syzkaller login: [ 68.629878] sshd (238) used greatest stack depth: 23712 bytes left Warning: Permanently added '[localhost]:17849' (ECDSA) to the list of known hosts. 2025/01/18 14:11:19 fuzzer started 2025/01/18 14:11:19 dialing manager at localhost:44245 [ 70.354476] cgroup: Unknown subsys name 'net' [ 70.459472] cgroup: Unknown subsys name 'cpuset' [ 70.496182] cgroup: Unknown subsys name 'rlimit' [ 77.668722] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 87.986341] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/18 14:11:38 syscalls: 2217 2025/01/18 14:11:38 code coverage: enabled 2025/01/18 14:11:38 comparison tracing: enabled 2025/01/18 14:11:38 extra coverage: enabled 2025/01/18 14:11:38 setuid sandbox: enabled 2025/01/18 14:11:38 namespace sandbox: enabled 2025/01/18 14:11:38 Android sandbox: enabled 2025/01/18 14:11:38 fault injection: enabled 2025/01/18 14:11:38 leak checking: enabled 2025/01/18 14:11:38 net packet injection: enabled 2025/01/18 14:11:38 net device setup: enabled 2025/01/18 14:11:38 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/18 14:11:38 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/18 14:11:38 USB emulation: enabled 2025/01/18 14:11:38 hci packet injection: enabled 2025/01/18 14:11:38 wifi device emulation: enabled 2025/01/18 14:11:38 802.15.4 emulation: enabled 2025/01/18 14:11:38 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/18 14:11:38 fetching corpus: 50, signal 23454/26532 (executing program) 2025/01/18 14:11:38 fetching corpus: 100, signal 40203/43898 (executing program) 2025/01/18 14:11:38 fetching corpus: 150, signal 47309/51683 (executing program) 2025/01/18 14:11:38 fetching corpus: 200, signal 54347/59129 (executing program) 2025/01/18 14:11:39 fetching corpus: 250, signal 58110/63475 (executing program) 2025/01/18 14:11:39 fetching corpus: 300, signal 61857/67569 (executing program) 2025/01/18 14:11:39 fetching corpus: 350, signal 64845/70938 (executing program) 2025/01/18 14:11:39 fetching corpus: 400, signal 68041/74398 (executing program) 2025/01/18 14:11:39 fetching corpus: 450, signal 70670/77257 (executing program) 2025/01/18 14:11:39 fetching corpus: 500, signal 73294/80036 (executing program) 2025/01/18 14:11:40 fetching corpus: 550, signal 77226/83659 (executing program) 2025/01/18 14:11:40 fetching corpus: 600, signal 79610/86064 (executing program) 2025/01/18 14:11:40 fetching corpus: 650, signal 81435/87954 (executing program) 2025/01/18 14:11:40 fetching corpus: 700, signal 86289/91926 (executing program) 2025/01/18 14:11:40 fetching corpus: 750, signal 88213/93633 (executing program) 2025/01/18 14:11:40 fetching corpus: 800, signal 90588/95581 (executing program) 2025/01/18 14:11:41 fetching corpus: 850, signal 92553/97208 (executing program) 2025/01/18 14:11:41 fetching corpus: 900, signal 94161/98522 (executing program) 2025/01/18 14:11:41 fetching corpus: 950, signal 95615/99690 (executing program) 2025/01/18 14:11:41 fetching corpus: 1000, signal 97482/101090 (executing program) 2025/01/18 14:11:41 fetching corpus: 1050, signal 99467/102409 (executing program) 2025/01/18 14:11:42 fetching corpus: 1100, signal 100931/103387 (executing program) 2025/01/18 14:11:42 fetching corpus: 1150, signal 102120/104160 (executing program) 2025/01/18 14:11:42 fetching corpus: 1200, signal 103230/104834 (executing program) 2025/01/18 14:11:42 fetching corpus: 1250, signal 104624/105607 (executing program) 2025/01/18 14:11:42 fetching corpus: 1264, signal 104923/105810 (executing program) 2025/01/18 14:11:42 fetching corpus: 1264, signal 104923/105845 (executing program) 2025/01/18 14:11:42 fetching corpus: 1264, signal 104923/105878 (executing program) 2025/01/18 14:11:42 fetching corpus: 1264, signal 104923/105917 (executing program) 2025/01/18 14:11:42 fetching corpus: 1264, signal 104923/105940 (executing program) 2025/01/18 14:11:42 fetching corpus: 1264, signal 104923/105975 (executing program) 2025/01/18 14:11:42 fetching corpus: 1264, signal 104923/106014 (executing program) 2025/01/18 14:11:42 fetching corpus: 1264, signal 104923/106046 (executing program) 2025/01/18 14:11:42 fetching corpus: 1264, signal 104923/106079 (executing program) 2025/01/18 14:11:42 fetching corpus: 1264, signal 104923/106100 (executing program) 2025/01/18 14:11:42 fetching corpus: 1264, signal 104923/106127 (executing program) 2025/01/18 14:11:42 fetching corpus: 1264, signal 