Warning: Permanently added '[localhost]:46741' (ECDSA) to the list of known hosts. 2025/01/18 23:10:53 fuzzer started 2025/01/18 23:10:54 dialing manager at localhost:44245 syzkaller login: [ 61.892337] cgroup: Unknown subsys name 'net' [ 61.987624] cgroup: Unknown subsys name 'cpuset' [ 62.024021] cgroup: Unknown subsys name 'rlimit' [ 68.273926] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 79.210078] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/18 23:11:12 syscalls: 2217 2025/01/18 23:11:12 code coverage: enabled 2025/01/18 23:11:12 comparison tracing: enabled 2025/01/18 23:11:12 extra coverage: enabled 2025/01/18 23:11:12 setuid sandbox: enabled 2025/01/18 23:11:12 namespace sandbox: enabled 2025/01/18 23:11:12 Android sandbox: enabled 2025/01/18 23:11:12 fault injection: enabled 2025/01/18 23:11:12 leak checking: enabled 2025/01/18 23:11:12 net packet injection: enabled 2025/01/18 23:11:12 net device setup: enabled 2025/01/18 23:11:12 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/18 23:11:12 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/18 23:11:12 USB emulation: enabled 2025/01/18 23:11:12 hci packet injection: enabled 2025/01/18 23:11:12 wifi device emulation: enabled 2025/01/18 23:11:12 802.15.4 emulation: enabled 2025/01/18 23:11:12 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/18 23:11:12 fetching corpus: 50, signal 24321/27454 (executing program) 2025/01/18 23:11:12 fetching corpus: 100, signal 37745/41709 (executing program) 2025/01/18 23:11:12 fetching corpus: 150, signal 44376/49145 (executing program) 2025/01/18 23:11:12 fetching corpus: 200, signal 50455/55789 (executing program) 2025/01/18 23:11:13 fetching corpus: 250, signal 55248/61099 (executing program) 2025/01/18 23:11:13 fetching corpus: 300, signal 60489/66625 (executing program) 2025/01/18 23:11:13 fetching corpus: 350, signal 63292/69891 (executing program) 2025/01/18 23:11:13 fetching corpus: 400, signal 66822/73630 (executing program) 2025/01/18 23:11:13 fetching corpus: 450, signal 70717/77493 (executing program) 2025/01/18 23:11:14 fetching corpus: 500, signal 74298/80922 (executing program) 2025/01/18 23:11:14 fetching corpus: 550, signal 77080/83737 (executing program) 2025/01/18 23:11:14 fetching corpus: 600, signal 78774/85561 (executing program) 2025/01/18 23:11:14 fetching corpus: 650, signal 80760/87532 (executing program) 2025/01/18 23:11:14 fetching corpus: 700, signal 82608/89356 (executing program) 2025/01/18 23:11:14 fetching corpus: 750, signal 84288/91007 (executing program) 2025/01/18 23:11:15 fetching corpus: 800, signal 86187/92695 (executing program) 2025/01/18 23:11:15 fetching corpus: 850, signal 89520/95275 (executing program) 2025/01/18 23:11:15 fetching corpus: 900, signal 90783/96443 (executing program) 2025/01/18 23:11:15 fetching corpus: 950, signal 92844/98067 (executing program) 2025/01/18 23:11:15 fetching corpus: 1000, signal 95171/99739 (executing program) 2025/01/18 23:11:15 fetching corpus: 1050, signal 98291/101771 (executing program) 2025/01/18 23:11:16 fetching corpus: 1100, signal 100669/103309 (executing program) 2025/01/18 23:11:16 fetching corpus: 1150, signal 102105/104224 (executing program) 2025/01/18 23:11:16 fetching corpus: 1200, signal 103241/104898 (executing program) 2025/01/18 23:11:16 fetching corpus: 1250, signal 104256/105496 (executing program) 2025/01/18 23:11:16 fetching corpus: 1269, signal 104942/105871 (executing program) 2025/01/18 23:11:16 fetching corpus: 1269, signal 104942/105895 (executing program) 2025/01/18 23:11:16 fetching corpus: 1269, signal 104942/105929 (executing program) 2025/01/18 23:11:16 fetching corpus: 1269, signal 104942/105957 (executing program) 2025/01/18 23:11:16 fetching corpus: 1269, signal 104942/106006 (executing program) 2025/01/18 23:11:16 fetching