Warning: Permanently added '[localhost]:49908' (ECDSA) to the list of known hosts. 2025/01/19 00:32:24 fuzzer started 2025/01/19 00:32:25 dialing manager at localhost:44245 syzkaller login: [ 77.419913] cgroup: Unknown subsys name 'net' [ 77.507663] cgroup: Unknown subsys name 'cpuset' [ 77.538580] cgroup: Unknown subsys name 'rlimit' [ 83.613613] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 94.012565] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/19 00:32:42 syscalls: 2217 2025/01/19 00:32:42 code coverage: enabled 2025/01/19 00:32:42 comparison tracing: enabled 2025/01/19 00:32:42 extra coverage: enabled 2025/01/19 00:32:42 setuid sandbox: enabled 2025/01/19 00:32:42 namespace sandbox: enabled 2025/01/19 00:32:42 Android sandbox: enabled 2025/01/19 00:32:42 fault injection: enabled 2025/01/19 00:32:42 leak checking: enabled 2025/01/19 00:32:42 net packet injection: enabled 2025/01/19 00:32:42 net device setup: enabled 2025/01/19 00:32:42 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/19 00:32:42 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/19 00:32:42 USB emulation: enabled 2025/01/19 00:32:42 hci packet injection: enabled 2025/01/19 00:32:42 wifi device emulation: enabled 2025/01/19 00:32:42 802.15.4 emulation: enabled 2025/01/19 00:32:42 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/19 00:32:42 fetching corpus: 50, signal 26495/29505 (executing program) 2025/01/19 00:32:42 fetching corpus: 100, signal 41698/45369 (executing program) 2025/01/19 00:32:42 fetching corpus: 150, signal 48991/53324 (executing program) 2025/01/19 00:32:43 fetching corpus: 200, signal 54361/59246 (executing program) 2025/01/19 00:32:43 fetching corpus: 250, signal 58440/63837 (executing program) 2025/01/19 00:32:43 fetching corpus: 300, signal 62257/68081 (executing program) 2025/01/19 00:32:43 fetching corpus: 350, signal 65054/71254 (executing program) 2025/01/19 00:32:43 fetching corpus: 400, signal 68490/74891 (executing program) 2025/01/19 00:32:43 fetching corpus: 450, signal 71170/77777 (executing program) 2025/01/19 00:32:44 fetching corpus: 500, signal 75090/81603 (executing program) 2025/01/19 00:32:44 fetching corpus: 550, signal 77079/83737 (executing program) 2025/01/19 00:32:44 fetching corpus: 600, signal 79593/86183 (executing program) 2025/01/19 00:32:44 fetching corpus: 650, signal 82392/88753 (executing program) 2025/01/19 00:32:44 fetching corpus: 700, signal 86281/92010 (executing program) 2025/01/19 00:32:44 fetching corpus: 750, signal 88476/93954 (executing program) 2025/01/19 00:32:45 fetching corpus: 800, signal 90529/95729 (executing program) 2025/01/19 00:32:45 fetching corpus: 850, signal 92599/97377 (executing program) 2025/01/19 00:32:45 fetching corpus: 900, signal 94161/98659 (executing program) 2025/01/19 00:32:45 fetching corpus: 950, signal 95676/99835 (executing program) 2025/01/19 00:32:45 fetching corpus: 1000, signal 98129/101535 (executing program) 2025/01/19 00:32:45 fetching corpus: 1050, signal 99388/102446 (executing program) 2025/01/19 00:32:46 fetching corpus: 1100, signal 100895/103485 (executing program) 2025/01/19 00:32:46 fetching corpus: 1150, signal 102110/104268 (executing program) 2025/01/19 00:32:46 fetching corpus: 1200, signal 103393/105017 (executing program) 2025/01/19 00:32:46 fetching corpus: 1250, signal 104675/105731 (executing program) 2025/01/19 00:32:46 fetching corpus: 1275, signal 104999/105945 (executing program) 2025/01/19 00:32:46 fetching corpus: 1275, signal 104999/105980 (executing program) 2025/01/19 00:32:46 fetching corpus: 1275, signal 104999/106012 (executing program) 2025/01/19 00:32:46 fetching corpus: 1275, signal 104999/106038 (executing program) 2025/01/19 00:32:46 fetching corpus: 1275, signal 104999/106068 (executing program) 2025/01/19 00:32:46 fetching corpus: 1275, signal 104999/106102 (executing program) 2025/01/19 00:32:46 fetching corpus: 1275, signal 104999/106147 (executing program) 2025/01/19 00:32:46 fetching corpus: 1275, signal 104999/106176 (executing program) 2025/01/19 00:32:46 fetching corpus: 1275, signal 104999/106217 (executing program) 2025/01/19 00:32:46 fetching corpus: 1275, signal 104999/106257 (executing program) 2025/01/19 00:32:46 fetching corpus: 1275, signal 104999/106297 (executing program) 