possible deadlock in ieee80211_remove_interfaces
netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
bridge_slave_1: left allmulticast mode
bridge_slave_1: left promiscuous mode
bridge0: port 2(bridge_slave_1) entered disabled state
bridge_slave_0: left allmulticast mode
bridge_slave_0: left promiscuous mode
bridge0: port 1(bridge_slave_0) entered disabled state
bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
bond0 (unregistering): Released all slaves
======================================================
WARNING: possible circular locking dependency detected
6.13.0-syzkaller-g72deda0abee6 #0 Not tainted
------------------------------------------------------
kworker/u32:7/1142 is trying to acquire lock:
ffffffff8fef2d68 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_acquire_if_cleanup_net net/core/dev.c:10272 [inline]
ffffffff8fef2d68 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1a51/0x21a0 net/core/dev.c:11792
but task is already holding lock:
ffff888032c38768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: class_wiphy_constructor include/net/cfg80211.h:6061 [inline]
ffff888032c38768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf1/0x720 net/mac80211/iface.c:2280
which lock already depends on the new lock.
the existing dependency chain (in reverse order) is:
-> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}:
__mutex_lock_common kernel/locking/mutex.c:585 [inline]
__mutex_lock+0x19b/0xb10 kernel/locking/mutex.c:730
wiphy_lock include/net/cfg80211.h:6046 [inline]
wiphy_register+0x1c9c/0x2860 net/wireless/core.c:1003
ieee80211_register_hw+0x2455/0x4060 net/mac80211/main.c:1587
mac80211_hwsim_new_radio+0x304e/0x54e0 drivers/net/wireless/virtual/mac80211_hwsim.c:5558
init_mac80211_hwsim+0x432/0x8c0 drivers/net/wireless/virtual/mac80211_hwsim.c:6910
do_one_initcall+0x128/0x700 init/main.c:1257
do_initcall_level init/main.c:1319 [inline]
do_initcalls init/main.c:1335 [inline]
do_basic_setup init/main.c:1354 [inline]
kernel_init_freeable+0x5c7/0x900 init/main.c:1568
kernel_init+0x1c/0x2b0 init/main.c:1457
ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:148
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
-> #0 (rtnl_mutex){+.+.}-{4:4}:
check_prev_add kernel/locking/lockdep.c:3163 [inline]
check_prevs_add kernel/locking/lockdep.c:3282 [inline]
validate_chain kernel/locking/lockdep.c:3906 [inline]
__lock_acquire+0x249e/0x3c40 kernel/locking/lockdep.c:5228
lock_acquire.part.0+0x11b/0x380 kernel/locking/lockdep.c:5851
__mutex_lock_common kernel/locking/mutex.c:585 [inline]
__mutex_lock+0x19b/0xb10 kernel/locking/mutex.c:730
rtnl_acquire_if_cleanup_net net/core/dev.c:10272 [inline]
unregister_netdevice_many_notify+0x1a51/0x21a0 net/core/dev.c:11792
unregister_netdevice_many net/core/dev.c:11875 [inline]
unregister_netdevice_queue+0x307/0x3f0 net/core/dev.c:11741
unregister_netdevice include/linux/netdevice.h:3329 [inline]
_cfg80211_unregister_wdev+0x64b/0x830 net/wireless/core.c:1248
ieee80211_remove_interfaces+0x34f/0x720 net/mac80211/iface.c:2305
ieee80211_unregister_hw+0x55/0x3a0 net/mac80211/main.c:1681
mac80211_hwsim_del_radio drivers/net/wireless/virtual/mac80211_hwsim.c:5664 [inline]
hwsim_exit_net+0x3ad/0x7d0 drivers/net/wireless/virtual/mac80211_hwsim.c:6544
ops_exit_list+0xb0/0x180 net/core/net_namespace.c:172
cleanup_net+0x5c6/0xbf0 net/core/net_namespace.c:652
process_one_work+0x9c5/0x1ba0 kernel/workqueue.c:3236
process_scheduled_works kernel/workqueue.c:3317 [inline]
worker_thread+0x6c8/0xf00 kernel/workqueue.c:3398
kthread+0x3af/0x750 kernel/kthread.c:464
ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:148
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
other info that might help us debug this:
Possible unsafe locking scenario:
CPU0 CPU1
---- ----
lock(&rdev->wiphy.mtx);
lock(rtnl_mutex);
lock(&rdev->wiphy.mtx);
lock(rtnl_mutex);
*** DEADLOCK ***
4 locks held by kworker/u32:7/1142:
#0: ffff88801c284948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0 kernel/workqueue.c:3211