corpus: 1269, signal 104942/106042 (executing program) 2025/01/18 23:11:16 fetching corpus: 1269, signal 104942/106068 (executing program) 2025/01/18 23:11:16 fetching corpus: 1269, signal 104942/106110 (executing program) 2025/01/18 23:11:16 fetching corpus: 1269, signal 104942/106138 (executing program) 2025/01/18 23:11:16 fetching corpus: 1269, signal 104942/106169 (executing program) 2025/01/18 23:11:16 fetching corpus: 1269, signal 104942/106203 (executing program) 2025/01/18 23:11:16 fetching corpus: 1269, signal 104942/106241 (executing program) 2025/01/18 23:11:16 fetching corpus: 1269, signal 104942/106268 (executing program) 2025/01/18 23:11:16 fetching corpus: 1269, signal 104942/106300 (executing program) 2025/01/18 23:11:16 fetching corpus: 1269, signal 104942/106327 (executing program) 2025/01/18 23:11:16 fetching corpus: 1269, signal 104942/106359 (executing program) 2025/01/18 23:11:16 fetching corpus: 1269, signal 104942/106393 (executing program) 2025/01/18 23:11:16 fetching corpus: 1269, signal 104942/106427 (executing program) 2025/01/18 23:11:16 fetching corpus: 1269, signal 104942/106460 (executing program) 2025/01/18 23:11:16 fetching corpus: 1269, signal 104942/106501 (executing program) 2025/01/18 23:11:16 fetching corpus: 1269, signal 104942/106531 (executing program) 2025/01/18 23:11:17 fetching corpus: 1269, signal 104942/106568 (executing program) 2025/01/18 23:11:17 fetching corpus: 1269, signal 104942/106610 (executing program) 2025/01/18 23:11:17 fetching corpus: 1269, signal 104942/106647 (executing program) 2025/01/18 23:11:17 fetching corpus: 1269, signal 104942/106676 (executing program) 2025/01/18 23:11:17 fetching corpus: 1269, signal 104942/106712 (executing program) 2025/01/18 23:11:17 fetching corpus: 1269, signal 104942/106744 (executing program) 2025/01/18 23:11:17 fetching corpus: 1269, signal 104942/106753 (executing program) 2025/01/18 23:11:17 fetching corpus: 1269, signal 104942/106753 (executing program) 2025/01/18 23:11:19 starting 8 fuzzer processes 23:11:19 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x14, r1, 0x1}, 0x14}}, 0x0) 23:11:19 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$iso9660(&(0x7f0000001500), &(0x7f0000001540)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002b00)) 23:11:19 executing program 2: mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffdf, 0x0) 23:11:19 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000003ec0)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, &(0x7f00000013c0)) 23:11:19 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = fsopen(&(0x7f00000001c0)='hugetlbfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000009c0)='\x00\x01\x00\x00\x00\x00\x00\x00\x00\x90', &(0x7f0000000a00)='/U\xec\x8d\x11\xef\x98=\x0e\xecI\xc5\xe3\x14\xc8\xcb\xcc\x90\xa5\xdd@MaVV\xc3&\x85\xe8=\xa1\xcf\xf7\v\xb2iie\xfeq\xf3\'\n(m\xc5\x97\xf5\x15-\xe0\x19;\xb29\xb9\t\au\x94-\xe6\x9d[\xf4\xc5\xfclpP(vI\xd4\xd4s\x98\xac*7\x82\xa7y7h\xfcC\x1f#\x1cp\x9f|\xcb\xf3\x18]G \x9e\x1f\xbf$\xb9\x12@M\x8f\xbc\x062\xf5s{}\x12\xd8\xf4o\xceo\xb9Q|\xab\xdc\xfa\x19S\aflA\xfe\x80\xe9\xb1e{\xbc\x96\xdfP\xc1\xf8\x14l\\q\x92\xc7\\\t\xfdq\xbb\xc90\xbc0Y!\x84b\xdb\xc3+k\x7fQ1\xb5\n\x8a\xb1\x15\xd8\x9d\xc0Rnr\xd5x\x1fB\'i\xa7\x00\xbd\xb7\xbb\x97\xe0\xdb\xaa\xb4Lt\x98H\xe2$s\xc3\xb6\xe8|\x01\x8fg\x03\xf3v\x93\x1a\x90HU\x17\xf3\a%\xbf\x0fR\xb8\x9c\xedG\xe3I\xd62em\xbbxa\x9cQ{\xd7\xa6.Q\xb1\xa0L\x15\xf3H\xfb1k|o\a\xee\xec\xca\xab\x1a2A\xf1\xf2\xa6d\x89\x99n\xce`\xfa\xe9\xa3\xf2J~\x14\xe5?\xcf>sq.\xc0T\xd3\x05\x7f\xe0\xdb\xf7fx|4\x1a\xe4&\xe6\xc3\x16\xd9\x94\xac\x85\x193\b\x9b\xe1\xb1\xde\xe5\t`\x873\\=\x88\xb4\xab\x04\x9a\xb1\xa4o\xc4\xe5\xfbK\x91\x05\x908\x1dj\xcbe\xde\x17Ty\xfd\xe0[\x96z&\xdc|\xc72D*\x1b\xcfD)g\n+\xec\x99\n\x92\x88m\a\xba\x1e\xff\xd7\xc0%\x11i3\xfaRG\xc8Z\xe1\xe2<\xe1\xb1\xf3\xc1G\x8f\x85\x85\xeb\x86 \x8c\x05a\xb0\xacY+\xd9\xd4\x87]\xb2\x90\r\xc7\xdfG\xffpA\x12\x96\xab\xb8?