2025/01/19 00:32:46 fetching corpus: 1275, signal 104999/106329 (executing program) 2025/01/19 00:32:46 fetching corpus: 1275, signal 104999/106362 (executing program) 2025/01/19 00:32:46 fetching corpus: 1275, signal 104999/106397 (executing program) 2025/01/19 00:32:46 fetching corpus: 1275, signal 104999/106429 (executing program) 2025/01/19 00:32:46 fetching corpus: 1275, signal 104999/106469 (executing program) 2025/01/19 00:32:46 fetching corpus: 1275, signal 104999/106502 (executing program) 2025/01/19 00:32:46 fetching corpus: 1275, signal 104999/106532 (executing program) 2025/01/19 00:32:47 fetching corpus: 1275, signal 104999/106570 (executing program) 2025/01/19 00:32:47 fetching corpus: 1275, signal 104999/106611 (executing program) 2025/01/19 00:32:47 fetching corpus: 1275, signal 104999/106661 (executing program) 2025/01/19 00:32:47 fetching corpus: 1275, signal 104999/106689 (executing program) 2025/01/19 00:32:47 fetching corpus: 1275, signal 104999/106720 (executing program) 2025/01/19 00:32:47 fetching corpus: 1275, signal 104999/106763 (executing program) 2025/01/19 00:32:47 fetching corpus: 1275, signal 104999/106799 (executing program) 2025/01/19 00:32:47 fetching corpus: 1275, signal 104999/106842 (executing program) 2025/01/19 00:32:47 fetching corpus: 1275, signal 104999/106891 (executing program) 2025/01/19 00:32:47 fetching corpus: 1275, signal 104999/106905 (executing program) 2025/01/19 00:32:47 fetching corpus: 1275, signal 104999/106905 (executing program) 2025/01/19 00:32:49 starting 8 fuzzer processes 00:32:49 executing program 0: io_setup(0x6, &(0x7f0000000040)=0x0) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) io_submit(r0, 0x1, &(0x7f0000000300)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 00:32:49 executing program 1: syz_emit_ethernet(0x3e, &(0x7f00000000c0)={@random="dda978731a96", @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @empty, @broadcast}, @source_quench={0x8, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}}}, 0x0) 00:32:49 executing program 2: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmmsg$inet(r0, &(0x7f0000000a00)=[{{&(0x7f0000000700)={0x2, 0x0, @loopback}, 0x10, &(0x7f0000000080)=[{&(0x7f00000001c0)='wH', 0x2}], 0x1}}, {{&(0x7f0000000000)={0x2, 0x0, @rand_addr=0x64010100}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)="1922", 0x2}], 0x1}}], 0x2, 0x0) 00:32:49 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x9, &(0x7f0000000000)=0x1, 0x4) [ 102.048075] audit: type=1400 audit(1737246769.975:7): avc: denied { execmem } for pid=281 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 00:32:49 executing program 4: syz_emit_ethernet(0x3e, &(0x7f0000000340)={@multicast, @empty, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "f7c7de", 0x8, 0x88, 0x0, @private2, @mcast2, {[], {0x0, 0x0, 0x7}}}}}}, 0x0) 00:32:49 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='attr/current\x00') write$P9_RSYMLINK(r0, &(0x7f0000000100)={0x14, 0x11, 0x0, {0x0, 0x0, 0xa00000000000000}}, 0x14) 00:32:50 executing program 6: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff}, 0x0) r1 = eventfd2(0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:32:50 executing program 7: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000580)) ioctl$KDGKBMODE(r0, 0x4b4b, 0x0) [ 103.263326] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 103.269069] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 103.278067] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 103.282953] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 103.292080] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 103.294396] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 103.303073] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 103.307043] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 103.310219] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 103.313005] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 103.316057] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 103.317509] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 103.495040] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 103.495662] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 103.497083] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 