#1: ffffc90006547d18 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0 kernel/workqueue.c:3212
#2: ffffffff8fedd150 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xbf0 net/core/net_namespace.c:606
#3: ffff888032c38768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: class_wiphy_constructor include/net/cfg80211.h:6061 [inline]
#3: ffff888032c38768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf1/0x720 net/mac80211/iface.c:2280
stack backtrace:
CPU: 3 UID: 0 PID: 1142 Comm: kworker/u32:7 Not tainted 6.13.0-syzkaller-g72deda0abee6 #0
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
Workqueue: netns cleanup_net
Call Trace:
__dump_stack lib/dump_stack.c:94 [inline]
dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120
print_circular_bug+0x490/0x760 kernel/locking/lockdep.c:2076
check_noncircular+0x31a/0x400 kernel/locking/lockdep.c:2208
check_prev_add kernel/locking/lockdep.c:3163 [inline]
check_prevs_add kernel/locking/lockdep.c:3282 [inline]
validate_chain kernel/locking/lockdep.c:3906 [inline]
__lock_acquire+0x249e/0x3c40 kernel/locking/lockdep.c:5228
lock_acquire.part.0+0x11b/0x380 kernel/locking/lockdep.c:5851
__mutex_lock_common kernel/locking/mutex.c:585 [inline]
__mutex_lock+0x19b/0xb10 kernel/locking/mutex.c:730
rtnl_acquire_if_cleanup_net net/core/dev.c:10272 [inline]
unregister_netdevice_many_notify+0x1a51/0x21a0 net/core/dev.c:11792
unregister_netdevice_many net/core/dev.c:11875 [inline]
unregister_netdevice_queue+0x307/0x3f0 net/core/dev.c:11741
unregister_netdevice include/linux/netdevice.h:3329 [inline]
_cfg80211_unregister_wdev+0x64b/0x830 net/wireless/core.c:1248
ieee80211_remove_interfaces+0x34f/0x720 net/mac80211/iface.c:2305
ieee80211_unregister_hw+0x55/0x3a0 net/mac80211/main.c:1681
mac80211_hwsim_del_radio drivers/net/wireless/virtual/mac80211_hwsim.c:5664 [inline]
hwsim_exit_net+0x3ad/0x7d0 drivers/net/wireless/virtual/mac80211_hwsim.c:6544
ops_exit_list+0xb0/0x180 net/core/net_namespace.c:172
cleanup_net+0x5c6/0xbf0 net/core/net_namespace.c:652
process_one_work+0x9c5/0x1ba0 kernel/workqueue.c:3236
process_scheduled_works kernel/workqueue.c:3317 [inline]
worker_thread+0x6c8/0xf00 kernel/workqueue.c:3398
kthread+0x3af/0x750 kernel/kthread.c:464
ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:148
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
hsr_slave_0: left promiscuous mode
hsr_slave_1: left promiscuous mode
batman_adv: batadv0: Interface deactivated: batadv_slave_0
batman_adv: batadv0: Removing interface: batadv_slave_0
batman_adv: batadv0: Interface deactivated: batadv_slave_1
batman_adv: batadv0: Removing interface: batadv_slave_1
veth1_macvtap: left promiscuous mode
veth0_macvtap: left promiscuous mode
veth1_vlan: left promiscuous mode
veth0_vlan: left promiscuous mode
team0 (unregistering): Port device team_slave_1 removed
team0 (unregistering): Port device team_slave_0 removed
[ 38.212463][ T39] audit: type=1400 audit(1738258132.404:80): avc: denied { write } for pid=5910 comm="sh" path="pipe:[3562]" dev="pipefs" ino=3562 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[ 38.219601][ T39] audit: type=1400 audit(1738258132.404:81): avc: denied { rlimitinh } for pid=5910 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 38.226512][ T39] audit: type=1400 audit(1738258132.404:82): avc: denied { siginh } for pid=5910 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 38.908120][ T39] audit: type=1400 audit(1738258133.104:83): avc: denied { read } for pid=5332 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[ 38.915968][ T39] audit: type=1400 audit(1738258133.104:84): avc: denied { append } for pid=5332 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 38.923502][ T39] audit: type=1400 audit(1738258133.104:85): avc: denied { open } for pid=5332 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 38.931377][ T39] audit: type=1400 audit(1738258133.104:86): avc: denied { getattr } for pid=5332 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
Warning: Permanently added '[localhost]:50047' (ED25519) to the list of known hosts.
