syzkaller login: [ 57.939368] sshd (231) used greatest stack depth: 24216 bytes left Warning: Permanently added '[localhost]:53653' (ECDSA) to the list of known hosts. 2025/01/18 18:42:55 fuzzer started 2025/01/18 18:42:56 dialing manager at localhost:44245 [ 61.028373] cgroup: Unknown subsys name 'net' [ 61.150207] cgroup: Unknown subsys name 'cpuset' [ 61.196906] cgroup: Unknown subsys name 'rlimit' [ 67.912267] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 78.539338] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/18 18:43:14 syscalls: 2217 2025/01/18 18:43:14 code coverage: enabled 2025/01/18 18:43:14 comparison tracing: enabled 2025/01/18 18:43:14 extra coverage: enabled 2025/01/18 18:43:14 setuid sandbox: enabled 2025/01/18 18:43:14 namespace sandbox: enabled 2025/01/18 18:43:14 Android sandbox: enabled 2025/01/18 18:43:14 fault injection: enabled 2025/01/18 18:43:14 leak checking: enabled 2025/01/18 18:43:14 net packet injection: enabled 2025/01/18 18:43:14 net device setup: enabled 2025/01/18 18:43:14 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/18 18:43:14 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/18 18:43:14 USB emulation: enabled 2025/01/18 18:43:14 hci packet injection: enabled 2025/01/18 18:43:14 wifi device emulation: enabled 2025/01/18 18:43:14 802.15.4 emulation: enabled 2025/01/18 18:43:14 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/18 18:43:14 fetching corpus: 50, signal 27586/30480 (executing program) 2025/01/18 18:43:14 fetching corpus: 100, signal 35593/39565 (executing program) 2025/01/18 18:43:14 fetching corpus: 150, signal 42721/47497 (executing program) 2025/01/18 18:43:14 fetching corpus: 200, signal 52584/57691 (executing program) 2025/01/18 18:43:15 fetching corpus: 250, signal 57685/63223 (executing program) 2025/01/18 18:43:15 fetching corpus: 300, signal 61822/67724 (executing program) 2025/01/18 18:43:15 fetching corpus: 350, signal 66080/72183 (executing program) 2025/01/18 18:43:15 fetching corpus: 400, signal 69750/76006 (executing program) 2025/01/18 18:43:15 fetching corpus: 450, signal 72955/79315 (executing program) 2025/01/18 18:43:15 fetching corpus: 500, signal 76278/82553 (executing program) 2025/01/18 18:43:15 fetching corpus: 550, signal 79232/85450 (executing program) 2025/01/18 18:43:15 fetching corpus: 600, signal 81555/87679 (executing program) 2025/01/18 18:43:15 fetching corpus: 650, signal 83399/89510 (executing program) 2025/01/18 18:43:16 fetching corpus: 700, signal 85560/91541 (executing program) 2025/01/18 18:43:16 fetching corpus: 750, signal 87651/93377 (executing program) 2025/01/18 18:43:16 fetching corpus: 800, signal 90063/95360 (executing program) 2025/01/18 18:43:16 fetching corpus: 850, signal 92187/97065 (executing program) 2025/01/18 18:43:16 fetching corpus: 900, signal 93635/98256 (executing program) 2025/01/18 18:43:16 fetching corpus: 950, signal 95276/99500 (executing program) 2025/01/18 18:43:17 fetching corpus: 1000, signal 96764/100601 (executing program) 2025/01/18 18:43:17 fetching corpus: 1050, signal 98086/101552 (executing program) 2025/01/18 18:43:17 fetching corpus: 1100, signal 99714/102662 (executing program) 2025/01/18 18:43:17 fetching corpus: 1150, signal 102074/104105 (executing program) 2025/01/18 18:43:17 fetching corpus: 1200, signal 102970/104665 (executing program) 2025/01/18 18:43:17 fetching corpus: 1250, signal 104674/105631 (executing program) 2025/01/18 18:43:17 fetching corpus: 1266, signal 104934/105800 (executing program) 2025/01/18 18:43:17 fetching corpus: 1266, signal 104934/105838 (executing program) 2025/01/18 18:43:17 fetching corpus: 1266, signal 104934/105877 (executing program) 2025/01/18 18:43:17 fetching corpus: 1266, signal 104934/105914 (executing program) 2025/01/18 18:43:17 fetching corpus: 1266, signal 104934/105953 (executing program) 2025/01/18 18:43:17 fetching corpus: 1266, signal 104934/105982 (executing program) 2025/01/18 18:43:17 fetching corpus: 1266, signal 104934/106009 (executing program) 2025/01/18 18:43:17 fetching corpus: 1266, signal 104934/106045 (executing program) 2025/01/18 18:43:17 fetching corpus: 1266, signal 104934/106078 (executing program) 2025/01/18 18:43:17 fetching corpus: 1266, signal 104934/106123 (executing program) 2025/01/18 18:43:17 