Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:27389' (ECDSA) to the list of known hosts. 2025/01/20 19:29:02 fuzzer started 2025/01/20 19:29:02 dialing manager at localhost:44833 syzkaller login: [ 69.782908] cgroup: Unknown subsys name 'net' [ 69.900514] cgroup: Unknown subsys name 'cpuset' [ 69.934389] cgroup: Unknown subsys name 'rlimit' [ 75.674157] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 2025/01/20 19:29:19 syscalls: 2217 2025/01/20 19:29:19 code coverage: enabled 2025/01/20 19:29:19 comparison tracing: enabled 2025/01/20 19:29:19 extra coverage: enabled 2025/01/20 19:29:19 setuid sandbox: enabled 2025/01/20 19:29:19 namespace sandbox: enabled 2025/01/20 19:29:19 Android sandbox: enabled 2025/01/20 19:29:19 fault injection: enabled 2025/01/20 19:29:19 leak checking: enabled 2025/01/20 19:29:19 net packet injection: enabled 2025/01/20 19:29:19 net device setup: enabled 2025/01/20 19:29:19 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/01/20 19:29:19 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/01/20 19:29:19 USB emulation: enabled 2025/01/20 19:29:19 hci packet injection: enabled 2025/01/20 19:29:19 wifi device emulation: enabled 2025/01/20 19:29:19 802.15.4 emulation: enabled 2025/01/20 19:29:19 fetching corpus: 0, signal 0/2000 (executing program) 2025/01/20 19:29:19 fetching corpus: 1, signal 584/4175 (executing program) 2025/01/20 19:29:19 fetching corpus: 1, signal 584/5903 (executing program) 2025/01/20 19:29:19 fetching corpus: 1, signal 584/5903 (executing program) 2025/01/20 19:29:23 starting 8 fuzzer processes 19:29:23 executing program 0: r0 = getpid() r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0) read(r1, &(0x7f0000000080)=""/1, 0x1) write$cgroup_pid(r1, &(0x7f00000000c0)=r0, 0x12) close(r1) openat(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/pids.max\x00', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/cpuset.cpus\x00', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/cgroup.procs\x00', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup.net/devices.allow\x00', 0x1, 0x0) 19:29:23 executing program 1: getpid() exit_group(0x0) getpid() 19:29:23 executing program 2: getpid() exit_group(0x1) getpid() 19:29:23 executing program 3: close(0x3) close(0x4) close(0x5) pipe2(&(0x7f0000000000)={0x0, 0x0}, 0x0) close(0x3) close(0x4) close(0x5) 19:29:23 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x1ff) write(r0, &(0x7f0000000080)="01010101", 0x4) read(r0, &(0x7f00000000c0)=""/4, 0x4) close(r0) [ 90.512336] audit: type=1400 audit(1737401363.893:7): avc: denied { execmem } for pid=282 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 19:29:23 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000080)={0x17e}) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x1ff) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000140)={0x17e}) 19:29:23 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./mnt\x00', 0x10000, 0x1d, &(0x7f0000000200)=[{&(0x7f0000010000)="1000000040000000030000002b00000005000000010000000000000000000000002000000020000010000000000000009f09c75f0000ffff53ef0100010000009f09c75f000000000000000001000000000000000b0000008000000038000000c20201006b04000076b65be2f6da47278c750525a5b65a090000000000000000", 0x80, 0x400}, {&(0x7f0000010080)="000000000000000000000000ede2de4df49d4f87b54a3176cfd4eb4f010040000c000000000000009f09c75f00"/64, 0x40, 0x4e0}, {&(0x7f00000100c0)="0100000000000000000000000000000000000000040100001200000000000000", 0x20, 0x560}, {&(0x7f00000100e0)="0000000000000000000000000000000000000000010400"/32, 0x20, 0x640}, {&(0x7f0000010100)="000000000000000000000000000000000000000000000000000000005178aedb0300000013000000230000002b0005000200040000000000907306c205002a9c00000000000000000000000000000000000000000000000091ecd11b00000000", 0x60, 0x7e0}, {&(0x7f0000010160)="ffff05000c000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff020000000c0001022e000000020000000c0002022e2e00000b000000dc030a026c6f73742b666f756e6400"/1088, 0x440, 0xc00}, {&(0x7f00000105a0)="0000000000000000000000000000000000000000000000000c0000de46b807b70b0000000c0001022e00000002000000e80302022e2e00"/64, 0x40, 0x13e0}, {&(0x7f00000105e0)="0000000000000000000000000000000000000000000000000c0000de5551aadd00000000f40300"/64, 0x40, 