[ 41.686128][ T39] audit: type=1400 audit(1738258135.884:87): avc: denied { execute } for pid=5930 comm="sh" name="syz-execprog" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
2025/01/30 17:28:55 ignoring optional flag "sandboxArg"="0"
2025/01/30 17:28:55 ignoring optional flag "type"="qemu"
2025/01/30 17:28:56 parsed 1 programs
[ 41.991079][ T5937] cgroup: Unknown subsys name 'net'
[ 42.130757][ T5937] cgroup: Unknown subsys name 'cpuset'
[ 42.134089][ T5937] cgroup: Unknown subsys name 'rlimit'
[ 42.279956][ T5939] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped).
[ 42.848834][ T5937] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
2025/01/30 17:28:57 executed programs: 0
[ 42.889751][ T66] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 42.893589][ T66] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 42.896133][ T66] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 42.899090][ T66] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 42.901524][ T66] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 42.904270][ T66] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 42.979094][ T5943] chnl_net:caif_netlink_parms(): no params data found
[ 43.020387][ T5943] bridge0: port 1(bridge_slave_0) entered blocking state
[ 43.023254][ T5943] bridge0: port 1(bridge_slave_0) entered disabled state
[ 43.025453][ T5943] bridge_slave_0: entered allmulticast mode
[ 43.027626][ T5943] bridge_slave_0: entered promiscuous mode
[ 43.031194][ T5943] bridge0: port 2(bridge_slave_1) entered blocking state
[ 43.033109][ T5943] bridge0: port 2(bridge_slave_1) entered disabled state
[ 43.034934][ T5943] bridge_slave_1: entered allmulticast mode
[ 43.036882][ T5943] bridge_slave_1: entered promiscuous mode
[ 43.056414][ T5943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 43.060183][ T5943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 43.081151][ T5943] team0: Port device team_slave_0 added
[ 43.083656][ T5943] team0: Port device team_slave_1 added
[ 43.100264][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 43.102055][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 43.109149][ T5943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 43.113196][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 43.114951][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 43.121527][ T5943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 43.145383][ T5943] hsr_slave_0: entered promiscuous mode
[ 43.147176][ T5943] hsr_slave_1: entered promiscuous mode
[ 43.217504][ T5943] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 43.222834][ T5943] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 43.226184][ T5943] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 43.229263][ T5943] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 43.241639][ T5943] bridge0: port 2(bridge_slave_1) entered blocking state
[ 43.243759][ T5943] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 43.246404][ T5943] bridge0: port 1(bridge_slave_0) entered blocking state
[ 43.248905][ T5943] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 43.272644][ T5943] 8021q: adding VLAN 0 to HW filter on device bond0
[ 43.280178][ T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 43.283176][ T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 43.292448][ T5943] 8021q: adding VLAN 0 to HW filter on device team0
[ 43.298599][ T74] bridge0: port 1(bridge_slave_0) entered blocking state
[ 43.300957][ T74] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 43.306616][ T74] bridge0: port 2(bridge_slave_1) entered blocking state
[ 43.308842][ T74] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 43.350329][ T39] kauditd_printk_skb: 31 callbacks suppressed
[ 43.350340][ T39] audit: type=1400 audit(1738258137.554:119): avc: denied { sys_module } for pid=5943 comm="syz-executor.0" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[ 43.402532][ T5943] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 43.419994][ T5943] veth0_vlan: entered promiscuous mode
[ 43.424262][ T5943] veth1_vlan: entered promiscuous mode
[ 43.436113][ T5943] veth0_macvtap: entered promiscuous mode
[ 43.442160][ T5943] veth1_macvtap: entered promiscuous mode