104923/106162 (executing program) 2025/01/18 14:11:42 fetching corpus: 1264, signal 104923/106197 (executing program) 2025/01/18 14:11:42 fetching corpus: 1264, signal 104923/106229 (executing program) 2025/01/18 14:11:42 fetching corpus: 1264, signal 104923/106266 (executing program) 2025/01/18 14:11:42 fetching corpus: 1264, signal 104923/106291 (executing program) 2025/01/18 14:11:42 fetching corpus: 1264, signal 104923/106326 (executing program) 2025/01/18 14:11:42 fetching corpus: 1264, signal 104923/106357 (executing program) 2025/01/18 14:11:42 fetching corpus: 1264, signal 104923/106389 (executing program) 2025/01/18 14:11:42 fetching corpus: 1264, signal 104923/106422 (executing program) 2025/01/18 14:11:42 fetching corpus: 1264, signal 104923/106449 (executing program) 2025/01/18 14:11:42 fetching corpus: 1264, signal 104923/106482 (executing program) 2025/01/18 14:11:43 fetching corpus: 1264, signal 104923/106517 (executing program) 2025/01/18 14:11:43 fetching corpus: 1264, signal 104923/106553 (executing program) 2025/01/18 14:11:43 fetching corpus: 1264, signal 104923/106583 (executing program) 2025/01/18 14:11:43 fetching corpus: 1264, signal 104923/106618 (executing program) 2025/01/18 14:11:43 fetching corpus: 1264, signal 104923/106643 (executing program) 2025/01/18 14:11:43 fetching corpus: 1264, signal 104923/106655 (executing program) 2025/01/18 14:11:43 fetching corpus: 1264, signal 104923/106655 (executing program) 2025/01/18 14:11:46 starting 8 fuzzer processes 14:11:46 executing program 0: ioperm(0x0, 0xfff, 0x7) pkey_mprotect(&(0x7f0000004000/0x1000)=nil, 0x1000, 0x0, 0xffffffffffffffff) 14:11:46 executing program 1: syz_mount_image$tmpfs(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000540)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) perf_event_open(&(0x7f0000000600)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 14:11:46 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000280)={0x53, 0x0, 0x6, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000140)="c0727718ec88", 0x0, 0x0, 0x0, 0x0, 0x0}) 14:11:46 executing program 3: syz_mount_image$msdos(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={[{@fat=@time_offset={'time_offset', 0x3d, 0x40000000000002}}]}) [ 96.659112] audit: type=1400 audit(1737209506.471:7): avc: denied { execmem } for pid=270 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 14:11:46 executing program 4: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) flistxattr(r0, 0x0, 0x0) 14:11:46 executing program 5: pipe2(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$cgroup_int(r0, &(0x7f0000001200), 0xfffffffffffffdef) 14:11:46 executing program 6: syz_mount_image$ext4(&(0x7f0000000140)='ext2\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1, &(0x7f00000002c0)=[{&(0x7f00000001c0)="d53c", 0x2, 0x4}], 0x0, 0x0) 14:11:46 executing program 7: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFNETMASK(r0, 0x891c, &(0x7f0000000080)={'team0\x00', {0x2, 0x0, @dev}}) [ 97.840088] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 97.841532] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 97.842675] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 97.844736] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 97.846184] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 97.847271] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 98.093883] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 98.103496] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 98.104626] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 98.105593] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 98.108406] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 98.109326] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 98.111364] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 98.114391] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 98.115199] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 98.116462] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 98.117486] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 98.118508] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 98.119927] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 98.123133] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 98.124807] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 98.125857] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 