0x17e0}, {&(0x7f0000010620)="0000000000000000000000000000000000000000000000000c0000de2b607f2900000000f40300"/64, 0x40, 0x1be0}, {&(0x7f0000010660)="0000000000000000000000000000000000000000000000000c0000de2b607f2900000000f40300"/64, 0x40, 0x1fe0}, {&(0x7f00000106a0)="0000000000000000000000000000000000000000000000000c0000de2b607f2900000000f40300"/64, 0x40, 0x23e0}, {&(0x7f00000106e0)="0000000000000000000000000000000000000000000000000c0000de2b607f2900000000f40300"/64, 0x40, 0x27e0}, {&(0x7f0000010720)="0000000000000000000000000000000000000000000000000c0000de2b607f2900000000f40300"/64, 0x40, 0x2be0}, {&(0x7f0000010760)="0000000000000000000000000000000000000000000000000c0000de2b607f2900000000f40300"/64, 0x40, 0x2fe0}, {&(0x7f00000107a0)="0000000000000000000000000000000000000000000000000c0000de2b607f2900000000f40300"/64, 0x40, 0x33e0}, {&(0x7f00000107e0)="0000000000000000000000000000000000000000000000000c0000de2b607f2900000000f40300"/64, 0x40, 0x37e0}, {&(0x7f0000010820)="0000000000000000000000000000000000000000000000000c0000de2b607f2900000000f40300"/64, 0x40, 0x3be0}, {&(0x7f0000010860)="0000000000000000000000000000000000000000000000000c0000de2b607f2900000000f40300"/64, 0x40, 0x3fe0}, {&(0x7f00000108a0)="0000000000000000000000000000000000000000000000000c0000de2b607f29", 0x20, 0x43e0}, {&(0x7f00000108c0)="ff07ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x400, 0x4c00}, {&(0x7f0000010cc0)="00000000000000009f09c75f9f09c75f9f09c75f00"/32, 0x20, 0x8c00}, {&(0x7f0000010ce0)="00000000000000000000000000000000000000000000000000000000c99b0000ed410000000400009f09c75f9f09c75f9f09c75f00000000000003000200000000000800000000000af3010004000000000000000000000001000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005c1f0000", 0xa0, 0x8c60}, {&(0x7f0000010d80)="00000000000000000000000000000000000000000000000000000000acff0000", 0x20, 0x8d60}, {&(0x7f0000010da0)="000000000000000000000000000000000000000000000000000000000ee30000", 0x20, 0x8de0}, {&(0x7f0000010dc0)="00000000000000000000000000000000000000000000000000000000ce1e0000", 0x20, 0x8e60}, {&(0x7f0000010de0)="000000000000000000000000000000000000000000000000000000007f6e000080810000003004049f09c75f9f09c75f9f09c75f000000000000010002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000110000000000000000000000000000000000000000000000000000000000000005620000", 0xa0, 0x8ee0}, {&(0x7f0000010e80)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00;W\x00\x00', 0x20, 0x8fe0}, {&(0x7f0000010ea0)="00000000000000000000000000000000000000000000000000000000fbaa0000", 0x20, 0x9060}, {&(0x7f0000010ec0)="000000000000000000000000000000000000000000000000000000004ada0000c0410000003000009f09c75f9f09c75f9f09c75f00000000000002001800000000000800000000000af301000400000000000000000000000c0000000500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000070fa0000", 0xa0, 0x90e0}], 0x0, &(0x7f0000010f60)) r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='mnt', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000140)={@id={0x2, 0x0, @a}, 0x40, 0x0, '\x00', @a}) mkdirat(0xffffffffffffff9c, &(0x7f00000004c0)='mnt/encrypted_dir\x00', 0x1c0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000500)='mnt/encrypted_dir\x00', 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f0000000540)=@v2={0x2, @aes256, 0x0, '\x00', @a}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000580)='mnt/encrypted_dir/file\x00', 0x42, 0x180) write(r2, &(0x7f00000005c0)='foo', 0x3) 19:29:24 executing program 7: mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read(r0, &(0x7f0000000000), 0x2000) close(r0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) read(r1, &(0x7f0000000000), 0x2000) close(r1) munmap(&(0x7f0000000000/0x2000)=nil, 0x2000) [ 92.129381] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 92.130197] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 92.136729] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 92.142846] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 92.149400] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 92.154241] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 92.156671] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 92.159458] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 92.177683] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 92.184141] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 