[ 43.449835][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 43.455956][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 43.461254][ T5943] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 43.464318][ T5943] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 43.467418][ T5943] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 43.472079][ T5943] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 43.509813][ T74] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 43.512247][ T74] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 43.525284][ T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 43.527534][ T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 43.555495][ T5943] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 43.572529][ T39] audit: type=1400 audit(1738258137.774:120): avc: denied { read write } for pid=5943 comm="syz-executor.0" name="loop0" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 43.578934][ T39] audit: type=1400 audit(1738258137.774:121): avc: denied { open } for pid=5943 comm="syz-executor.0" path="/dev/loop0" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 43.586671][ T39] audit: type=1400 audit(1738258137.774:122): avc: denied { ioctl } for pid=5943 comm="syz-executor.0" path="/dev/loop0" dev="devtmpfs" ino=658 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 46.087838][ T1142] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 47.556716][ T1142] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 47.634074][ T1142] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 47.727242][ T1142] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 47.803619][ T1142] bridge_slave_1: left allmulticast mode
[ 47.805427][ T1142] bridge_slave_1: left promiscuous mode
[ 47.807647][ T1142] bridge0: port 2(bridge_slave_1) entered disabled state
[ 47.815795][ T1142] bridge_slave_0: left allmulticast mode
[ 47.818199][ T1142] bridge_slave_0: left promiscuous mode
[ 47.820944][ T1142] bridge0: port 1(bridge_slave_0) entered disabled state
[ 48.029032][ T1142] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 48.033272][ T1142] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 48.037163][ T1142] bond0 (unregistering): Released all slaves
[ 48.170503][ T1142]
[ 48.171264][ T1142] ======================================================
[ 48.173700][ T1142] WARNING: possible circular locking dependency detected
[ 48.175814][ T1142] 6.13.0-syzkaller-g72deda0abee6 #0 Not tainted
[ 48.177613][ T1142] ------------------------------------------------------
[ 48.179623][ T1142] kworker/u32:7/1142 is trying to acquire lock:
[ 48.181393][ T1142] ffffffff8fef2d68 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1a51/0x21a0
[ 48.184945][ T1142]
[ 48.184945][ T1142] but task is already holding lock:
[ 48.187588][ T1142] ffff888032c38768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf1/0x720
[ 48.190561][ T1142]
[ 48.190561][ T1142] which lock already depends on the new lock.
[ 48.190561][ T1142]
[ 48.193526][ T1142]
[ 48.193526][ T1142] the existing dependency chain (in reverse order) is:
[ 48.196209][ T1142]
[ 48.196209][ T1142] -> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}:
[ 48.199149][ T1142] __mutex_lock+0x19b/0xb10
[ 48.200984][ T1142] wiphy_register+0x1c9c/0x2860
[ 48.203072][ T1142] ieee80211_register_hw+0x2455/0x4060
[ 48.205230][ T1142] mac80211_hwsim_new_radio+0x304e/0x54e0
[ 48.207364][ T1142] init_mac80211_hwsim+0x432/0x8c0
[ 48.209427][ T1142] do_one_initcall+0x128/0x700
[ 48.211417][ T1142] kernel_init_freeable+0x5c7/0x900
[ 48.213301][ T1142] kernel_init+0x1c/0x2b0
[ 48.214699][ T1142] ret_from_fork+0x45/0x80
[ 48.216123][ T1142] ret_from_fork_asm+0x1a/0x30
[ 48.217632][ T1142]
[ 48.217632][ T1142] -> #0 (rtnl_mutex){+.+.}-{4:4}:
[ 48.219979][ T1142] __lock_acquire+0x249e/0x3c40
[ 48.222083][ T1142] lock_acquire.part.0+0x11b/0x380
[ 48.223768][ T1142] __mutex_lock+0x19b/0xb10
[ 48.225220][ T1142] unregister_netdevice_many_notify+0x1a51/0x21a0
[ 48.227191][ T1142] unregister_netdevice_queue+0x307/0x3f0
[ 48.229357][ T1142] _cfg80211_unregister_wdev+0x64b/0x830
[ 48.231570][ T1142] ieee80211_remove_interfaces+0x34f/0x720
[ 48.233842][ T1142] ieee80211_unregister_hw+0x55/0x3a0