98.127205] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 98.130344] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 98.137805] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 98.141328] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 98.141485] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 98.145278] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 98.145477] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 98.154695] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 98.154811] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 98.156860] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 98.158429] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 98.159440] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 98.164157] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 98.165448] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 98.166928] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 98.168415] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 98.169447] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 98.170615] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 98.176617] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 98.178372] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 98.179448] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 98.180559] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 98.185295] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 98.201162] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 98.220328] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 98.222347] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 99.866657] Bluetooth: hci0: command tx timeout [ 100.186119] Bluetooth: hci4: command tx timeout [ 100.186301] Bluetooth: hci5: command tx timeout [ 100.186467] Bluetooth: hci3: command tx timeout [ 100.250113] Bluetooth: hci2: command tx timeout [ 100.250519] Bluetooth: hci6: command tx timeout [ 100.250669] Bluetooth: hci1: command tx timeout [ 100.314368] Bluetooth: hci7: command tx timeout [ 101.914733] Bluetooth: hci0: command tx timeout [ 102.235013] Bluetooth: hci4: command tx timeout [ 102.235624] Bluetooth: hci3: command tx timeout [ 102.236200] Bluetooth: hci5: command tx timeout [ 102.298780] Bluetooth: hci1: command tx timeout [ 102.298859] Bluetooth: hci6: command tx timeout [ 102.298945] Bluetooth: hci2: command tx timeout [ 102.362118] Bluetooth: hci7: command tx timeout [ 103.964032] Bluetooth: hci0: command tx timeout [ 104.282293] Bluetooth: hci4: command tx timeout [ 104.282890] Bluetooth: hci3: command tx timeout [ 104.283493] Bluetooth: hci5: command tx timeout [ 104.346085] Bluetooth: hci2: command tx timeout [ 104.346626] Bluetooth: hci6: command tx timeout [ 104.346719] Bluetooth: hci1: command tx timeout [ 104.411063] Bluetooth: hci7: command tx timeout [ 106.010380] Bluetooth: hci0: command tx timeout [ 106.330133] Bluetooth: hci3: command tx timeout [ 106.330238] Bluetooth: hci5: command tx timeout [ 106.330327] Bluetooth: hci4: command tx timeout [ 106.394092] Bluetooth: hci2: command tx timeout [ 106.394618] Bluetooth: hci1: command tx timeout [ 106.394709] Bluetooth: hci6: command tx timeout [ 106.458064] Bluetooth: hci7: command tx timeout [ 158.478335] syz-executor.5 (280) used greatest stack depth: 23296 bytes left [ 160.939441] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 160.942683] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 160.947583] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 160.950279] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 160.953450] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 160.962222] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 160.966752] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 160.969719] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 160.972595] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 160.990772] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 161.006219] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 161.008517] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 161.093689] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 161.103377] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 161.110341] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 161.118848] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 161.139421] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 