ 156.341771] ? synchronize_rcu+0x1ff/0x260 [ 156.342177] ieee80211_unregister_hw+0x55/0x3a0 [ 156.342620] hwsim_exit_net+0x3a0/0x730 [ 156.343000] ? __pfx_hwsim_exit_net+0x10/0x10 [ 156.343430] ? srso_return_thunk+0x5/0x5f [ 156.343843] ? netdev_run_todo+0x788/0x1040 [ 156.344260] ? __pfx_hwsim_exit_net+0x10/0x10 [ 156.344700] ops_exit_list+0xb3/0x180 [ 156.345069] cleanup_net+0x546/0xad0 [ 156.345438] ? __pfx_cleanup_net+0x10/0x10 [ 156.345850] process_one_work+0x8ee/0x1a10 [ 156.346281] ? __pfx_lock_acquire+0x10/0x10 [ 156.346698] ? __pfx_process_one_work+0x10/0x10 [ 156.347153] ? srso_return_thunk+0x5/0x5f [ 156.347566] ? move_linked_works+0x172/0x270 [ 156.347989] ? srso_return_thunk+0x5/0x5f [ 156.348397] ? assign_work+0x196/0x240 [ 156.348801] worker_thread+0x674/0xe70 [ 156.349223] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 156.349720] ? __pfx_worker_thread+0x10/0x10 [ 156.350157] kthread+0x3ab/0x720 [ 156.350502] ? __pfx_kthread+0x10/0x10 [ 156.350887] ? srso_return_thunk+0x5/0x5f [ 156.351293] ? finish_task_switch.isra.0+0x206/0x840 [ 156.351776] ? __pfx_kthread+0x10/0x10 [ 156.352164] ret_from_fork+0x48/0x80 [ 156.352534] ? __pfx_kthread+0x10/0x10 [ 156.352923] ret_from_fork_asm+0x1a/0x30 [ 156.353337] [ 158.568757] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 158.574527] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 158.576511] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 158.585262] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 158.588495] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 158.590482] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 158.685801] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 158.689943] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 158.691414] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 158.694391] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 158.696180] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 158.697717] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 158.866266] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 158.868438] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 158.875069] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 158.888045] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 158.895542] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 158.898126] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 158.909220] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 158.910940] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 158.911417] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 158.916252] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 158.919439] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 158.922474] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 158.925177] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 158.930999] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 158.950851] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 158.951976] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 158.952266] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 158.976216] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 158.976391] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 158.989769] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 158.997879] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 158.999043] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 159.000215] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 159.000966] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 159.001276] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 159.001625] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 159.004339] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 159.021344] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 159.036572] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 159.037958] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 159.038329] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 159.044610] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 159.049034] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 159.058655] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 159.061909] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 159.088914] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 160.661818] Bluetooth: hci0: command tx timeout [ 160.728783] Bluetooth: hci1: command tx timeout [ 160.981804] Bluetooth: hci2: command tx timeout [ 161.045858] Bluetooth: hci3: command tx timeout [ 161.046482] Bluetooth: hci4: command tx timeout [ 161.047411] Bluetooth: hci5: command tx timeout [ 161.109859] Bluetooth: hci6: command tx timeout [ 161.173983] Bluetooth: hci7: command tx timeout [ 162.709807] Bluetooth: hci0: command tx timeout [ 162.774130] Bluetooth: hci1: command tx timeout [ 163.029870] Bluetooth: hci2: command tx timeout [ 163.094791] Bluetooth: hci5: command tx timeout [ 163.094876] Bluetooth: hci4: command tx timeout [ 163.094944] Bluetooth: hci3: command tx timeout [ 163.158031] Bluetooth: hci6: command tx timeout [ 163.221784] Bluetooth: hci7: command tx timeout [ 164.757937] Bluetooth: hci0: command tx timeout [ 164.822764] Bluetooth: hci1: command tx timeout [ 165.079767] Bluetooth: hci2: command tx timeout [ 165.141856] Bluetooth: hci5: command tx timeout [ 165.141923] Bluetooth: hci3: command tx timeout [ 165.141962] Bluetooth: hci4: command tx timeout [ 165.205784] Bluetooth: hci6: command tx timeout [ 165.269789] Bluetooth: hci7: command tx timeout VM DIAGNOSIS: 14:12:45 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9 RSI=ffffffff8283cdc5 RDI=ffffffff886930a0 RBP=ffffffff88693060 RSP=ffff8880095deb98 R8 =0000000000000001 R9 =ffffed10012bbd67 R10=0000000000000000 R11=3a6b636f6c206762 R12=0000000000000000 R13=ffff8880095deeb8 R14=ffffffff88693320 R15=0000000000000000 RIP=ffffffff8283ce1d RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000563e52430d90 CR3=0000000009bb4000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000004107114000000000 XMM03=6156756a55732e72656c6c616b7a7973 XMM04=0000000000000028000000000044b3bc XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=000000c000e1840000000000004643c1 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=0000000000000041000000c00001a000 XMM14=000000000000000c000000c000014050 XMM15=000000000000000d000000c000014060 info registers vcpu 1 RAX=0000000000000000 RBX=000000000003a64c RCX=ffffffff81e3a7b6 RDX=ffff88800c545340 RSI=ffffffff81e3b1c4 RDI=0000000000000001 RBP=ffff8880158b7b98 RSP=ffff8880158b7ac8 R8 =0000000000000000 R9 =fffffbfff0c8043a R10=0000000000000001 R11=0000000000000003 R12=ffff88801aa5a9f0 R13=0000000000000001 R14=ffff88800926bb58 R15=0000000000000008 RIP=ffffffff81593784 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000000c000030e90 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000c000335000 CR3=0000000009bb4000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000a60ce07b00000000cec3662e XMM01=00000000000000007314b0e165dcc819 XMM02=00000000000000004c5a41e92f5bd7c5 XMM03=6c43506150362e72656c6c616b7a7973 XMM04=000000c0002e3280000000c0002e2f40 XMM05=000000c0002e37c0000000c0002e3500 XMM06=000000c0002e3ac0000000c0002e3a00 XMM07=000000c00055d580000000c0006c0100 XMM08=000000c0001968c0000000c000196400 XMM09=000000c000197840000000c000197100 XMM10=000000c0002e2300000000c0002e2000 XMM11=000000c0002e2dc0000000c0002e2580 XMM12=000000c0002e3c40000000c0002e3400 XMM13=000000c0006c1b00000000c0006c1740 XMM14=000000c0002f4100000000c0006c1f40 XMM15=000000c0005cb9e0000000c0002f4240