[ 48.235973][ T1142] hwsim_exit_net+0x3ad/0x7d0
[ 48.237880][ T1142] ops_exit_list+0xb0/0x180
[ 48.239669][ T1142] cleanup_net+0x5c6/0xbf0
[ 48.241376][ T1142] process_one_work+0x9c5/0x1ba0
[ 48.243404][ T1142] worker_thread+0x6c8/0xf00
[ 48.245463][ T1142] kthread+0x3af/0x750
[ 48.247301][ T1142] ret_from_fork+0x45/0x80
[ 48.249249][ T1142] ret_from_fork_asm+0x1a/0x30
[ 48.251287][ T1142]
[ 48.251287][ T1142] other info that might help us debug this:
[ 48.251287][ T1142]
[ 48.254456][ T1142] Possible unsafe locking scenario:
[ 48.254456][ T1142]
[ 48.256564][ T1142] CPU0 CPU1
[ 48.258028][ T1142] ---- ----
[ 48.259492][ T1142] lock(&rdev->wiphy.mtx);
[ 48.260765][ T1142] lock(rtnl_mutex);
[ 48.262716][ T1142] lock(&rdev->wiphy.mtx);
[ 48.264675][ T1142] lock(rtnl_mutex);
[ 48.265776][ T1142]
[ 48.265776][ T1142] *** DEADLOCK ***
[ 48.265776][ T1142]
[ 48.267927][ T1142] 4 locks held by kworker/u32:7/1142:
[ 48.269393][ T1142] #0: ffff88801c284948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0
[ 48.272190][ T1142] #1: ffffc90006547d18 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0
[ 48.274939][ T1142] #2: ffffffff8fedd150 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xbf0
[ 48.277503][ T1142] #3: ffff888032c38768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf1/0x720
[ 48.280415][ T1142]
[ 48.280415][ T1142] stack backtrace:
[ 48.282046][ T1142] CPU: 3 UID: 0 PID: 1142 Comm: kworker/u32:7 Not tainted 6.13.0-syzkaller-g72deda0abee6 #0
[ 48.282063][ T1142] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 48.282073][ T1142] Workqueue: netns cleanup_net
[ 48.282091][ T1142] Call Trace:
[ 48.282097][ T1142]
[ 48.282103][ T1142] dump_stack_lvl+0x116/0x1f0
[ 48.282125][ T1142] print_circular_bug+0x490/0x760
[ 48.282147][ T1142] check_noncircular+0x31a/0x400
[ 48.282164][ T1142] ? __pfx_check_noncircular+0x10/0x10
[ 48.282183][ T1142] ? lockdep_lock+0xc6/0x200
[ 48.282192][ T1142] ? __pfx_lockdep_lock+0x10/0x10
[ 48.282200][ T1142] ? __pfx_lock_release+0x10/0x10
[ 48.282211][ T1142] __lock_acquire+0x249e/0x3c40
[ 48.282224][ T1142] ? __pfx___lock_acquire+0x10/0x10
[ 48.282234][ T1142] ? synchronize_rcu_expedited+0x424/0x450
[ 48.282247][ T1142] ? __pfx_lock_release+0x10/0x10
[ 48.282258][ T1142] lock_acquire.part.0+0x11b/0x380
[ 48.282269][ T1142] ? unregister_netdevice_many_notify+0x1a51/0x21a0
[ 48.282281][ T1142] ? __pfx_lock_acquire.part.0+0x10/0x10
[ 48.282292][ T1142] ? rcu_is_watching+0x12/0xc0
[ 48.282300][ T1142] ? trace_lock_acquire+0x14e/0x1f0
[ 48.282309][ T1142] ? unregister_netdevice_many_notify+0x1a51/0x21a0
[ 48.282319][ T1142] ? lock_acquire+0x2f/0xb0
[ 48.282330][ T1142] ? unregister_netdevice_many_notify+0x1a51/0x21a0
[ 48.282340][ T1142] __mutex_lock+0x19b/0xb10
[ 48.282348][ T1142] ? unregister_netdevice_many_notify+0x1a51/0x21a0
[ 48.282359][ T1142] ? unregister_netdevice_many_notify+0x1a51/0x21a0
[ 48.282370][ T1142] ? __pfx___mutex_lock+0x10/0x10
[ 48.282378][ T1142] ? __pfx_wait_rcu_exp_gp+0x10/0x10
[ 48.282389][ T1142] ? __pfx___might_resched+0x10/0x10
[ 48.282402][ T1142] ? unregister_netdevice_many_notify+0x959/0x21a0
[ 48.282413][ T1142] ? unregister_netdevice_many_notify+0x1a51/0x21a0
[ 48.282423][ T1142] unregister_netdevice_many_notify+0x1a51/0x21a0
[ 48.282434][ T1142] ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[ 48.282446][ T1142] ? find_held_lock+0x2d/0x110
[ 48.282454][ T1142] ? kernfs_remove_by_name_ns+0xc4/0x130
[ 48.282464][ T1142] ? __pfx_lock_release+0x10/0x10
[ 48.282475][ T1142] ? __call_rcu_common.constprop.0+0x3ea/0x870
[ 48.282487][ T1142] unregister_netdevice_queue+0x307/0x3f0
[ 48.282498][ T1142] ? __pfx_unregister_netdevice_queue+0x10/0x10
[ 48.282509][ T1142] _cfg80211_unregister_wdev+0x64b/0x830
[ 48.282520][ T1142] ieee80211_remove_interfaces+0x34f/0x720
[ 48.282532][ T1142] ? __pfx_ieee80211_remove_interfaces+0x10/0x10
[ 48.282545][ T1142] ieee80211_unregister_hw+0x55/0x3a0
[ 48.282558][ T1142] hwsim_exit_net+0x3ad/0x7d0
[ 48.282567][ T1142] ? __pfx_hwsim_exit_net+0x10/0x10
[ 48.282580][ T1142] ? ip_vs_sync_net_cleanup+0x72/0xb0
[ 48.282593][ T1142] ? __ip_vs_dev_cleanup_batch+0xb1/0x290
[ 48.282604][ T1142] ? __pfx_hwsim_exit_net+0x10/0x10
[ 48.282617][ T1142] ops_exit_list+0xb0/0x180