92.189939] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 92.191686] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 92.202587] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 92.208096] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 92.209209] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 92.217261] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 92.218564] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 92.222702] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 92.223853] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 92.225243] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 92.233808] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 92.239848] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 92.241356] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 92.245933] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 92.247552] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 92.248230] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 92.249214] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 92.251389] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 92.253276] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 92.253664] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 92.255974] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 92.257140] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 92.257745] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 92.258930] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 92.267960] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 92.279813] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 92.280994] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 92.282618] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 92.285958] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 92.296149] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 92.305600] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 92.306230] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 92.312314] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 92.315304] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 92.319156] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 92.322134] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 92.323015] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 92.324694] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 94.209955] Bluetooth: hci0: command tx timeout [ 94.272921] Bluetooth: hci1: command tx timeout [ 94.337544] Bluetooth: hci6: command tx timeout [ 94.337646] Bluetooth: hci4: command tx timeout [ 94.338392] Bluetooth: hci2: command tx timeout [ 94.402592] Bluetooth: hci3: command tx timeout [ 94.403728] Bluetooth: hci7: command tx timeout [ 94.403868] Bluetooth: hci5: command tx timeout [ 96.259528] Bluetooth: hci0: command tx timeout [ 96.321802] Bluetooth: hci1: command tx timeout [ 96.384782] Bluetooth: hci2: command tx timeout [ 96.385336] Bluetooth: hci4: command tx timeout [ 96.385622] Bluetooth: hci6: command tx timeout [ 96.449557] Bluetooth: hci5: command tx timeout [ 96.449641] Bluetooth: hci7: command tx timeout [ 96.449729] Bluetooth: hci3: command tx timeout [ 98.304734] Bluetooth: hci0: command tx timeout [ 98.369559] Bluetooth: hci1: command tx timeout [ 98.433741] Bluetooth: hci6: command tx timeout [ 98.434454] Bluetooth: hci4: command tx timeout [ 98.434790] Bluetooth: hci2: command tx timeout [ 98.498117] Bluetooth: hci3: command tx timeout [ 98.498771] Bluetooth: hci7: command tx timeout [ 98.499286] Bluetooth: hci5: command tx timeout [ 100.354519] Bluetooth: hci0: command tx timeout [ 100.417645] Bluetooth: hci1: command tx timeout [ 100.481557] Bluetooth: hci2: command tx timeout [ 100.481635] Bluetooth: hci4: command tx timeout [ 100.481714] Bluetooth: hci6: command tx timeout [ 100.545794] Bluetooth: hci5: command tx timeout [ 100.545870] Bluetooth: hci7: command tx timeout [ 100.545949] Bluetooth: hci3: command tx timeout [ 152.271467] [ 152.271714] ====================================================== [ 152.272311] WARNING: possible circular locking dependency detected [ 152.272911] 6.13.0-rc7-next-20250120 #1 Not tainted [ 152.273402] ------------------------------------------------------ [ 152.277458] kworker/u8:1/67 is trying to acquire