103.497325] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 103.498884] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 103.499677] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 103.502703] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 103.504663] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 103.505936] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 103.519001] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 103.524555] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 103.524761] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 103.527343] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 103.529386] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 103.530472] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 103.550552] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 103.568836] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 103.577709] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 103.585630] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 103.588078] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 103.598991] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 103.600314] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 103.614577] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 103.661746] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 103.665946] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 103.668642] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 103.670137] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 103.679577] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 103.679936] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 103.683587] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 103.687641] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 103.688254] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 103.695887] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 103.701450] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 103.707392] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 103.713592] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 105.334007] Bluetooth: hci0: command tx timeout [ 105.334785] Bluetooth: hci1: command tx timeout [ 105.525708] Bluetooth: hci4: command tx timeout [ 105.590529] Bluetooth: hci2: command tx timeout [ 105.653520] Bluetooth: hci3: command tx timeout [ 105.782642] Bluetooth: hci6: command tx timeout [ 105.783973] Bluetooth: hci7: command tx timeout [ 105.846502] Bluetooth: hci5: command tx timeout [ 107.381752] Bluetooth: hci0: command tx timeout [ 107.381874] Bluetooth: hci1: command tx timeout [ 107.574574] Bluetooth: hci4: command tx timeout [ 107.638507] Bluetooth: hci2: command tx timeout [ 107.702481] Bluetooth: hci3: command tx timeout [ 107.830568] Bluetooth: hci7: command tx timeout [ 107.830671] Bluetooth: hci6: command tx timeout [ 107.894716] Bluetooth: hci5: command tx timeout [ 109.430741] Bluetooth: hci0: command tx timeout [ 109.431126] Bluetooth: hci1: command tx timeout [ 109.622529] Bluetooth: hci4: command tx timeout [ 109.685737] Bluetooth: hci2: command tx timeout [ 109.750394] Bluetooth: hci3: command tx timeout [ 109.877538] Bluetooth: hci7: command tx timeout [ 109.878480] Bluetooth: hci6: command tx timeout [ 109.941561] Bluetooth: hci5: command tx timeout [ 111.478623] Bluetooth: hci1: command tx timeout [ 111.479242] Bluetooth: hci0: command tx timeout [ 111.670819] Bluetooth: hci4: command tx timeout [ 111.733694] Bluetooth: hci2: command tx timeout [ 111.798482] Bluetooth: hci3: command tx timeout [ 111.926438] Bluetooth: hci7: command tx timeout [ 111.926518] Bluetooth: hci6: command tx timeout [ 111.991441] Bluetooth: hci5: command tx timeout [ 166.029931] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 166.034609] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 166.035279] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 166.042298] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 166.043986] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 166.046742] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 166.056378] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 166.058054] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 166.058457] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 