fetching corpus: 1266, signal 104934/106151 (executing program) 2025/01/18 18:43:17 fetching corpus: 1266, signal 104934/106180 (executing program) 2025/01/18 18:43:18 fetching corpus: 1266, signal 104934/106212 (executing program) 2025/01/18 18:43:18 fetching corpus: 1266, signal 104934/106234 (executing program) 2025/01/18 18:43:18 fetching corpus: 1266, signal 104934/106275 (executing program) 2025/01/18 18:43:18 fetching corpus: 1266, signal 104934/106302 (executing program) 2025/01/18 18:43:18 fetching corpus: 1266, signal 104934/106338 (executing program) 2025/01/18 18:43:18 fetching corpus: 1266, signal 104934/106373 (executing program) 2025/01/18 18:43:18 fetching corpus: 1266, signal 104934/106406 (executing program) 2025/01/18 18:43:18 fetching corpus: 1266, signal 104934/106443 (executing program) 2025/01/18 18:43:18 fetching corpus: 1266, signal 104934/106473 (executing program) 2025/01/18 18:43:18 fetching corpus: 1266, signal 104934/106510 (executing program) 2025/01/18 18:43:18 fetching corpus: 1266, signal 104934/106535 (executing program) 2025/01/18 18:43:18 fetching corpus: 1266, signal 104934/106573 (executing program) 2025/01/18 18:43:18 fetching corpus: 1266, signal 104934/106601 (executing program) 2025/01/18 18:43:18 fetching corpus: 1266, signal 104934/106628 (executing program) 2025/01/18 18:43:18 fetching corpus: 1266, signal 104934/106655 (executing program) 2025/01/18 18:43:18 fetching corpus: 1266, signal 104934/106667 (executing program) 2025/01/18 18:43:18 fetching corpus: 1266, signal 104934/106667 (executing program) 2025/01/18 18:43:22 starting 8 fuzzer processes 18:43:22 executing program 0: semctl$IPC_INFO(0x0, 0x0, 0x3, &(0x7f0000007dc0)) 18:43:22 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xfc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = getpgid(0x0) move_pages(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 18:43:22 executing program 2: r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000840)='/proc/self/attr/sockcreate\x00', 0x2, 0x0) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000240)="8c", 0x1}], 0x1, 0x0, 0x0, 0x8) 18:43:22 executing program 3: syz_emit_ethernet(0x2e, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @udp={{0x6, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @remote, {[@timestamp_addr={0x7, 0x3, 0xf, 0x3}]}}, {0x0, 0x0, 0x8}}}}}, 0x0) [ 86.834973] audit: type=1400 audit(1737225802.350:7): avc: denied { execmem } for pid=273 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 18:43:22 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x19, 0x0, 0x0) 18:43:22 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0xb, 0x0, 0x0) 18:43:22 executing program 6: syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @random="c7899dad433e", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @loopback, @remote}, @dest_unreach={0x5, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr, @loopback}}}}}}, 0x0) 18:43:22 executing program 7: syz_io_uring_setup(0x5ef7, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0) [ 88.239173] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 88.241792] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 88.248127] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 88.256998] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 88.261954] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 88.266057] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 88.361126] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 88.369273] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 88.373661] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 88.378453] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 88.381371] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 88.383092] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 88.422683] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 88.424486] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 88.429866] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 88.436730] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 88.449704] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 88.450769] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 88.498268] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 