lock: [ 152.277964] ffffffff8621eb28 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80 [ 152.278986] [ 152.278986] but task is already holding lock: [ 152.279545] ffff88800b748768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 152.280511] [ 152.280511] which lock already depends on the new lock. [ 152.280511] [ 152.281270] [ 152.281270] the existing dependency chain (in reverse order) is: [ 152.281976] [ 152.281976] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 152.282645] __mutex_lock+0x13d/0xb50 [ 152.283101] wiphy_register+0x1b2e/0x25d0 [ 152.283588] ieee80211_register_hw+0x23a4/0x3d60 [ 152.284125] mac80211_hwsim_new_radio+0x2759/0x4d60 [ 152.284695] init_mac80211_hwsim+0x389/0x870 [ 152.285209] do_one_initcall+0xf9/0x640 [ 152.285689] kernel_init_freeable+0x53d/0x7a0 [ 152.286220] kernel_init+0x1e/0x2d0 [ 152.286644] ret_from_fork+0x48/0x80 [ 152.287078] ret_from_fork_asm+0x1a/0x30 [ 152.287576] [ 152.287576] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 152.288204] __lock_acquire+0x29fd/0x4580 [ 152.288691] lock_acquire+0x19b/0x520 [ 152.289144] __mutex_lock+0x13d/0xb50 [ 152.289603] unregister_netdevice_many_notify+0x1612/0x1c80 [ 152.290225] unregister_netdevice_queue+0x224/0x2e0 [ 152.290776] _cfg80211_unregister_wdev+0x57b/0x700 [ 152.291331] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 152.291883] ieee80211_unregister_hw+0x55/0x3a0 [ 152.292405] hwsim_exit_net+0x3a0/0x730 [ 152.292864] ops_exit_list+0xb3/0x180 [ 152.293309] cleanup_net+0x546/0xad0 [ 152.293754] process_one_work+0x8ee/0x1a10 [ 152.294272] worker_thread+0x674/0xe70 [ 152.294756] kthread+0x3ab/0x720 [ 152.295180] ret_from_fork+0x48/0x80 [ 152.295622] ret_from_fork_asm+0x1a/0x30 [ 152.296113] [ 152.296113] other info that might help us debug this: [ 152.296113] [ 152.296874] Possible unsafe locking scenario: [ 152.296874] [ 152.297453] CPU0 CPU1 [ 152.297906] ---- ---- [ 152.298377] lock(&rdev->wiphy.mtx); [ 152.298781] lock(rtnl_mutex); [ 152.299379] lock(&rdev->wiphy.mtx); [ 152.300008] lock(rtnl_mutex); [ 152.300371] [ 152.300371] *** DEADLOCK *** [ 152.300371] [ 152.300950] 4 locks held by kworker/u8:1/67: [ 152.301387] #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10 [ 152.302407] #1: ffff88800be27d30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10 [ 152.303377] #2: ffffffff86212b50 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0 [ 152.304276] #3: ffff88800b748768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0 [ 152.305300] [ 152.305300] stack backtrace: [ 152.305739] CPU: 1 UID: 0 PID: 67 Comm: kworker/u8:1 Not tainted 6.13.0-rc7-next-20250120 #1 [ 152.306554] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 152.307342] Workqueue: netns cleanup_net [ 152.307764] Call Trace: [ 152.308026] [ 152.308256] dump_stack_lvl+0xca/0x120 [ 152.308673] print_circular_bug+0x47b/0x750 [ 152.309113] check_noncircular+0x2e9/0x3c0 [ 152.309543] ? srso_return_thunk+0x5/0x5f [ 152.309977] ? __pfx_check_noncircular+0x10/0x10 [ 152.310460] ? hlock_class+0x4e/0x130 [ 152.310839] ? mark_lock+0xac/0xed0 [ 152.311216] ? srso_return_thunk+0x5/0x5f [ 152.311654] ? dl_scaled_delta_exec+0xd4/0x2c0 [ 152.312115] ? lockdep_lock+0xba/0x1b0 [ 152.312546] ? __pfx_lockdep_lock+0x10/0x10 [ 152.312999] __lock_acquire+0x29fd/0x4580 [ 152.313434] ? __pfx___lock_acquire+0x10/0x10 [ 152.313886] ? lock_release+0x20f/0x6f0 [ 152.314298] ? __pfx_lock_release+0x10/0x10 [ 152.314739] lock_acquire+0x19b/0x520 [ 152.315130] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 152.315718] ? __pfx_lock_acquire+0x10/0x10 [ 152.316158] ? srso_return_thunk+0x5/0x5f [ 152.316595] ? lock_release+0x20f/0x6f0 [ 152.316999] ? srso_return_thunk+0x5/0x5f [ 152.317431] ? lock_is_held_type+0x9e/0x120 [ 152.317881] ? srso_return_thunk+0x5/0x5f [ 152.318340] __mutex_lock+0x13d/0xb50 [ 152.318750] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 152.319327] ? unregister_netdevice_many_notify+0x1612/0x1c80 [ 152.319918] ? srso_return_thunk+0x5/0x5f [ 152.320350] ? synchronize_rcu_expedited+0x38a/0x420 [ 152.320865] ? __pfx___mutex_lock+0x10/0x10 [ 152.321312] ? __pfx_autoremove_wake_function+0x10/0x10 [ 152.321859] ? srso_return_thunk+0x5/0x5f [ 152.322305] ? kasan_quarantine_put+0x84/0x1e0 [ 152.322799] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 