\f6\xd9\x05\x80s$N\xef\xb9\x80v\xeeXk\x11D\x85\xfbf\xdaX\x86', 0x0) read(r0, 0x0, 0x0) 23:11:19 executing program 5: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fcntl$getown(r0, 0x9) r1 = io_uring_setup(0x50d4, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x1c9}) openat$hpet(0xffffffffffffff9c, &(0x7f0000000180), 0x2000, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0) perf_event_open(&(0x7f0000000080)={0x3, 0x80, 0x5, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) [ 86.909317] audit: type=1400 audit(1737241879.676:7): avc: denied { execmem } for pid=273 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 23:11:19 executing program 6: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) getsockopt$inet_int(r1, 0x88, 0x1, 0x0, &(0x7f00000001c0)) 23:11:19 executing program 7: mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x44031, 0xffffffffffffffff, 0x0) rt_sigtimedwait(&(0x7f0000001480), 0x0, 0x0, 0x8) [ 88.416606] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 88.419515] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 88.424847] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 88.425613] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 88.431597] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 88.434948] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 88.437520] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 88.439773] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 88.443588] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 88.449341] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 88.465590] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 88.467574] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 88.533701] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 88.546016] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 88.548550] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 88.549259] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 88.553850] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 88.556395] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 88.559693] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 88.562551] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 88.566097] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 88.570552] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 88.572629] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 88.572906] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 88.580315] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 88.580604] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 88.600434] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 88.606322] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 88.615264] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 88.616446] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 88.629513] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 88.630691] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 88.642402] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 88.642912] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 88.652658] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 88.654594] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 88.656474] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 88.657735] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 88.663864] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 88.667053] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 88.668615] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 88.672256] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 88.672985] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 