Warning: Permanently added '[localhost]:61040' (ED25519) to the list of known hosts. [ 67.641690][ T1031] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.644642][ T1031] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.670999][ T1031] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.673707][ T1031] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 executing program [ 67.831877][ T1090] [ 67.832894][ T1090] ====================================================== [ 67.835320][ T1090] WARNING: possible circular locking dependency detected [ 67.837764][ T1090] 6.13.0-syzkaller-09585-gb4b0881156fb #0 Not tainted [ 67.840199][ T1090] ------------------------------------------------------ [ 67.842651][ T1090] kworker/u4:10/1090 is trying to acquire lock: [ 67.844896][ T1090] ffffffff8fcbef88 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0xac2/0x2030 [ 67.848583][ T1090] [ 67.848583][ T1090] but task is already holding lock: [ 67.851137][ T1090] ffff888044098768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0x129/0x700 [ 67.854722][ T1090] [ 67.854722][ T1090] which lock already depends on the new lock. [ 67.854722][ T1090] [ 67.858263][ T1090] [ 67.858263][ T1090] the existing dependency chain (in reverse order) is: [ 67.861388][ T1090] [ 67.861388][ T1090] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}: [ 67.864110][ T1090] lock_acquire+0x1ed/0x550 [ 67.865923][ T1090] __mutex_lock+0x19c/0x1010 [ 67.867733][ T1090] wiphy_register+0x1a49/0x27b0 [ 67.869662][ T1090] ieee80211_register_hw+0x354e/0x4240 [ 67.871755][ T1090] mac80211_hwsim_new_radio+0x2a9f/0x4aa0 [ 67.874083][ T1090] init_mac80211_hwsim+0x87a/0xb00 [ 67.876033][ T1090] do_one_initcall+0x248/0x870 [ 67.877905][ T1090] do_initcall_level+0x157/0x210 [ 67.879854][ T1090] do_initcalls+0x3f/0x80 [ 67.881564][ T1090] kernel_init_freeable+0x435/0x5d0 [ 67.883648][ T1090] kernel_init+0x1d/0x2b0 [ 67.885426][ T1090] ret_from_fork+0x4b/0x80 [ 67.887244][ T1090] ret_from_fork_asm+0x1a/0x30 [ 67.889123][ T1090] [ 67.889123][ T1090] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 67.891669][ T1090] validate_chain+0x18ef/0x5920 [ 67.893635][ T1090] __lock_acquire+0x1397/0x2100 [ 67.895650][ T1090] lock_acquire+0x1ed/0x550 [ 67.897779][ T1090] __mutex_lock+0x19c/0x1010 [ 67.899502][ T1090] unregister_netdevice_many_notify+0xac2/0x2030 [ 67.901886][ T1090] unregister_netdevice_queue+0x303/0x370 [ 67.904038][ T1090] _cfg80211_unregister_wdev+0x163/0x590 [ 67.906299][ T1090] ieee80211_remove_interfaces+0x4ef/0x700 [ 67.908358][ T1090] ieee80211_unregister_hw+0x5d/0x2c0 [ 67.910671][ T1090] mac80211_hwsim_del_radio+0x2c4/0x4c0 [ 67.912794][ T1090] hwsim_exit_net+0x5c1/0x670 [ 67.914616][ T1090] cleanup_net+0x812/0xd60 [ 67.916437][ T1090] process_scheduled_works+0xa66/0x1840 [ 67.918570][ T1090] worker_thread+0x870/0xd30 [ 67.920379][ T1090] kthread+0x7a9/0x920 [ 67.921983][ T1090] ret_from_fork+0x4b/0x80 [ 67.923730][ T1090] ret_from_fork_asm+0x1a/0x30 [ 67.925635][ T1090] [ 67.925635][ T1090] other info that might help us debug this: [ 67.925635][ T1090] [ 67.929163][ T1090] Possible unsafe locking scenario: [ 67.929163][ T1090] [ 67.931740][ T1090] CPU0 CPU1 [ 67.933674][ T1090] ---- ---- [ 67.935612][ T1090] lock(&rdev->wiphy.mtx); [ 67.937346][ T1090] lock(rtnl_mutex); [ 67.939659][ T1090] lock(&rdev->wiphy.mtx); [ 67.942091][ T1090] lock(rtnl_mutex); [ 67.943515][ T1090] [ 67.943515][ T1090] *** DEADLOCK *** [ 67.943515][ T1090] [ 67.946367][ T1090] 4 locks held by kworker/u4:10/1090: [ 67.948318][ T1090] #0: ffff88801baef148 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840 [ 67.952195][ T1090] #1: ffffc9000255fc60 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840 [ 67.955812][ T1090] #2: ffffffff8fcb29d0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0x17a/0xd60 [ 67.959112][ T1090] #3: ffff888044098768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0x129/0x700 [ 67.963002][ T1090] [ 67.963002][ T1090] stack backtrace: [ 67.965150][ T1090] CPU: 0 UID: 0 PID: 1090 Comm: kworker/u4:10 Not tainted 6.13.0-syzkaller-09585-gb4b0881156fb #0 [ 67.965163][ T1090] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 67.965171][ T1090] Workqueue: netns cleanup_net [ 67.965188][ T1090] Call Trace: [ 67.965194][ T1090] [ 67.965199][ T1090] dump_stack_lvl+0x241/0x360 [ 67.965211][ T1090] ? __pfx_dump_stack_lvl+0x10/0x10 [ 67.965222][ T1090] ? __pfx__printk+0x10/0x10 [ 67.965238][ T1090] print_circular_bug+0x13a/0x1b0 [ 67.965250][ T1090] check_noncircular+0x36a/0x4a0 [ 67.965260][ T1090] ? __pfx_check_noncircular+0x10/0x10 [ 67.965271][ T1090] ? lockdep_lock+0x123/0x2b0 [ 67.965284][ T1090] ? mark_lock+0x9a/0x360 [ 67.965297][ T1090] validate_chain+0x18ef/0x5920 [ 67.965309][ T1090] ? lockdep_hardirqs_on+0x99/0x150 [ 67.965323][ T1090] ? __pfx_validate_chain+0x10/0x10 [ 67.965330][ T1090] ? __schedule+0x1916/0x4c90 [ 67.965344][ T1090] ? __pfx___schedule+0x10/0x10 [ 67.965356][ T1090] ? mark_lock+0x9a/0x360 [ 67.965370][ T1090] __lock_acquire+0x1397/0x2100 [ 67.965387][ T1090] lock_acquire+0x1ed/0x550 [ 67.965400][ T1090] ? unregister_netdevice_many_notify+0xac2/0x2030 [ 67.965410][ T1090] ? __pfx_lock_acquire+0x10/0x10 [ 67.965417][ T1090] ? __pfx___might_resched+0x10/0x10 [ 67.965426][ T1090] ? kthread_queue_work+0x110/0x180 [ 67.965434][ T1090] __mutex_lock+0x19c/0x1010 [ 67.965442][ T1090] ? unregister_netdevice_many_notify+0xac2/0x2030 [ 67.965449][ T1090] ? unregister_netdevice_many_notify+0xac2/0x2030 [ 67.965457][ T1090] ? __pfx___mutex_lock+0x10/0x10 [ 67.965467][ T1090] ? __pfx___might_resched+0x10/0x10 [ 67.965503][ T1090] ? unregister_netdevice_many_notify+0x9fa/0x2030 [ 67.965515][ T1090] ? unregister_netdevice_many_notify+0x9fa/0x2030 [ 67.965525][ T1090] unregister_netdevice_many_notify+0xac2/0x2030 [ 67.965535][ T1090] ? mark_lock+0x9a/0x360 [ 67.965550][ T1090] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 67.965568][ T1090] ? kernfs_remove_by_name_ns+0x11b/0x160 [ 67.965580][ T1090] ? __pfx_lock_release+0x10/0x10 [ 67.965596][ T1090] unregister_netdevice_queue+0x303/0x370 [ 67.965611][ T1090] ? __pfx_up_write+0x10/0x10 [ 67.965620][ T1090] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 67.965636][ T1090] ? kernfs_remove_by_name_ns+0x11b/0x160 [ 67.965647][ T1090] _cfg80211_unregister_wdev+0x163/0x590 [ 67.965661][ T1090] ieee80211_remove_interfaces+0x4ef/0x700 [ 67.965679][ T1090] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 67.965694][ T1090] ? rcu_is_watching+0x15/0xb0 [ 67.965706][ T1090] ieee80211_unregister_hw+0x5d/0x2c0 [ 67.965719][ T1090] mac80211_hwsim_del_radio+0x2c4/0x4c0 [ 67.965735][ T1090] ? __pfx_mac80211_hwsim_del_radio+0x10/0x10 [ 67.965752][ T1090] hwsim_exit_net+0x5c1/0x670 [ 67.965764][ T1090] ? __pfx_hwsim_exit_net+0x10/0x10 [ 67.965777][ T1090] ? __ip_vs_dev_cleanup_batch+0x239/0x260 [ 67.965791][ T1090] cleanup_net+0x812/0xd60 [ 67.965805][ T1090] ? __pfx_cleanup_net+0x10/0x10 [ 67.965818][ T1090] ? process_scheduled_works+0x976/0x1840 [ 67.965830][ T1090] process_scheduled_works+0xa66/0x1840 [ 67.965844][ T1090] ? __pfx_process_scheduled_works+0x10/0x10 [ 67.965856][ T1090] ? assign_work+0x364/0x3d0 [ 67.965868][ T1090] worker_thread+0x870/0xd30 [ 67.965881][ T1090] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 67.965892][ T1090] ? __kthread_parkme+0x169/0x1d0 [ 67.965904][ T1090] ? __pfx_worker_thread+0x10/0x10 [ 67.965915][ T1090] kthread+0x7a9/0x920 [ 67.965928][ T1090] ? __pfx_kthread+0x10/0x10 [ 67.965941][ T1090] ? __pfx_worker_thread+0x10/0x10 [ 67.965952][ T1090] ? __pfx_kthread+0x10/0x10 [ 67.965964][ T1090] ? __pfx_kthread+0x10/0x10 [ 67.965975][ T1090] ? __pfx_kthread+0x10/0x10 [ 67.965982][ T1090] ? _raw_spin_unlock_irq+0x23/0x50 [ 67.965988][ T1090] ? lockdep_hardirqs_on+0x99/0x150 [ 67.965994][ T1090] ? __pfx_kthread+0x10/0x10 [ 67.966002][ T1090] ret_from_fork+0x4b/0x80 [ 67.966010][ T1090] ? __pfx_kthread+0x10/0x10 [ 67.966017][ T1090] ret_from_fork_asm+0x1a/0x30 [ 67.966027][ T1090] VM DIAGNOSIS: 12:35:25 Registers: info registers vcpu 0 CPU#0 RAX=96868fe2b26d3b00 RBX=ffffffff8194639c RCX=00000000000069d9 RDX=0000000000000001 RSI=ffffffff8c608000 RDI=ffffffff8194639c RBP=ffffffff8e607eb8 RSP=ffffffff8e607d68 R8 =ffff88801fc3795b R9 =1ffff11003f86f2b R10=dffffc0000000000 R11=ffffed1003f86f2c R12=1ffffffff1cc0fc6 R13=1ffffffff1cd2cb0 R14=0000000000000000 R15=dffffc0000000000 RIP=ffffffff8bf56263 RFL=000002c2 [--SZ---] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88801fc00000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fff7afff168 CR3=000000000e738000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000004040003 Opmask01=0000000000000001 Opmask02=00000000ffff3f01 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff7afde4d0 0000003000000010 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff7afde4d0 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e2e2e2e2e2e2e2e 2e2e2e2e2e2e2e2e ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000ff0000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000ff000000ff00 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f73616572003663 6974617473006575 6575715f6c6f7274 6e6f63203a732500 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a56444057001346 4c51445156004050 4050545f494a5751 4b4a46051f560000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055801ae7bd39 0000000000000041 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000b1 0000558542b39700 00316e6170772f74 656e2f317968702f ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 0000558527d43233 73656d5f70636864 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 725f0f41cf4b8661 72610f7ffb6df37f 656775f777f57fff 7f7f7d7f75777965 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7261762f00657361 656c2e732573252f 6463706368642f62 642f7261762f0073 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 0000000000000031 0000726565666965 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 0000000000000031 00006d5f65636864 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbf2b313423342c ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 262821df2e2e33df 3228df3232202b22 df312e232d2435bf 2324353124322431 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020