152.323247] ? srso_return_thunk+0x5/0x5f [ 152.323689] unregister_netdevice_many_notify+0x1612/0x1c80 [ 152.324249] ? __virt_addr_valid+0x2e8/0x5d0 [ 152.324708] ? __pfx_lock_release+0x10/0x10 [ 152.325150] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 152.325741] ? find_held_lock+0x2c/0x110 [ 152.326178] ? srso_return_thunk+0x5/0x5f [ 152.326617] ? kernfs_remove_by_name_ns+0xc7/0x130 [ 152.327124] ? srso_return_thunk+0x5/0x5f [ 152.327560] ? lock_release+0x20f/0x6f0 [ 152.327970] ? __pfx_lock_release+0x10/0x10 [ 152.328405] ? srso_return_thunk+0x5/0x5f [ 152.328841] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 152.329363] ? srso_return_thunk+0x5/0x5f [ 152.329803] unregister_netdevice_queue+0x224/0x2e0 [ 152.330316] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 152.330875] ? up_write+0x195/0x520 [ 152.331266] _cfg80211_unregister_wdev+0x57b/0x700 [ 152.331765] ? srso_return_thunk+0x5/0x5f [ 152.332205] ieee80211_remove_interfaces+0x2f2/0x6b0 [ 152.332706] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 152.333261] ? srso_return_thunk+0x5/0x5f [ 152.333699] ? srso_return_thunk+0x5/0x5f [ 152.334147] ? synchronize_rcu+0x1ff/0x260 [ 152.334595] ieee80211_unregister_hw+0x55/0x3a0 [ 152.335074] hwsim_exit_net+0x3a0/0x730 [ 152.335481] ? __pfx_hwsim_exit_net+0x10/0x10 [ 152.335934] ? srso_return_thunk+0x5/0x5f [ 152.336372] ? netdev_run_todo+0x788/0x1040 [ 152.336815] ? __pfx_hwsim_exit_net+0x10/0x10 [ 152.337269] ops_exit_list+0xb3/0x180 [ 152.337667] cleanup_net+0x546/0xad0 [ 152.338054] ? __pfx_cleanup_net+0x10/0x10 [ 152.338503] process_one_work+0x8ee/0x1a10 [ 152.338957] ? __pfx_lock_acquire+0x10/0x10 [ 152.339399] ? __pfx_process_one_work+0x10/0x10 [ 152.339885] ? srso_return_thunk+0x5/0x5f [ 152.340329] ? move_linked_works+0x172/0x270 [ 152.340781] ? srso_return_thunk+0x5/0x5f [ 152.341215] ? assign_work+0x196/0x240 [ 152.341636] worker_thread+0x674/0xe70 [ 152.342049] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 152.342585] ? srso_return_thunk+0x5/0x5f [ 152.343021] ? __pfx_worker_thread+0x10/0x10 [ 152.343489] kthread+0x3ab/0x720 [ 152.343855] ? __pfx_kthread+0x10/0x10 [ 152.344265] ? srso_return_thunk+0x5/0x5f [ 152.344707] ? finish_task_switch.isra.0+0x206/0x840 [ 152.345210] ? __pfx_kthread+0x10/0x10 [ 152.345612] ret_from_fork+0x48/0x80 [ 152.345978] ? __pfx_kthread+0x10/0x10 [ 152.346384] ret_from_fork_asm+0x1a/0x30 [ 152.346814] [ 154.203911] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 154.206113] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 154.207334] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 154.211382] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 154.217392] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 154.220087] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 154.220382] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 154.224114] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 154.229806] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 154.238657] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 154.242902] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 154.248889] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 154.259063] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 154.265856] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 154.267713] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 154.267957] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 154.272030] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 154.273639] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 154.277906] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 154.278151] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 154.283073] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 154.295771] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 154.300831] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 154.308815] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 154.386442] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 154.389866] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 154.402005] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 154.412879] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 154.417021] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 