88.673717] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 88.674087] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 88.676496] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 88.683038] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 88.684842] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 90.502815] Bluetooth: hci1: command tx timeout [ 90.503036] Bluetooth: hci0: command tx timeout [ 90.630445] Bluetooth: hci3: command tx timeout [ 90.694288] Bluetooth: hci7: command tx timeout [ 90.694489] Bluetooth: hci2: command tx timeout [ 90.694641] Bluetooth: hci4: command tx timeout [ 90.759260] Bluetooth: hci6: command tx timeout [ 90.759460] Bluetooth: hci5: command tx timeout [ 92.550349] Bluetooth: hci0: command tx timeout [ 92.550456] Bluetooth: hci1: command tx timeout [ 92.679361] Bluetooth: hci3: command tx timeout [ 92.743477] Bluetooth: hci4: command tx timeout [ 92.743617] Bluetooth: hci2: command tx timeout [ 92.743740] Bluetooth: hci7: command tx timeout [ 92.807292] Bluetooth: hci5: command tx timeout [ 92.807387] Bluetooth: hci6: command tx timeout [ 94.599244] Bluetooth: hci1: command tx timeout [ 94.599343] Bluetooth: hci0: command tx timeout [ 94.726313] Bluetooth: hci3: command tx timeout [ 94.791056] Bluetooth: hci7: command tx timeout [ 94.791115] Bluetooth: hci2: command tx timeout [ 94.791374] Bluetooth: hci4: command tx timeout [ 94.854425] Bluetooth: hci6: command tx timeout [ 94.854552] Bluetooth: hci5: command tx timeout [ 96.648247] Bluetooth: hci0: command tx timeout [ 96.648349] Bluetooth: hci1: command tx timeout [ 96.775219] Bluetooth: hci3: command tx timeout [ 96.838385] Bluetooth: hci4: command tx timeout [ 96.838624] Bluetooth: hci7: command tx timeout [ 96.838681] Bluetooth: hci2: command tx timeout [ 96.903470] Bluetooth: hci5: command tx timeout [ 96.905224] Bluetooth: hci6: command tx timeout [ 148.832807] syz-executor.3 (284) used greatest stack depth: 23248 bytes left [ 149.101409] [ 149.101959] ====================================================== [ 149.103344] WARNING: possible circular locking dependency detected [ 149.104703] 6.13.0-rc7-next-20250117 #1 Not tainted [ 149.109956] ------------------------------------------------------ [ 149.113441] kworker/u8:1/67 is trying to acquire lock: [ 149.114630] ffffffff8621b968 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 149.116877] [ 149.116877] but task is already holding lock: [ 149.118143] ffff88800e278768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 149.120408] [ 149.120408] which lock already depends on the new lock. [ 149.120408] [ 149.122119] [ 149.122119] the existing dependency chain (in reverse order) is: [ 149.123662] [ 149.123662] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 149.125121] __mutex_lock+0x13d/0xb50 [ 149.126160] wiphy_register+0x1b2e/0x25d0 [ 149.127193] ieee80211_register_hw+0x23a4/0x3d60 [ 149.128297] mac80211_hwsim_new_radio+0x2759/0x4d50 [ 149.129476] init_mac80211_hwsim+0x389/0x870 [ 149.130503] do_one_initcall+0xf9/0x640 [ 149.131587] kernel_init_freeable+0x53d/0x7a0 [ 149.132819] kernel_init+0x1e/0x2d0 [ 149.133801] ret_from_fork+0x48/0x80 [ 149.134799] ret_from_fork_asm+0x1a/0x30 [ 149.135938] [ 149.135938] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 149.137339] __lock_acquire+0x29fd/0x4580 [ 149.138465] lock_acquire+0x19b/0x520 [ 149.139489] __mutex_lock+0x13d/0xb50 [ 149.140529] unregister_netdevice_many_notify+0x1612/0x1c80 [ 149.141947] unregister_netdevice_queue+0x224/0x2e0 [ 149.143211] _cfg80211_unregister_wdev+0x57b/0x700 [ 149.144493] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 149.145789] ieee80211_unregister_hw+0x55/0x3a0 [ 149.146969] hwsim_exit_net+0x3a0/0x730 [ 149.148033] ops_exit_list+0xb3/0x180 [ 149.149066] cleanup_net+0x546/0xad0 [ 149.150093] process_one_work+0x8ee/0x1a10 [ 149.151270] worker_thread+0x674/0xe70 [ 149.152374] kthread+0x3ab/0x720 [ 149.153357] ret_from_fork+0x48/0x80 [ 149.154227] ret_from_fork_asm+0x1a/0x30 [ 149.155175] [ 149.155175] other info that might help us debug this: [ 149.155175] [ 149.156593] Possible unsafe locking scenario: [ 149.156593] [ 149.157725] CPU0 CPU1 [ 149.158582] ---- ---- [ 149.159432] lock(&rdev->wiphy.mtx); [ 149.160198] lock(rtnl_mutex); [ 149.161312] lock(&rdev->wiphy.mtx); [ 149.162513] lock(rtnl_mutex); [ 149.163204] [ 149.163204] *** DEADLOCK *** [ 149.163204] [ 149.164293] 4 locks held by kworker/u8:1/67: [ 149.165116] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 149.167050] #1: ffff88800bd7fd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 149.168896] #2: ffffffff8620f810 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 149.170644] #3: ffff88800e278768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 149.172573] [ 149.172573] stack backtrace: [ 149.173397] CPU: 0 UID: 0 PID: 67 Comm: kworker/u8:1 Not tainted 6.13.0-rc7-next-20250117 #1 [ 149.174907] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 149.176359] Workqueue: netns cleanup_net [ 149.177147] Call Trace: [ 149.177632] [ 149.178060] dump_stack_lvl+0xca/0x120 [ 149.178839] print_circular_bug+0x47b/0x750 [ 149.179671] check_noncircular+0x2e9/0x3c0 [ 149.180478] ? __pfx_check_noncircular+0x10/0x10 [ 149.181381] ? hlock_class+0x4e/0x130 [ 149.182105] ? mark_lock+0xac/0xed0 [ 149.182826] ? srso_return_thunk+0x5/0x5f [ 149.183653] ? lockdep_lock+0xba/0x1b0 [ 149.184437] ? __pfx_lockdep_lock+0x10/0x10 [ 149.185286] __lock_acquire+0x29fd/0x4580 [ 149.186107] ? __pfx___lock_acquire+0x10/0x10 [ 149.187043] ? lock_release+0x20f/0x6f0 [ 149.187921] ? __pfx_lock_release+0x10/0x10 [ 149.188874] lock_acquire+0x19b/0x520 [ 149.189724] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 149.190956] ? __pfx_lock_acquire+0x10/0x10 [ 149.191887] ? srso_return_thunk+0x5/0x5f [ 149.192806] ? lock_release+0x20f/0x6f0 [ 149.193695] ? srso_return_thunk+0x5/0x5f [ 149.194640] ? lock_is_held_type+0x9e/0x120 [ 149.195598] ? srso_return_thunk+0x5/0x5f [ 149.196551] __mutex_lock+0x13d/0xb50 [ 149.197409] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 149.198631] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 149.199839] ? srso_return_thunk+0x5/0x5f [ 149.200770] ? synchronize_rcu_expedited+0x38a/0x420 [ 149.201784] ? __pfx___mutex_lock+0x10/0x10 [ 149.202658] ? __pfx_autoremove_wake_function+0x10/0x10 [ 149.203675] ? srso_return_thunk+0x5/0x5f [ 149.204482] ? kasan_quarantine_put+0x84/0x1e0 [ 149.205367] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 149.206234] ? srso_return_thunk+0x5/0x5f [ 149.207069] unregister_netdevice_many_notify+0x1612/0x1c80 [ 149.208250] ? __virt_addr_valid+0x2e8/0x5d0 [ 149.209326] ? __pfx_lock_release+0x10/0x10 [ 149.210414] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 149.211832] ? find_held_lock+0x2c/0x110 [ 149.212664] ? srso_return_thunk+0x5/0x5f [ 149.213488] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 149.214462] ? srso_return_thunk+0x5/0x5f [ 149.215406] ? lock_release+0x20f/0x6f0 [ 149.216200] ? __pfx_lock_release+0x10/0x10 [ 149.217071] ? srso_return_thunk+0x5/0x5f [ 149.217937] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 149.219107] ? srso_return_thunk+0x5/0x5f [ 149.219979] unregister_netdevice_queue+0x224/0x2e0 [ 149.220985] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 149.222064] ? up_write+0x195/0x520 [ 149.222861] _cfg80211_unregister_wdev+0x57b/0x700 [ 149.223880] ? srso_return_thunk+0x5/0x5f [ 149.224764] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 149.225818] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 149.226895] ? srso_return_thunk+0x5/0x5f [ 149.227744] ? srso_return_thunk+0x5/0x5f [ 