88.503718] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 88.505975] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 88.510491] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 88.515846] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 88.518020] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 88.642959] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 88.658835] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 88.659773] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 88.686942] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 88.690009] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 88.699132] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 88.702149] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 88.702472] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 88.719391] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 88.720951] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 88.724216] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 88.733072] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 88.751170] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 88.752104] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 88.755027] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 88.757119] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 88.761098] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 88.761479] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 88.762193] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 88.803053] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 88.838173] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 88.841168] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 88.843472] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 88.866418] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 90.325694] Bluetooth: hci0: command tx timeout [ 90.453610] Bluetooth: hci1: command tx timeout [ 90.516734] Bluetooth: hci2: command tx timeout [ 90.581928] Bluetooth: hci3: command tx timeout [ 90.900622] Bluetooth: hci4: command tx timeout [ 90.901657] Bluetooth: hci5: command tx timeout [ 90.968130] Bluetooth: hci6: command tx timeout [ 90.968816] Bluetooth: hci7: command tx timeout [ 92.372594] Bluetooth: hci0: command tx timeout [ 92.501642] Bluetooth: hci1: command tx timeout [ 92.564668] Bluetooth: hci2: command tx timeout [ 92.629622] Bluetooth: hci3: command tx timeout [ 92.949630] Bluetooth: hci5: command tx timeout [ 92.949748] Bluetooth: hci4: command tx timeout [ 93.013639] Bluetooth: hci7: command tx timeout [ 93.013740] Bluetooth: hci6: command tx timeout [ 94.421869] Bluetooth: hci0: command tx timeout [ 94.548597] Bluetooth: hci1: command tx timeout [ 94.612924] Bluetooth: hci2: command tx timeout [ 94.677621] Bluetooth: hci3: command tx timeout [ 94.997802] Bluetooth: hci5: command tx timeout [ 94.998081] Bluetooth: hci4: command tx timeout [ 95.060654] Bluetooth: hci6: command tx timeout [ 95.060801] Bluetooth: hci7: command tx timeout [ 96.469643] Bluetooth: hci0: command tx timeout [ 96.596824] Bluetooth: hci1: command tx timeout [ 96.661890] Bluetooth: hci2: command tx timeout [ 96.724621] Bluetooth: hci3: command tx timeout [ 97.045631] Bluetooth: hci5: command tx timeout [ 97.045748] Bluetooth: hci4: command tx timeout [ 97.108827] Bluetooth: hci6: command tx timeout [ 97.109087] Bluetooth: hci7: command tx timeout [ 150.697149] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 150.700000] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 150.701072] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 150.704875] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 150.707772] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 150.717412] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 150.717667] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 150.720312] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 150.722031] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 150.724149] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 150.726779] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 150.727968] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 150.747749] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 150.750312] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 