166.065605] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 166.078866] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 166.081233] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 166.095115] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 166.103940] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 166.106695] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 166.121081] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 166.135561] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 166.151613] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 166.154021] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 166.162651] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 166.166768] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 166.167631] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 166.167935] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 166.175225] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 166.178838] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 166.179274] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 166.182146] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 166.183600] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 166.194710] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 166.199231] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 166.199760] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 166.200507] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 166.201132] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 166.208194] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 166.211565] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 166.216961] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 166.220632] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 166.225708] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 166.233211] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 166.233875] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 166.237145] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 166.237594] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 166.249893] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 166.255657] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 166.262216] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 166.297820] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 166.310016] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 166.312960] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 168.117639] Bluetooth: hci0: command tx timeout [ 168.181554] Bluetooth: hci1: command tx timeout [ 168.245539] Bluetooth: hci2: command tx timeout [ 168.310482] Bluetooth: hci4: command tx timeout [ 168.310518] Bluetooth: hci7: command tx timeout [ 168.310893] Bluetooth: hci5: command tx timeout [ 168.373630] Bluetooth: hci3: command tx timeout [ 168.375084] Bluetooth: hci6: command tx timeout [ 170.166515] Bluetooth: hci0: command tx timeout [ 170.242496] Bluetooth: hci1: command tx timeout [ 170.293586] Bluetooth: hci2: command tx timeout [ 170.357643] Bluetooth: hci5: command tx timeout [ 170.357807] Bluetooth: hci4: command tx timeout [ 170.357974] Bluetooth: hci7: command tx timeout [ 170.421843] Bluetooth: hci3: command tx timeout [ 170.422255] Bluetooth: hci6: command tx timeout [ 172.215581] Bluetooth: hci0: command tx timeout [ 172.278237] Bluetooth: hci1: command tx timeout [ 172.341478] Bluetooth: hci2: command tx timeout [ 172.405523] Bluetooth: hci7: command tx timeout [ 172.405615] Bluetooth: hci4: command tx timeout [ 172.405705] Bluetooth: hci5: command tx timeout [ 172.471455] Bluetooth: hci6: command tx timeout [ 172.471551] Bluetooth: hci3: command tx timeout [ 174.261485] Bluetooth: hci0: command tx timeout [ 174.326428] Bluetooth: hci1: command tx timeout [ 174.390645] Bluetooth: hci2: command tx timeout [ 174.453650] Bluetooth: hci5: command tx timeout [ 174.454700] Bluetooth: hci4: command tx timeout [ 174.454725] Bluetooth: hci7: command tx timeout [ 174.517683] Bluetooth: hci3: command tx timeout [ 174.517720] Bluetooth: hci6: command tx timeout [ 226.090275] [ 226.090536] ====================================================== [ 226.091127] WARNING: possible circular locking dependency detected [ 226.091725] 