154.420859] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 154.425392] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 154.430242] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 154.430656] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 154.446079] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 154.454651] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 154.464970] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 154.471324] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 154.473176] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 154.478986] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 154.482881] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 154.484797] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 154.494837] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 154.511977] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 154.538162] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 154.544803] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 154.547333] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 154.550998] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 154.552855] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 156.288512] Bluetooth: hci0: command tx timeout [ 156.352573] Bluetooth: hci3: command tx timeout [ 156.353408] Bluetooth: hci2: command tx timeout [ 156.353563] Bluetooth: hci1: command tx timeout [ 156.544641] Bluetooth: hci4: command tx timeout [ 156.544878] Bluetooth: hci5: command tx timeout [ 156.609698] Bluetooth: hci7: command tx timeout [ 156.672724] Bluetooth: hci6: command tx timeout [ 158.336637] Bluetooth: hci0: command tx timeout [ 158.400574] Bluetooth: hci1: command tx timeout [ 158.400639] Bluetooth: hci2: command tx timeout [ 158.400694] Bluetooth: hci3: command tx timeout [ 158.592523] Bluetooth: hci5: command tx timeout [ 158.592596] Bluetooth: hci4: command tx timeout [ 158.657487] Bluetooth: hci7: command tx timeout [ 158.722508] Bluetooth: hci6: command tx timeout [ 160.384669] Bluetooth: hci0: command tx timeout [ 160.449515] Bluetooth: hci3: command tx timeout [ 160.449613] Bluetooth: hci2: command tx timeout [ 160.449650] Bluetooth: hci1: command tx timeout [ 160.640525] Bluetooth: hci4: command tx timeout [ 160.640612] Bluetooth: hci5: command tx timeout [ 160.705611] Bluetooth: hci7: command tx timeout [ 160.768517] Bluetooth: hci6: command tx timeout VM DIAGNOSIS: 19:30:25 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=ffff88800ed41bc0 RCX=ffffffff81429a4a RDX=ffff88800ed41bc0 RSI=ffffffff814299d3 RDI=ffff88800bbce000 RBP=0000000000000000 RSP=ffff88800f0e7da8 R8 =0000000000000000 R9 =ffffed1001779c00 R10=ffff88800bbce007 R11=ffff88800ed42078 R12=ffff88807a7dfff9 R13=ffffffff886539a8 R14=ffff88800ed41bc0 R15=0000000000000086 RIP=ffffffff84ab1f40 RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000056416bcca100 CR3=000000000c8d0000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=a3ca2f117b4d64b9614cf5f60c428f46 XMM02=5d82995fcda3111200000000000fc820 XMM03=ee7587d5db12e8e300000000000fc8d8 XMM04=d4ca2ec38cad412a00000000000ae988 XMM05=64783926e2778d1c0000000000137ea8 XMM06=6098c19552daab490000000000114e28 XMM07=ee7587d5db12e8e300000000000fc8d8 XMM08=5d82995fcda3111200000000000fc820 XMM09=00000000000000000000000000000000 XMM10=00200000000000000020000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8283e2e5 RDI=ffffffff886990a0 RBP=ffffffff88699060 RSP=ffff88800be26bb8 R8 =0000000000000001 R9 =ffffed10017c4d67 R10=000000000000002d R11=2d2d2d2d2d2d2d2d R12=000000000000002d R13=0000000000000001 R14=ffff888008fea041 R15=ffff88800be26eb8 RIP=ffffffff8283e33d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fffc2bc4000 CR3=00000000163e6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000000000000000000000 XMM03=000000c0001908f8000000c0001908f0 XMM04=000000c000190950000000c000190948 XMM05=000000c000192830000000c000190958 XMM06=000000c000192850000000c000192840 XMM07=000000c000192870000000c000192860 XMM08=000000c00000d6a0000000c00000d680 XMM09=000000c00000d6e0000000c00000d6c0 XMM10=000000c00000d720000000c00000d700 XMM11=000000c0001928c0000000c000192260 XMM12=000000c0004fb200000000c0004fb0f0 XMM13=0000000000000041000000c00001a000 XMM14=000000000000000c000000c000014050 XMM15=000000000000000d000000c000014060