150.752139] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 150.756837] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 150.760276] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 150.762692] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 150.939945] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 150.943554] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 150.946617] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 150.952830] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 150.954270] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 150.955746] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 150.956136] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 150.957058] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 150.957851] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 150.960216] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 150.970792] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 150.972195] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 150.974715] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 150.975433] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 150.977751] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 150.978978] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 150.980009] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 150.980361] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 150.983003] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 150.985219] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 150.987713] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 150.988211] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 150.989233] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 151.002322] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 151.005108] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 151.007775] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 151.027757] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 151.028070] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 151.031726] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 151.031945] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 152.789628] Bluetooth: hci2: command tx timeout [ 152.789759] Bluetooth: hci1: command tx timeout [ 152.790119] Bluetooth: hci0: command tx timeout [ 153.045109] Bluetooth: hci5: command tx timeout [ 153.045135] Bluetooth: hci6: command tx timeout [ 153.172715] Bluetooth: hci7: command tx timeout [ 153.174026] Bluetooth: hci4: command tx timeout [ 153.557616] Bluetooth: hci3: command tx timeout [ 154.836601] Bluetooth: hci0: command tx timeout [ 154.836655] Bluetooth: hci1: command tx timeout [ 154.836745] Bluetooth: hci2: command tx timeout [ 155.092599] Bluetooth: hci5: command tx timeout [ 155.093786] Bluetooth: hci6: command tx timeout [ 155.220634] Bluetooth: hci4: command tx timeout [ 155.221402] Bluetooth: hci7: command tx timeout [ 155.604616] Bluetooth: hci3: command tx timeout [ 156.886567] Bluetooth: hci2: command tx timeout [ 156.886662] Bluetooth: hci0: command tx timeout [ 156.887246] Bluetooth: hci1: command tx timeout [ 157.141613] Bluetooth: hci6: command tx timeout [ 157.141711] Bluetooth: hci5: command tx timeout [ 157.269698] Bluetooth: hci4: command tx timeout [ 157.269793] Bluetooth: hci7: command tx timeout [ 157.653589] Bluetooth: hci3: command tx timeout [ 158.932617] Bluetooth: hci1: command tx timeout [ 158.932728] Bluetooth: hci0: command tx timeout [ 158.932833] Bluetooth: hci2: command tx timeout [ 159.188654] Bluetooth: hci5: command tx timeout [ 159.188710] Bluetooth: hci6: command tx timeout [ 159.317857] Bluetooth: hci7: command tx timeout [ 159.317961] Bluetooth: hci4: command tx timeout [ 159.701514] Bluetooth: hci3: command tx timeout [ 210.858799] [ 210.859059] ====================================================== [ 210.859679] WARNING: possible circular locking dependency detected [ 210.860292] 6.13.0-rc7-next-20250117 #1 Not tainted [ 210.860777] ------------------------------------------------------ [ 210.864957] kworker/u8:1/66 is trying to acquire lock: [ 210.865475] ffffffff8621b968 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 210.866528] [ 210.866528] but task is already holding