[ 48.282627][ T1142] cleanup_net+0x5c6/0xbf0
[ 48.282637][ T1142] ? __pfx_cleanup_net+0x10/0x10
[ 48.282647][ T1142] ? lock_acquire+0x2f/0xb0
[ 48.282657][ T1142] ? process_one_work+0x921/0x1ba0
[ 48.282668][ T1142] process_one_work+0x9c5/0x1ba0
[ 48.282680][ T1142] ? __pfx_lock_acquire.part.0+0x10/0x10
[ 48.282691][ T1142] ? __pfx_process_one_work+0x10/0x10
[ 48.282702][ T1142] ? assign_work+0x1a0/0x250
[ 48.282712][ T1142] worker_thread+0x6c8/0xf00
[ 48.282724][ T1142] ? __pfx_worker_thread+0x10/0x10
[ 48.282734][ T1142] kthread+0x3af/0x750
[ 48.282744][ T1142] ? __pfx_kthread+0x10/0x10
[ 48.282753][ T1142] ? lock_acquire+0x2f/0xb0
[ 48.282764][ T1142] ? __pfx_kthread+0x10/0x10
[ 48.282773][ T1142] ret_from_fork+0x45/0x80
[ 48.282785][ T1142] ? __pfx_kthread+0x10/0x10
[ 48.282794][ T1142] ret_from_fork_asm+0x1a/0x30
[ 48.282805][ T1142]
[ 48.604846][ T1142] hsr_slave_0: left promiscuous mode
[ 48.606904][ T1142] hsr_slave_1: left promiscuous mode
[ 48.608960][ T1142] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 48.611308][ T1142] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 48.614053][ T1142] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 48.616453][ T1142] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 48.621335][ T1142] veth1_macvtap: left promiscuous mode
[ 48.622913][ T1142] veth0_macvtap: left promiscuous mode
[ 48.624519][ T1142] veth1_vlan: left promiscuous mode
[ 48.626129][ T1142] veth0_vlan: left promiscuous mode
[ 48.763105][ T1142] team0 (unregistering): Port device team_slave_1 removed
[ 48.789027][ T1142] team0 (unregistering): Port device team_slave_0 removed
VM DIAGNOSIS:
17:29:07 Registers:
info registers vcpu 0
CPU#0
RAX=000000000003a90c RBX=0000000000000000 RCX=ffffffff8b55a469 RDX=ffffed100d4c6f7e
RSI=ffffffff8bd33ba0 RDI=ffffffff81906d59 RBP=fffffbfff1bd2ee8 RSP=ffffffff8de07e20
R8 =0000000000000000 R9 =ffffed100d4c6f7d R10=ffff88806a637beb R11=0000000000000002
R12=0000000000000000 R13=ffffffff8de97740 R14=ffffffff90620c10 R15=0000000000000000
RIP=ffffffff8b55b84f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=0000563c3b1f0c98 CR3=0000000030d38000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000004040003 Opmask01=0000000000000000 Opmask02=000000000fffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffef44ca220 0000003000000010
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffef44ca220 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e2e2e2e2e2e2e2e 2e2e2e2e2e2e2e2e
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000ff0000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f73616500000004 0000006800000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a56444057001346 4c51445156004050 4050545f494a5751 4b4a46051f560000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000081 0000000000000000 356874652f74656e 2f306d6973766564
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000001001 3030303030303230 00316e6170772f74 656e2f317968702f
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 0000563c5e79f233 73656d5f70636864
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 725f0fd109fb8661 72610fef7ffdf37f 6567777f7f7dffff 7f7f7d7f75777965
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 20646574726f7070 75736e75203a7325 0035646d2d63616d 680035646d63616d
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 0000000000000031 0000726565666965
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 0000000000000031 00006d5f65636864
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbf2b313423342c
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 262821df2e2e33df 3228df3232202b22 df312e232d2435bf 2324353124322431
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020
info registers vcpu 1
CPU#1
RAX=0000000000024134 RBX=0000000000000001 RCX=ffffffff8b55a469 RDX=ffffed100d4e6f7e
RSI=ffffffff8bd33ba0 RDI=ffffffff81906d59 RBP=ffffed1003b59910 RSP=ffffc90000187e08
R8 =0000000000000000 R9 =ffffed100d4e6f7d R10=ffff88806a737beb R11=0000000000044d00
R12=0000000000000001 R13=ffff88801dacc880 R14=ffffffff90620c10 R15=0000000000000000
RIP=ffffffff8b55b84f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00005591c106a230 CR3=000000000df80000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000004080 Opmask01=0000000000000040 Opmask02=000000007ffeffff Opmask03=0000000000000000