149.228587] ? synchronize_rcu+0x1ff/0x260 [ 149.229419] ieee80211_unregister_hw+0x55/0x3a0 [ 149.230347] hwsim_exit_net+0x3a0/0x730 [ 149.231117] ? __pfx_hwsim_exit_net+0x10/0x10 [ 149.232051] ? srso_return_thunk+0x5/0x5f [ 149.232946] ? netdev_run_todo+0x788/0x1040 [ 149.233839] ? __pfx_hwsim_exit_net+0x10/0x10 [ 149.234753] ops_exit_list+0xb3/0x180 [ 149.235582] cleanup_net+0x546/0xad0 [ 149.236410] ? __pfx_cleanup_net+0x10/0x10 [ 149.237295] process_one_work+0x8ee/0x1a10 [ 149.238233] ? __pfx_lock_acquire+0x10/0x10 [ 149.239131] ? __pfx_process_one_work+0x10/0x10 [ 149.240140] ? srso_return_thunk+0x5/0x5f [ 149.240979] ? move_linked_works+0x172/0x270 [ 149.241927] ? srso_return_thunk+0x5/0x5f [ 149.242772] ? assign_work+0x196/0x240 [ 149.243593] worker_thread+0x674/0xe70 [ 149.244412] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 149.245435] ? srso_return_thunk+0x5/0x5f [ 149.246292] ? __pfx_worker_thread+0x10/0x10 [ 149.247197] kthread+0x3ab/0x720 [ 149.247919] ? __pfx_kthread+0x10/0x10 [ 149.248731] ? srso_return_thunk+0x5/0x5f [ 149.249594] ? finish_task_switch.isra.0+0x206/0x840 [ 149.250587] ? __pfx_kthread+0x10/0x10 [ 149.251393] ret_from_fork+0x48/0x80 [ 149.252117] ? __pfx_kthread+0x10/0x10 [ 149.252928] ret_from_fork_asm+0x1a/0x30 [ 149.253806] [ 151.123104] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 151.129735] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 151.132339] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 151.134768] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 151.140968] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 151.143080] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 151.145681] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 151.161129] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 151.164684] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 151.167084] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 151.169520] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 151.171490] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 151.249278] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 151.250651] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 151.253234] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 151.254923] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 151.255258] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 151.260123] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 151.264697] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 151.264947] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 151.270375] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 151.276414] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 151.276777] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 151.286386] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 151.320908] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 151.338646] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 151.340502] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 151.342134] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 151.344452] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 151.346061] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 151.347717] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 151.352451] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 151.354669] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 151.357828] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 151.359286] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 151.366686] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 151.377472] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 151.378290] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 151.381367] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 