6.13.0-rc7-next-20250117 #1 Not tainted [ 226.092210] ------------------------------------------------------ [ 226.093394] kworker/u8:0/11 is trying to acquire lock: [ 226.094230] ffffffff8621b968 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 226.096372] [ 226.096372] but task is already holding lock: [ 226.097713] ffff88803af90768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 226.099839] [ 226.099839] which lock already depends on the new lock. [ 226.099839] [ 226.101985] [ 226.101985] the existing dependency chain (in reverse order) is: [ 226.102679] [ 226.102679] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 226.103332] __mutex_lock+0x13d/0xb50 [ 226.103789] wiphy_register+0x1b2e/0x25d0 [ 226.104273] ieee80211_register_hw+0x23a4/0x3d60 [ 226.104804] mac80211_hwsim_new_radio+0x2759/0x4d50 [ 226.105360] init_mac80211_hwsim+0x389/0x870 [ 226.105885] do_one_initcall+0xf9/0x640 [ 226.106363] kernel_init_freeable+0x53d/0x7a0 [ 226.106884] kernel_init+0x1e/0x2d0 [ 226.107307] ret_from_fork+0x48/0x80 [ 226.107732] ret_from_fork_asm+0x1a/0x30 [ 226.108218] [ 226.108218] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 226.108834] __lock_acquire+0x29fd/0x4580 [ 226.109320] lock_acquire+0x19b/0x520 [ 226.109778] __mutex_lock+0x13d/0xb50 [ 226.110241] unregister_netdevice_many_notify+0x1612/0x1c80 [ 226.110843] unregister_netdevice_queue+0x224/0x2e0 [ 226.111381] _cfg80211_unregister_wdev+0x57b/0x700 [ 226.111927] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 226.112472] ieee80211_unregister_hw+0x55/0x3a0 [ 226.112999] hwsim_exit_net+0x3a0/0x730 [ 226.113469] ops_exit_list+0xb3/0x180 [ 226.113913] cleanup_net+0x546/0xad0 [ 226.114347] process_one_work+0x8ee/0x1a10 [ 226.114851] worker_thread+0x674/0xe70 [ 226.115321] kthread+0x3ab/0x720 [ 226.115741] ret_from_fork+0x48/0x80 [ 226.116165] ret_from_fork_asm+0x1a/0x30 [ 226.116646] [ 226.116646] other info that might help us debug this: [ 226.116646] [ 226.117394] Possible unsafe locking scenario: [ 226.117394] [ 226.117970] CPU0 CPU1 [ 226.118409] ---- ---- [ 226.118853] lock(&rdev->wiphy.mtx); [ 226.119256] lock(rtnl_mutex); [ 226.119831] lock(&rdev->wiphy.mtx); [ 226.120452] lock(rtnl_mutex); [ 226.120813] [ 226.120813] *** DEADLOCK *** [ 226.120813] [ 226.121376] 4 locks held by kworker/u8:0/11: [ 226.121819] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 226.122825] #1: ffff8880095dfd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 226.123795] #2: ffffffff8620f810 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 226.124701] #3: ffff88803af90768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 226.125727] [ 226.125727] stack backtrace: [ 226.126159] CPU: 1 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.13.0-rc7-next-20250117 #1 [ 226.126949] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 226.127724] Workqueue: netns cleanup_net [ 226.128136] Call Trace: [ 226.128386] [ 226.128611] dump_stack_lvl+0xca/0x120 [ 226.129023] print_circular_bug+0x47b/0x750 [ 226.129463] check_noncircular+0x2e9/0x3c0 [ 226.129887] ? srso_return_thunk+0x5/0x5f [ 226.130319] ? __pfx_check_noncircular+0x10/0x10 [ 226.130788] ? hlock_class+0x4e/0x130 [ 226.131171] ? mark_lock+0xac/0xed0 [ 226.131545] ? srso_return_thunk+0x5/0x5f [ 226.131977] ? dl_scaled_delta_exec+0xd4/0x2c0 [ 226.132442] ? lockdep_lock+0xba/0x1b0 [ 226.132856] ? __pfx_lockdep_lock+0x10/0x10 [ 226.133311] __lock_acquire+0x29fd/0x4580 [ 226.133746] ? __pfx___lock_acquire+0x10/0x10 [ 226.134197] ? lock_release+0x20f/0x6f0 [ 226.134606] ? __pfx_lock_release+0x10/0x10 [ 226.135048] lock_acquire+0x19b/0x520 [ 226.135441] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 226.136022] ? __pfx_lock_acquire+0x10/0x10 [ 226.136456] ? srso_return_thunk+0x5/0x5f [ 226.136891] ? lock_release+0x20f/0x6f0 [ 226.137301] ? srso_return_thunk+0x5/0x5f [ 226.137741] ? lock_is_held_type+0x9e/0x120 [ 226.138191] ? srso_return_thunk+0x5/0x5f [ 226.138630] __mutex_lock+0x13d/0xb50 [ 226.139030] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 226.139600] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 226.140170] ? srso_return_thunk+0x5/0x5f [ 226.140601] ? synchronize_rcu_expedited+0x38a/0x420 [ 226.141102] ? __pfx___mutex_lock+0x10/0x10 [ 226.141561] ? __pfx_autoremove_wake_function+0x10/0x10 [ 226.142100] ? srso_return_thunk+0x5/0x5f [ 226.142531] ? kasan_quarantine_put+0x84/0x1e0 [ 226.143006] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 226.143531] ? srso_return_thunk+0x5/0x5f [ 226.144034] unregister_netdevice_many_notify+0x1612/0x1c80 [ 226.144683] ? __virt_addr_valid+0x2e8/0x5d0 [ 226.145219] ? __pfx_lock_release+0x10/0x10 [ 226.145694] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 226.146285] ? find_held_lock+0x2c/0x110 [ 226.146708] ? srso_return_thunk+0x5/0x5f [ 226.147139] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 226.147643] ? srso_return_thunk+0x5/0x5f [ 226.148070] ? lock_release+0x20f/0x6f0 [ 226.148474] ? __pfx_lock_release+0x10/0x10 [ 226.148909] ? srso_return_thunk+0x5/0x5f [ 226.149343] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 226.149879] ? srso_return_thunk+0x5/0x5f [ 226.150324] unregister_netdevice_queue+0x224/0x2e0 [ 226.150898] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 226.151472] ? up_write+0x195/0x520 [ 226.151863] _cfg80211_unregister_wdev+0x57b/0x700 [ 226.152362] ? srso_return_thunk+0x5/0x5f [ 226.152796] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 226.153295] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 226.153845] ? srso_return_thunk+0x5/0x5f [ 226.154288] ? srso_return_thunk+0x5/0x5f [ 226.154728] ? synchronize_rcu+0x1ff/0x260 [ 226.155159] ieee80211_unregister_hw+0x55/0x3a0 [ 226.155626] hwsim_exit_net+0x3a0/0x730 [ 226.156030] ? __pfx_hwsim_exit_net+0x10/0x10 [ 226.156482] ? srso_return_thunk+0x5/0x5f [ 226.156921] ? netdev_run_todo+0x788/0x1040 [ 226.157370] ? __pfx_hwsim_exit_net+0x10/0x10 [ 226.157835] ops_exit_list+0xb3/0x180 [ 226.158230] cleanup_net+0x546/0xad0 [ 226.158612] ? __pfx_cleanup_net+0x10/0x10 [ 226.159089] process_one_work+0x8ee/0x1a10 [ 226.159611] ? __pfx_lock_acquire+0x10/0x10 [ 226.160116] ? __pfx_process_one_work+0x10/0x10 [ 226.160675] ? srso_return_thunk+0x5/0x5f [ 226.161181] ? move_linked_works+0x172/0x270 [ 226.161640] ? srso_return_thunk+0x5/0x5f [ 226.162095] ? assign_work+0x196/0x240 [ 226.162568] worker_thread+0x674/0xe70 [ 226.163043] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 226.163656] ? __pfx_worker_thread+0x10/0x10 [ 226.164175] kthread+0x3ab/0x720 [ 226.164552] ? __pfx_kthread+0x10/0x10 [ 226.164968] ? srso_return_thunk+0x5/0x5f [ 226.165408] ? finish_task_switch.isra.0+0x206/0x840 [ 226.165934] ? __pfx_kthread+0x10/0x10 [ 226.166347] ret_from_fork+0x48/0x80 [ 226.166717] ? __pfx_kthread+0x10/0x10 [ 226.167150] ret_from_fork_asm+0x1a/0x30 [ 226.167655] [ 228.095353] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 228.097672] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 228.098277] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 228.099961] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 228.100965] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 228.101574] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 228.232102] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 228.236623] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 228.239146] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 228.246323] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 228.251846] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 228.254114] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 228.294243] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 228.311880] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 228.315305] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 228.333158] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 228.337477] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 228.343561] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 228.356128] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 228.358086] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 228.360106] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 228.362812] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 228.373032] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 228.375237] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 228.377250] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 228.379177] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 228.380766] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 