Opmask04=00000000ffffffff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f19eb3ec50eab364 e0494286f23efa6c
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 797a1b1a6df99b9d ce69b36d2caaa05b
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 deead6290dc74de5 3e59509ef10d5bfd
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 823c06471c352b4e f5fd664976765f1e
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000009c0
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 23aaf73e23c92dae 0000002123d3292e
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0080010000800100 675633dbccfc1628
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000002100800100 23bced0600000021
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 008001003bcb9760 00000021f5ca2192
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ca4a4a0aebc9adea 4686965aee619069
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e85a99889606961e 51789db28ad23714
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 54003d534b4e494c 564544003d4d4554 535953425553003d 4854415056454400
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 540018534b4e494c 56454400184d4554 5359534255530018 4854415056454400
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001c1 0000000000000040 0000000000302d78 722f736575657571
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000007fa1 0000000000000037 6c6c696b66722f34 7968702f31313230
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4943213f395b2249 5a6e786b6e646b7e 59647a305f474f5b 647c79303a243a78
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 26483b3a3a264b3b 3a0a00307f617930 3b2433273f397b27 697a787c69303b7e
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020
info registers vcpu 2
CPU#2
RAX=000000000001a8b4 RBX=0000000000000002 RCX=ffffffff8b55a469 RDX=ffffed100d506f7e
RSI=ffffffff8bd33ba0 RDI=ffffffff81906d59 RBP=ffffed1003b5c000 RSP=ffffc90000197e08
R8 =0000000000000000 R9 =ffffed100d506f7d R10=ffff88806a837beb R11=0000000000000000
R12=0000000000000002 R13=ffff88801dae0000 R14=ffffffff90620c10 R15=0000000000000000
RIP=ffffffff8b55b84f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe000008f000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00005591c106a230 CR3=000000002f59e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000062003 Opmask01=0000000000100000 Opmask02=000000000fffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000080000010015 0000000c00000028
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000e00000001 0000000000000006
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0043004400010015 0000000000000040
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000ff0000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 50422064656e7761 7073203a73250050 5241006e65706f5f 667062203a732500
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 50420541404b5244 5556051f56000050 5241004b40554a5f 435547051f560000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000081 0000000000000000 356874652f74656e 2f306d6973766564
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000001001 3030303030303230 00316e6170772f74 656e2f317968702f
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 0000563c5e79f233 73656d5f70636864
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 725f0fd109fb8661 72610fef7ffdf37f 6567777f7f7dffff 7f7f7d7f75777965
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 20646574726f7070 75736e75203a7325 0035646d2d63616d 680035646d63616d
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 0000000000000031 0000726565666965
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 0000000000000031 00006d5f65636864
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbf2b313423342c
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 262821df2e2e33df 3228df3232202b22 df312e232d2435bf 2324353124322431
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020
info registers vcpu 3
CPU#3
RAX=00000000000301ec RBX=0000000000000003 RCX=ffffffff8b55a469 RDX=ffffed100d526f7e
RSI=ffffffff8bd33ba0 RDI=ffffffff81906d59 RBP=ffffed1003b5c488 RSP=ffffc900001a7e08