151.384495] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 151.384747] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 151.388056] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 151.388828] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 151.396192] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 151.400819] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 151.406852] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 151.412792] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 151.419335] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 153.222341] Bluetooth: hci0: command tx timeout [ 153.223613] Bluetooth: hci1: command tx timeout [ 153.352046] Bluetooth: hci2: command tx timeout [ 153.352090] Bluetooth: hci3: command tx timeout [ 153.415178] Bluetooth: hci4: command tx timeout [ 153.478636] Bluetooth: hci7: command tx timeout [ 153.542634] Bluetooth: hci6: command tx timeout [ 153.543352] Bluetooth: hci5: command tx timeout [ 155.270603] Bluetooth: hci1: command tx timeout [ 155.270684] Bluetooth: hci0: command tx timeout [ 155.400206] Bluetooth: hci3: command tx timeout [ 155.400280] Bluetooth: hci2: command tx timeout [ 155.462246] Bluetooth: hci4: command tx timeout [ 155.526462] Bluetooth: hci7: command tx timeout [ 155.591687] Bluetooth: hci5: command tx timeout [ 155.591730] Bluetooth: hci6: command tx timeout [ 157.318225] Bluetooth: hci0: command tx timeout [ 157.318298] Bluetooth: hci1: command tx timeout [ 157.447205] Bluetooth: hci2: command tx timeout [ 157.447278] Bluetooth: hci3: command tx timeout [ 157.510275] Bluetooth: hci4: command tx timeout [ 157.574294] Bluetooth: hci7: command tx timeout [ 157.639234] Bluetooth: hci5: command tx timeout [ 157.639795] Bluetooth: hci6: command tx timeout VM DIAGNOSIS: 23:12:22 Registers: info registers vcpu 0 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff8283cd30 RDI=ffffffff886930a0 RBP=ffffffff88693060 RSP=ffff88800bd7eb60 R8 =0000000000000000 R9 =fffffbfff0be1544 R10=00000000000fe503 R11=0000000033312e36 R12=0000000000000823 R13=0000000000000020 R14=fffffbfff10d2666 R15=dffffc0000000000 RIP=ffffffff8283cd85 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fe35433be60 CR3=00000000158a6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=000000000000000040c0000000000000 XMM03=000000c0001a5000000000c0001af000 XMM04=000000c0000d2360000000c0000d2330 XMM05=000000c0000d23c0000000c0000d2390 XMM06=000000c0000963f0000000c0000d23f0 XMM07=000000c0000d2450000000c0000d2420 XMM08=000000c0000d2ed0000000c0000d2ea0 XMM09=000000c0000d2f30000000c0000d2f00 XMM10=000000c0000d2f60000000c000096510 XMM11=000000c0000d2fc0000000c0000d2f90 XMM12=000000c0000dc000000000c0000d2ff0 XMM13=000000c00012a510000000c00012a4e0 XMM14=000000c00012a570000000c00012a540 XMM15=000000c0000cb080000000c00012a5a0 info registers vcpu 1 RAX=0000000000000000 RBX=ffff88807b4b7100 RCX=ffffffff81429a4a RDX=1ffff110017dd200 RSI=0000000000000008 RDI=ffff88800bee9000 RBP=0000000000000000 RSP=ffff88800c1cfdc8 R8 =0000000000000000 R9 =ffffed10017dd200 R10=ffff88800bee9007 R11=0000000000000001 R12=ffff88807b4b7ff9 R13=ffffffff8864e000 R14=ffff88800c1c0000 R15=0000000000000086 RIP=ffffffff81ab7800 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0c00000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fe7ee8db410 CR3=000000000e42e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=62cc753f846d39b661443a66976c7030 XMM02=6b1e99b806172e3b00000000000aea28 XMM03=80f09f19808d26a300000000000aec68 XMM04=b9ae6f1efa7866d30000000000137d90 XMM05=d3fdd5f48436fbd700000000000aead0 XMM06=1b53af2a79b1bb2500000000000ae988 XMM07=a1fcdcf819d7e1e500000000000ae728 XMM08=44495f474f4c5359530069253d595449 XMM09=00000000000000000000000000000000 XMM10=20000000000000002000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000