161.153609] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 161.162199] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 161.175783] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 161.178350] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 161.181284] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 161.195399] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 161.200756] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 161.203214] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 161.208384] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 161.220610] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 161.223268] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 161.224983] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 161.237934] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 161.247314] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 161.249670] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 161.258213] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 161.261216] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 161.264585] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 161.281160] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 161.281724] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 161.284384] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 161.288122] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 161.293228] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 161.293593] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 161.313848] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 161.323695] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 161.355637] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 161.357862] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 161.363568] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 161.379311] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 161.380185] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 163.034146] Bluetooth: hci0: command tx timeout [ 163.034185] Bluetooth: hci1: command tx timeout [ 163.290388] Bluetooth: hci4: command tx timeout [ 163.355065] Bluetooth: hci6: command tx timeout [ 163.355222] Bluetooth: hci2: command tx timeout [ 163.420065] Bluetooth: hci3: command tx timeout [ 163.482146] Bluetooth: hci5: command tx timeout [ 163.482233] Bluetooth: hci7: command tx timeout [ 165.082589] Bluetooth: hci0: command tx timeout [ 165.082621] Bluetooth: hci1: command tx timeout [ 165.338286] Bluetooth: hci4: command tx timeout [ 165.402089] Bluetooth: hci6: command tx timeout [ 165.402110] Bluetooth: hci2: command tx timeout [ 165.467025] Bluetooth: hci3: command tx timeout [ 165.530025] Bluetooth: hci5: command tx timeout [ 165.532991] Bluetooth: hci7: command tx timeout [ 167.130158] Bluetooth: hci1: command tx timeout [ 167.130308] Bluetooth: hci0: command tx timeout [ 167.386124] Bluetooth: hci4: command tx timeout [ 167.451071] Bluetooth: hci2: command tx timeout [ 167.451118] Bluetooth: hci6: command tx timeout [ 167.514139] Bluetooth: hci3: command tx timeout [ 167.578674] Bluetooth: hci7: command tx timeout [ 167.578694] Bluetooth: hci5: command tx timeout [ 169.178299] Bluetooth: hci0: command tx timeout [ 169.178391] Bluetooth: hci1: command tx timeout [ 169.434076] Bluetooth: hci4: command tx timeout [ 169.499078] Bluetooth: hci6: command tx timeout [ 169.499161] Bluetooth: hci2: command tx timeout [ 169.562057] Bluetooth: hci3: command tx timeout [ 169.626087] Bluetooth: hci5: command tx timeout [ 169.627817] Bluetooth: hci7: command tx timeout [ 219.390513] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 219.390636] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 219.702902] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 219.703023] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 220.668949] [ 220.669213] ====================================================== [ 220.669815] WARNING: possible circular locking dependency detected [ 220.670411] 6.13.0-rc7-next-20250117 #1 Not tainted [ 220.671340] ------------------------------------------------------ [ 220.672586] kworker/u8:0/11 is trying to acquire lock: [ 220.673708] ffffffff8621b968 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 220.675526] [ 220.675526] but task is already holding lock: [ 220.676633] ffff88802e250768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 