lock: [ 210.867099] ffff88802a410768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 210.868100] [ 210.868100] which lock already depends on the new lock. [ 210.868100] [ 210.868882] [ 210.868882] the existing dependency chain (in reverse order) is: [ 210.869599] [ 210.869599] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 210.870281] __mutex_lock+0x13d/0xb50 [ 210.870751] wiphy_register+0x1b2e/0x25d0 [ 210.871250] ieee80211_register_hw+0x23a4/0x3d60 [ 210.871789] mac80211_hwsim_new_radio+0x2759/0x4d50 [ 210.872372] init_mac80211_hwsim+0x389/0x870 [ 210.872898] do_one_initcall+0xf9/0x640 [ 210.873404] kernel_init_freeable+0x53d/0x7a0 [ 210.873943] kernel_init+0x1e/0x2d0 [ 210.874408] ret_from_fork+0x48/0x80 [ 210.874882] ret_from_fork_asm+0x1a/0x30 [ 210.875387] [ 210.875387] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 210.876014] __lock_acquire+0x29fd/0x4580 [ 210.876509] lock_acquire+0x19b/0x520 [ 210.876958] __mutex_lock+0x13d/0xb50 [ 210.877428] unregister_netdevice_many_notify+0x1612/0x1c80 [ 210.878059] unregister_netdevice_queue+0x224/0x2e0 [ 210.878634] _cfg80211_unregister_wdev+0x57b/0x700 [ 210.879202] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 210.879773] ieee80211_unregister_hw+0x55/0x3a0 [ 210.880306] hwsim_exit_net+0x3a0/0x730 [ 210.880767] ops_exit_list+0xb3/0x180 [ 210.881211] cleanup_net+0x546/0xad0 [ 210.881666] process_one_work+0x8ee/0x1a10 [ 210.882188] worker_thread+0x674/0xe70 [ 210.882674] kthread+0x3ab/0x720 [ 210.883096] ret_from_fork+0x48/0x80 [ 210.883534] ret_from_fork_asm+0x1a/0x30 [ 210.884023] [ 210.884023] other info that might help us debug this: [ 210.884023] [ 210.884781] Possible unsafe locking scenario: [ 210.884781] [ 210.885369] CPU0 CPU1 [ 210.885830] ---- ---- [ 210.886287] lock(&rdev->wiphy.mtx); [ 210.886699] lock(rtnl_mutex); [ 210.887289] lock(&rdev->wiphy.mtx); [ 210.887915] lock(rtnl_mutex); [ 210.888279] [ 210.888279] *** DEADLOCK *** [ 210.888279] [ 210.888846] 4 locks held by kworker/u8:1/66: [ 210.889295] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 210.890354] #1: ffff88800efcfd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 210.891358] #2: ffffffff8620f810 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 210.892295] #3: ffff88802a410768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 210.893339] [ 210.893339] stack backtrace: [ 210.893788] CPU: 0 UID: 0 PID: 66 Comm: kworker/u8:1 Not tainted 6.13.0-rc7-next-20250117 #1 [ 210.894599] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 210.895387] Workqueue: netns cleanup_net [ 210.895817] Call Trace: [ 210.896073] [ 210.896315] dump_stack_lvl+0xca/0x120 [ 210.896735] print_circular_bug+0x47b/0x750 [ 210.897173] check_noncircular+0x2e9/0x3c0 [ 210.897615] ? __pfx_check_noncircular+0x10/0x10 [ 210.898115] ? hlock_class+0x4e/0x130 [ 210.898501] ? mark_lock+0xac/0xed0 [ 210.898895] ? srso_return_thunk+0x5/0x5f [ 210.899339] ? dl_scaled_delta_exec+0xd4/0x2c0 [ 210.899816] ? lockdep_lock+0xba/0x1b0 [ 210.900252] ? __pfx_lockdep_lock+0x10/0x10 [ 210.900715] __lock_acquire+0x29fd/0x4580 [ 210.901147] ? __pfx___lock_acquire+0x10/0x10 [ 210.901631] ? lock_release+0x20f/0x6f0 [ 210.902077] ? __pfx_lock_release+0x10/0x10 [ 210.902532] lock_acquire+0x19b/0x520 [ 210.902925] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 210.903509] ? __pfx_lock_acquire+0x10/0x10 [ 210.903946] ? srso_return_thunk+0x5/0x5f [ 210.904389] ? lock_release+0x20f/0x6f0 [ 210.904800] ? srso_return_thunk+0x5/0x5f [ 210.905245] ? lock_is_held_type+0x9e/0x120 [ 210.905713] ? srso_return_thunk+0x5/0x5f [ 210.906160] __mutex_lock+0x13d/0xb50 [ 210.906571] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 210.907150] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 210.907734] ? srso_return_thunk+0x5/0x5f [ 210.908178] ? synchronize_rcu_expedited+0x38a/0x420 [ 210.908698] ? __pfx___mutex_lock+0x10/0x10 [ 210.909157] ? __pfx_autoremove_wake_function+0x10/0x10 [ 210.909727] ? srso_return_thunk+0x5/0x5f [ 210.910171] ? kasan_quarantine_put+0x84/0x1e0 [ 210.910669] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 210.911123] ? srso_return_thunk+0x5/0x5f [ 210.911573] unregister_netdevice_many_notify+0x1612/0x1c80 [ 210.912132] ? __virt_addr_valid+0x2e8/0x5d0 [ 210.912600] ? __pfx_lock_release+0x10/0x10 [ 210.913042] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 210.913647] ? find_held_lock+0x2c/0x110 [ 210.914094] ? srso_return_thunk+0x5/0x5f [ 210.914543] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 210.915057] ? srso_return_thunk+0x5/0x5f [ 210.915498] ? lock_release+0x20f/0x6f0 [ 210.915906] ? __pfx_lock_release+0x10/0x10 [ 210.916357] ? srso_return_thunk+0x5/0x5f [ 210.916826] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 210.917368] ? srso_return_thunk+0x5/0x5f [ 210.917827] unregister_netdevice_queue+0x224/0x2e0 [ 210.918334] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 210.918926] ? up_write+0x195/0x520 [ 210.919359] _cfg80211_unregister_wdev+0x57b/0x700 [ 210.919866] ? srso_return_thunk+0x5/0x5f [ 210.920321] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 210.920831] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 210.921399] ? srso_return_thunk+0x5/0x5f [ 210.921853] ? srso_return_thunk+0x5/0x5f [ 210.922299] ? synchronize_rcu+0x1ff/0x260 [ 210.922737] ieee80211_unregister_hw+0x55/0x3a0 [ 210.923221] hwsim_exit_net+0x3a0/0x730 [ 210.923635] ? __pfx_hwsim_exit_net+0x10/0x10 [ 210.924096] ? srso_return_thunk+0x5/0x5f [ 210.924546] ? netdev_run_todo+0x788/0x1040 [ 210.924991] ? srso_return_thunk+0x5/0x5f [ 210.925447] ? __pfx_hwsim_exit_net+0x10/0x10 [ 210.925918] ops_exit_list+0xb3/0x180 [ 210.926328] cleanup_net+0x546/0xad0 [ 210.926717] ? __pfx_cleanup_net+0x10/0x10 [ 210.927161] process_one_work+0x8ee/0x1a10 [ 210.927633] ? __pfx_lock_acquire+0x10/0x10 [ 210.928075] ? __pfx_process_one_work+0x10/0x10 [ 210.928583] ? srso_return_thunk+0x5/0x5f [ 210.929024] ? move_linked_works+0x172/0x270 [ 210.929490] ? srso_return_thunk+0x5/0x5f [ 210.929946] ? assign_work+0x196/0x240 [ 210.930372] worker_thread+0x674/0xe70 [ 210.930791] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 210.931335] ? srso_return_thunk+0x5/0x5f [ 210.931775] ? __pfx_worker_thread+0x10/0x10 [ 210.932257] kthread+0x3ab/0x720 [ 210.932629] ? __pfx_kthread+0x10/0x10 [ 210.933037] ? srso_return_thunk+0x5/0x5f [ 210.933484] ? finish_task_switch.isra.0+0x206/0x840 [ 210.934021] ? __pfx_kthread+0x10/0x10 [ 210.934470] ret_from_fork+0x48/0x80 [ 210.934959] ? __pfx_kthread+0x10/0x10 [ 210.935446] ret_from_fork_asm+0x1a/0x30 [ 210.936006] [ 212.446228] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 212.450824] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 212.454003] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 212.462319] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 212.465211] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 212.467114] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 212.513850] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 212.518139] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 212.521425] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 212.530973] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 212.533639] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 212.535879] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 212.635131] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 212.638786] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 212.640561] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 212.649641] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 212.651710] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 212.653063] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 212.654416] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 212.667409] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 212.670740] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 212.681589] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 212.702362] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 212.719327] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 212.767346] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 212.774063] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 212.779707] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 212.789986] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 212.799318] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 212.804731] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 212.806220] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 