R8 =0000000000000000 R9 =ffffed100d526f7d R10=ffff88806a937beb R11=0000000000000002
R12=0000000000000003 R13=ffff88801dae2440 R14=ffffffff90620c10 R15=0000000000000000
RIP=ffffffff8b55b84f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe00000d6000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=0000563bfdab2680 CR3=000000002cd86000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000060000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff42443c30 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c5f5f0045544156 4952505f4342494c
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000042494c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6362696c5f5f0045 5441564952505f43
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f6e3a6d5e007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f4b1f485e005600 0b56000041000b56 000040494a564b4a 460a5340410a000a
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 303d643a635f6d63 6169203835363d6f 6e3d202265666e6d 63732031223d3465
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
syzkaller build log:
go env (err=)
GO111MODULE='auto'
GOARCH='amd64'
GOBIN=''
GOCACHE='/syzkaller/.cache/go-build'
GOENV='/syzkaller/.config/go/env'
GOEXE=''
GOEXPERIMENT=''
GOFLAGS=''
GOHOSTARCH='amd64'
GOHOSTOS='linux'
GOINSECURE=''
GOMODCACHE='/syzkaller/jobs/linux/gopath/pkg/mod'
GONOPROXY=''
GONOSUMDB=''
GOOS='linux'
GOPATH='/syzkaller/jobs/linux/gopath'
GOPRIVATE=''
GOPROXY='https://proxy.golang.org,direct'
GOROOT='/usr/local/go'
GOSUMDB='sum.golang.org'
GOTMPDIR=''
GOTOOLCHAIN='auto'
GOTOOLDIR='/usr/local/go/pkg/tool/linux_amd64'
GOVCS=''
GOVERSION='go1.22.7'
GCCGO='gccgo'
GOAMD64='v1'
AR='ar'
CC='gcc'
CXX='g++'
CGO_ENABLED='1'
GOMOD='/syzkaller/jobs/linux/gopath/src/github.com/google/syzkaller/go.mod'
GOWORK=''
CGO_CFLAGS='-O2 -g'
CGO_CPPFLAGS=''
CGO_CXXFLAGS='-O2 -g'
CGO_FFLAGS='-O2 -g'
CGO_LDFLAGS='-O2 -g'
PKG_CONFIG='pkg-config'
GOGCCFLAGS='-fPIC -m64 -pthread -Wl,--no-gc-sections -fmessage-length=0 -ffile-prefix-map=/tmp/go-build278775873=/tmp/go-build -gno-record-gcc-switches'
git status (err=)
HEAD detached at 3023abf07c
nothing to commit, working tree clean
tput: No value for $TERM and no -T specified
tput: No value for $TERM and no -T specified
Makefile:31: run command via tools/syz-env for best compatibility, see:
Makefile:32: https://github.com/google/syzkaller/blob/master/docs/contributing.md#using-syz-env
go list -f '{{.Stale}}' ./sys/syz-sysgen | grep -q false || go install ./sys/syz-sysgen
make .descriptions
tput: No value for $TERM and no -T specified
tput: No value for $TERM and no -T specified
Makefile:31: run command via tools/syz-env for best compatibility, see:
Makefile:32: https://github.com/google/syzkaller/blob/master/docs/contributing.md#using-syz-env
bin/syz-sysgen
touch .descriptions
GOOS=linux GOARCH=amd64 go build "-ldflags=-s -w -X github.com/google/syzkaller/prog.GitRevision=3023abf07c73c9a0a063e98c300cadf64631d98f -X 'github.com/google/syzkaller/prog.gitRevisionDate=20240411-083735'" "-tags=syz_target syz_os_linux syz_arch_amd64 " -o ./bin/linux_amd64/syz-fuzzer github.com/google/syzkaller/syz-fuzzer
GOOS=linux GOARCH=amd64 go build "-ldflags=-s -w -X github.com/google/syzkaller/prog.GitRevision=3023abf07c73c9a0a063e98c300cadf64631d98f -X 'github.com/google/syzkaller/prog.gitRevisionDate=20240411-083735'" "-tags=syz_target syz_os_linux syz_arch_amd64 " -o ./bin/linux_amd64/syz-execprog github.com/google/syzkaller/tools/syz-execprog
GOOS=linux GOARCH=amd64 go build "-ldflags=-s -w -X github.com/google/syzkaller/prog.GitRevision=3023abf07c73c9a0a063e98c300cadf64631d98f -X 'github.com/google/syzkaller/prog.gitRevisionDate=20240411-083735'" "-tags=syz_target syz_os_linux syz_arch_amd64 " -o ./bin/linux_amd64/syz-stress github.com/google/syzkaller/tools/syz-stress
mkdir -p ./bin/linux_amd64
gcc -o ./bin/linux_amd64/syz-executor executor/executor.cc \
-m64 -O2 -pthread -Wall -Werror -Wparentheses -Wunused-const-variable -Wframe-larger-than=16384 -Wno-stringop-overflow -Wno-array-bounds -Wno-format-overflow -Wno-unused-but-set-variable -Wno-unused-command-line-argument -static-pie -fpermissive -w -DGOOS_linux=1 -DGOARCH_amd64=1 \
-DHOSTGOOS_linux=1 -DGIT_REVISION=\"3023abf07c73c9a0a063e98c300cadf64631d98f\"