220.678491] [ 220.678491] which lock already depends on the new lock. [ 220.678491] [ 220.680603] [ 220.680603] the existing dependency chain (in reverse order) is: [ 220.681995] [ 220.681995] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 220.683282] __mutex_lock+0x13d/0xb50 [ 220.684176] wiphy_register+0x1b2e/0x25d0 [ 220.685116] ieee80211_register_hw+0x23a4/0x3d60 [ 220.686140] mac80211_hwsim_new_radio+0x2759/0x4d50 [ 220.687616] init_mac80211_hwsim+0x389/0x870 [ 220.688335] do_one_initcall+0xf9/0x640 [ 220.689001] kernel_init_freeable+0x53d/0x7a0 [ 220.689748] kernel_init+0x1e/0x2d0 [ 220.690336] ret_from_fork+0x48/0x80 [ 220.690927] ret_from_fork_asm+0x1a/0x30 [ 220.691608] [ 220.691608] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 220.692469] __lock_acquire+0x29fd/0x4580 [ 220.693151] lock_acquire+0x19b/0x520 [ 220.693779] __mutex_lock+0x13d/0xb50 [ 220.694418] unregister_netdevice_many_notify+0x1612/0x1c80 [ 220.695289] unregister_netdevice_queue+0x224/0x2e0 [ 220.696061] _cfg80211_unregister_wdev+0x57b/0x700 [ 220.696844] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 220.697615] ieee80211_unregister_hw+0x55/0x3a0 [ 220.698331] hwsim_exit_net+0x3a0/0x730 [ 220.698964] ops_exit_list+0xb3/0x180 [ 220.699591] cleanup_net+0x546/0xad0 [ 220.700206] process_one_work+0x8ee/0x1a10 [ 220.700920] worker_thread+0x674/0xe70 [ 220.701587] kthread+0x3ab/0x720 [ 220.702178] ret_from_fork+0x48/0x80 [ 220.702779] ret_from_fork_asm+0x1a/0x30 [ 220.703453] [ 220.703453] other info that might help us debug this: [ 220.703453] [ 220.704496] Possible unsafe locking scenario: [ 220.704496] [ 220.705295] CPU0 CPU1 [ 220.705926] ---- ---- [ 220.706550] lock(&rdev->wiphy.mtx); [ 220.707125] lock(rtnl_mutex); [ 220.707915] lock(&rdev->wiphy.mtx); [ 220.708782] lock(rtnl_mutex); [ 220.709282] [ 220.709282] *** DEADLOCK *** [ 220.709282] [ 220.710059] 4 locks held by kworker/u8:0/11: [ 220.710654] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 220.712050] #1: ffff8880095dfd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 220.713400] #2: ffffffff8620f810 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 220.714648] #3: ffff88802e250768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 220.716056] [ 220.716056] stack backtrace: [ 220.716654] CPU: 0 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.13.0-rc7-next-20250117 #1 [ 220.717785] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 220.718556] Workqueue: netns cleanup_net [ 220.718967] Call Trace: [ 220.719220] [ 220.719448] dump_stack_lvl+0xca/0x120 [ 220.719866] print_circular_bug+0x47b/0x750 [ 220.720309] check_noncircular+0x2e9/0x3c0 [ 220.720741] ? srso_return_thunk+0x5/0x5f [ 220.721185] ? __pfx_check_noncircular+0x10/0x10 [ 220.721662] ? hlock_class+0x4e/0x130 [ 220.722045] ? mark_lock+0xac/0xed0 [ 220.722424] ? srso_return_thunk+0x5/0x5f [ 220.722859] ? dl_scaled_delta_exec+0xd4/0x2c0 [ 220.723322] ? lockdep_lock+0xba/0x1b0 [ 220.723731] ? __pfx_lockdep_lock+0x10/0x10 [ 220.724194] __lock_acquire+0x29fd/0x4580 [ 220.724630] ? __pfx___lock_acquire+0x10/0x10 [ 220.725092] ? lock_release+0x20f/0x6f0 [ 220.725505] ? __pfx_lock_release+0x10/0x10 [ 220.725950] lock_acquire+0x19b/0x520 [ 220.726346] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 220.726930] ? __pfx_lock_acquire+0x10/0x10 [ 220.727369] ? srso_return_thunk+0x5/0x5f [ 220.727817] ? lock_release+0x20f/0x6f0 [ 220.728232] ? srso_return_thunk+0x5/0x5f [ 220.728668] ? lock_is_held_type+0x9e/0x120 [ 220.729127] ? srso_return_thunk+0x5/0x5f [ 220.729558] __mutex_lock+0x13d/0xb50 [ 220.729954] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 220.730520] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 220.731091] ? srso_return_thunk+0x5/0x5f [ 220.731521] ? synchronize_rcu_expedited+0x38a/0x420 [ 220.732019] ? __pfx___mutex_lock+0x10/0x10 [ 220.732460] ? __pfx_autoremove_wake_function+0x10/0x10 [ 220.732997] ? srso_return_thunk+0x5/0x5f [ 220.733426] ? kasan_quarantine_put+0x84/0x1e0 [ 220.733908] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 220.734360] ? srso_return_thunk+0x5/0x5f [ 220.734798] unregister_netdevice_many_notify+0x1612/0x1c80 [ 220.735357] ? __virt_addr_valid+0x2e8/0x5d0 [ 220.735820] ? __pfx_lock_release+0x10/0x10 [ 220.736265] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 220.736860] ? find_held_lock+0x2c/0x110 [ 