212.807368] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 212.843274] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 212.853087] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 212.865965] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 212.878676] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 212.929700] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 212.957897] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 212.959163] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 212.981694] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 212.985218] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 212.986444] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 213.030762] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 213.072804] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 213.074748] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 213.082615] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 213.155753] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 213.156942] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 214.485809] Bluetooth: hci0: command tx timeout [ 214.612548] Bluetooth: hci1: command tx timeout [ 214.678679] Bluetooth: hci2: command tx timeout [ 214.740525] Bluetooth: hci3: command tx timeout [ 214.932638] Bluetooth: hci4: command tx timeout [ 214.997572] Bluetooth: hci5: command tx timeout [ 215.060631] Bluetooth: hci6: command tx timeout [ 215.252549] Bluetooth: hci7: command tx timeout [ 216.533279] Bluetooth: hci0: command tx timeout [ 216.661096] Bluetooth: hci1: command tx timeout [ 216.725530] Bluetooth: hci2: command tx timeout [ 216.789906] Bluetooth: hci3: command tx timeout [ 216.980679] Bluetooth: hci4: command tx timeout [ 217.045557] Bluetooth: hci5: command tx timeout [ 217.108511] Bluetooth: hci6: command tx timeout [ 217.301583] Bluetooth: hci7: command tx timeout [ 218.581603] Bluetooth: hci0: command tx timeout [ 218.708771] Bluetooth: hci1: command tx timeout [ 218.774662] Bluetooth: hci2: command tx timeout [ 218.836967] Bluetooth: hci3: command tx timeout [ 219.028747] Bluetooth: hci4: command tx timeout [ 219.092829] Bluetooth: hci5: command tx timeout [ 219.157645] Bluetooth: hci6: command tx timeout [ 219.348566] Bluetooth: hci7: command tx timeout [ 220.628575] Bluetooth: hci0: command tx timeout [ 220.757526] Bluetooth: hci1: command tx timeout [ 220.820580] Bluetooth: hci2: command tx timeout VM DIAGNOSIS: 18:45:26 Registers: info registers vcpu 0 RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8283cdc5 RDI=ffffffff886930a0 RBP=ffffffff88693060 RSP=ffff88800efcebb8 R8 =0000000000000001 R9 =ffffed1001df9d67 R10=000000000000002d R11=2d2d2d2d2d2d2d2d R12=000000000000002d R13=0000000000000001 R14=ffff888008fea018 R15=ffff88800efceeb8 RIP=ffffffff8283ce1d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f6d6b7e3c38 CR3=0000000009ee4000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=68564b06e8234fbb94450ad5c62d1cce XMM02=ee7587d5db12e8e300000000000fd390 XMM03=711fbe8126c5d3440000000000137d60 XMM04=6c34d612ca031e2f00000000000ae988 XMM05=b0bf9d74d01c2850000000000013ff00 XMM06=9f165a4fe6c971ad0000000000137e68 XMM07=711fbe8126c5d3440000000000137d60 XMM08=ee7587d5db12e8e300000000000fd390 XMM09=00000000000000000000000000000000 XMM10=00200000000000000020000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000001 RBX=ffff888009aad340 RCX=ffffffff81429a4a RDX=1ffff11001de3480 RSI=ffffffff814299d3 RDI=ffff88800ef1a400 RBP=0000000000000000 RSP=ffff88800f187db0 R8 =0000000000000000 R9 =ffffed1001de3480 R10=ffff88800ef1a407 R11=ffff888009aad7f8 R12=ffffffff87bb1ff9 R13=ffff888008c504a0 R14=ffff888009aad340 R15=0000000000000086 RIP=ffffffff8171a158 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe1900000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055d409a5d030 CR3=000000000eeaa000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=7465677261742e79636e656772656d65 XMM02=73732f6563696c732e6d65747379732f XMM03=00656369767265732e6873732f656369 XMM04=000055d409a7a0a0000055d4099d8200 XMM05=0000000500000006000055d409a75b70 XMM06=697665640031006563697665642e3469 XMM07=00000000000000000000000000000000 XMM08=7368746150796c6e4f64616552646e69 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000