228.389691] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 228.399492] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 228.404156] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 228.431234] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 228.444947] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 228.445560] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 228.446558] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 228.447072] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 228.447359] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 228.466080] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 228.486175] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 228.500664] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 228.508996] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 228.511099] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 228.517674] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 228.520351] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 228.521077] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 228.521792] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 228.561998] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 228.564672] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 228.569477] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 230.133537] Bluetooth: hci0: command tx timeout [ 230.325470] Bluetooth: hci1: command tx timeout [ 230.453737] Bluetooth: hci4: command tx timeout [ 230.453948] Bluetooth: hci2: command tx timeout [ 230.517624] Bluetooth: hci3: command tx timeout [ 230.518049] Bluetooth: hci6: command tx timeout [ 230.645487] Bluetooth: hci5: command tx timeout [ 230.709484] Bluetooth: hci7: command tx timeout [ 232.183230] Bluetooth: hci0: command tx timeout [ 232.375431] Bluetooth: hci1: command tx timeout [ 232.501589] Bluetooth: hci2: command tx timeout [ 232.501699] Bluetooth: hci4: command tx timeout [ 232.565485] Bluetooth: hci3: command tx timeout [ 232.565542] Bluetooth: hci6: command tx timeout [ 232.694582] Bluetooth: hci5: command tx timeout [ 232.758449] Bluetooth: hci7: command tx timeout [ 234.230417] Bluetooth: hci0: command tx timeout [ 234.421546] Bluetooth: hci1: command tx timeout [ 234.550906] Bluetooth: hci4: command tx timeout [ 234.550923] Bluetooth: hci2: command tx timeout [ 234.613506] Bluetooth: hci6: command tx timeout [ 234.614404] Bluetooth: hci3: command tx timeout [ 234.743481] Bluetooth: hci5: command tx timeout [ 234.805686] Bluetooth: hci7: command tx timeout VM DIAGNOSIS: 00:34:54 Registers: info registers vcpu 0 RAX=000000000004dd3d RBX=0000000000000000 RCX=ffffffff84a8bb27 RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff814b1b6a RBP=dffffc0000000000 RSP=ffffffff85a07e10 R8 =0000000000000001 R9 =ffffed100d9c6c4a R10=ffff88806ce36253 R11=0000000000000001 R12=ffffffff864021d0 R13=1ffffffff0b40fc7 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff84a8cace RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f6a666d7958 CR3=0000000013018000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=000000000000000041737d9800000000 XMM03=0000ff00000000000000000000000000 XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962 XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff8283cd30 RDI=ffffffff886930a0 RBP=ffffffff88693060 RSP=ffff8880095deb20 R8 =0000000000000000 R9 =fffffbfff0be1544 R10=00000000000fe503 R11=6f6c206863696877 R12=0000000000000823 R13=0000000000000060 R14=fffffbfff10d2666 R15=dffffc0000000000 RIP=ffffffff8283cd85 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe5d00000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055e10a7aee68 CR3=0000000013018000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000000000000000000000 XMM03=000000c0002d05e0000000c000939040 XMM04=000000c0005246c0000000c000524540 XMM05=000000c000524c40000000c0005248c0 XMM06=000000c00051bbf0000000c00051bbc0 XMM07=000000c0005e2ca0000000c0005e2c60 XMM08=000000c0000864b0000000c000086480 XMM09=000000c000086510000000c0000864e0 XMM10=000000c000086540000000c00005b530 XMM11=000000c0000865a0000000c000086570 XMM12=000000c000086600000000c0000865d0 XMM13=000000c000086660000000c000086630 XMM14=000000c0000866c0000000c000086690 XMM15=000000c0000a1080000000c0000866f0