220.737287] ? srso_return_thunk+0x5/0x5f [ 220.737714] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 220.738217] ? srso_return_thunk+0x5/0x5f [ 220.738649] ? lock_release+0x20f/0x6f0 [ 220.739060] ? __pfx_lock_release+0x10/0x10 [ 220.739496] ? srso_return_thunk+0x5/0x5f [ 220.739934] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 220.740457] ? srso_return_thunk+0x5/0x5f [ 220.740907] unregister_netdevice_queue+0x224/0x2e0 [ 220.741407] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 220.741946] ? up_write+0x195/0x520 [ 220.742338] _cfg80211_unregister_wdev+0x57b/0x700 [ 220.742845] ? srso_return_thunk+0x5/0x5f [ 220.743285] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 220.743786] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 220.744331] ? srso_return_thunk+0x5/0x5f [ 220.744767] ? srso_return_thunk+0x5/0x5f [ 220.745205] ? synchronize_rcu+0x1ff/0x260 [ 220.745637] ieee80211_unregister_hw+0x55/0x3a0 [ 220.746107] hwsim_exit_net+0x3a0/0x730 [ 220.746512] ? __pfx_hwsim_exit_net+0x10/0x10 [ 220.746964] ? srso_return_thunk+0x5/0x5f [ 220.747399] ? netdev_run_todo+0x788/0x1040 [ 220.747837] ? srso_return_thunk+0x5/0x5f [ 220.748267] ? __pfx_hwsim_exit_net+0x10/0x10 [ 220.748715] ops_exit_list+0xb3/0x180 [ 220.749111] cleanup_net+0x546/0xad0 [ 220.749498] ? __pfx_cleanup_net+0x10/0x10 [ 220.749937] process_one_work+0x8ee/0x1a10 [ 220.750381] ? __pfx_lock_acquire+0x10/0x10 [ 220.750817] ? __pfx_process_one_work+0x10/0x10 [ 220.751297] ? srso_return_thunk+0x5/0x5f [ 220.751727] ? move_linked_works+0x172/0x270 [ 220.752184] ? srso_return_thunk+0x5/0x5f [ 220.752617] ? assign_work+0x196/0x240 [ 220.753044] worker_thread+0x674/0xe70 [ 220.753456] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 220.753987] ? __pfx_worker_thread+0x10/0x10 [ 220.754454] kthread+0x3ab/0x720 [ 220.754821] ? __pfx_kthread+0x10/0x10 [ 220.755236] ? srso_return_thunk+0x5/0x5f [ 220.755668] ? finish_task_switch.isra.0+0x206/0x840 [ 220.756186] ? __pfx_kthread+0x10/0x10 [ 220.756598] ret_from_fork+0x48/0x80 [ 220.756977] ? __pfx_kthread+0x10/0x10 [ 220.757386] ret_from_fork_asm+0x1a/0x30 [ 220.757814] [ 222.562603] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 222.565851] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 222.567489] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 222.570566] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 222.572334] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 222.573765] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 222.699311] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 222.701419] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 222.703327] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 222.706836] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 222.712293] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 222.714330] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 222.730568] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 222.736330] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 222.739159] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 222.744673] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 222.756744] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 222.765900] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 222.823257] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 222.826575] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 222.831274] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 222.833639] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 222.835724] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 222.839336] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 222.841623] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 222.843540] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 222.847594] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 222.847730] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 222.849891] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 222.873550] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 222.875258] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 222.881845] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 222.885344] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 222.888257] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 222.889920] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 222.891615] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 222.909287] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 222.910992] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 222.918291] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 222.960031] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 222.961714] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 222.964249] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 222.973877] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 222.975152] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 223.025758] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 223.036515] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 223.036810] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 223.044243] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 224.602971] Bluetooth: hci0: command tx timeout [ 224.795025] Bluetooth: hci2: command tx timeout [ 224.796185] Bluetooth: hci1: command tx timeout [ 224.922040] Bluetooth: hci5: command tx timeout [ 224.987049] Bluetooth: hci3: command tx timeout [ 225.051035] Bluetooth: hci4: command tx timeout [ 225.114100] Bluetooth: hci6: command tx timeout [ 225.180017] Bluetooth: hci7: command tx timeout [ 226.651364] Bluetooth: hci0: command tx timeout [ 226.842643] Bluetooth: hci2: command tx timeout [ 226.842775] Bluetooth: hci1: command tx timeout [ 226.970673] Bluetooth: hci5: command tx timeout [ 227.034088] Bluetooth: hci3: command tx timeout [ 227.099013] Bluetooth: hci4: command tx timeout [ 227.162405] Bluetooth: hci6: command tx timeout [ 227.226989] Bluetooth: hci7: command tx timeout [ 228.698034] Bluetooth: hci0: command tx timeout [ 228.890232] Bluetooth: hci2: command tx timeout [ 228.890291] Bluetooth: hci1: command tx timeout [ 229.018222] Bluetooth: hci5: command tx timeout [ 229.082237] Bluetooth: hci3: command tx timeout [ 229.148188] Bluetooth: hci4: command tx timeout [ 229.210144] Bluetooth: hci6: command tx timeout [ 229.274057] Bluetooth: hci7: command tx timeout VM DIAGNOSIS: 14:13:50 Registers: info registers vcpu 0 RAX=0000000000000032 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8283cdc5 RDI=ffffffff886930a0 RBP=ffffffff88693060 RSP=ffff8880095debb8 R8 =0000000000000001 R9 =ffffed10012bbd67 R10=0000000000000032 R11=6f6c206863696877 R12=0000000000000032 R13=0000000000000001 R14=ffff888008fea04f R15=ffff8880095deeb8 RIP=ffffffff8283ce1d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fff66fe8ff8 CR3=00000000133d8000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000000000000000000000 XMM03=000000c00093f1d0000000c00093f1a0 XMM04=000000c000848c40000000c0008487c0 XMM05=000000c000849780000000c000849180 XMM06=000000c0009a0740000000c000849c40 XMM07=000000c000afeab0000000c0009a0800 XMM08=000000c000855080000000c000854e40 XMM09=000000c000855480000000c000855240 XMM10=000000c000855d00000000c000855940 XMM11=000000c000855f40000000c000855e80 XMM12=000000c0008aa330000000c0008b8040 XMM13=000000c000295170000000c000295140 XMM14=000000c00009c460000000c0002951a0 XMM15=000000c00006c000000000c000057e90 info registers vcpu 1 RAX=000000000098efdc RBX=0000000000000029 RCX=0000000000040000 RDX=0000000000200000 RSI=00000000000012c0 RDI=0000000000000000 RBP=000000c0000bbe10 RSP=000000c0000bbde8 R8 =000000000098efdc R9 =0000000000000039 R10=0000000001f21248 R11=0000000000000063 R12=0000000000000003 R13=000000c0000ac480 R14=000000337e129fbd R15=0000000000000001 RIP=000000000041477c RFL=00000287 [--S--PC] CPL=3 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0033 0000000000000000 ffffffff 00a0fb00 DPL=3 CS64 [-RA] SS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000000c0002f0090 00000000 00000000 GS =0000 0000000000000000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fa04905c980 CR3=00000000133d8000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=000000c0008e32c0000000c0008e3290 XMM02=000000c000948f40000000c000948a00 XMM03=000000c0003d98a0000000c000949240 XMM04=000000c00088e6c0000000c0008e1f80 XMM05=000000c000831500000000c00088fe00 XMM06=000000c0006c3080000000c0006c2740 XMM07=000000c00020ae40000000c0008cf580 XMM08=000000c0008e1f80000000c0008e1e40 XMM09=000000c00088fe00000000c00088e6c0 XMM10=000000c0006c2740000000c000831500 XMM11=000000c0008cf580000000c0006c3080 XMM12=000000c00045fe00000000c00020ae40 XMM13=000000c00094ef80000000c0008f3480 XMM14=000000c000b22f00000000c000b22240 XMM15=000000c00099b840000000c00065c240