======================================================
WARNING: possible circular locking dependency detected
6.13.0-next-20250128 #1 Not tainted
------------------------------------------------------
kworker/u8:0/11 is trying to acquire lock:
ffffffff8621d9a8 (rtnl_mutex){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x1612/0x1c80

but task is already holding lock:
ffff88803a710768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #1 (&rdev->wiphy.mtx){+.+.}-{4:4}:
       __mutex_lock+0x13d/0xb50
       wiphy_register+0x1b2e/0x25d0
       ieee80211_register_hw+0x23a4/0x3d60
       mac80211_hwsim_new_radio+0x2759/0x4d60
       init_mac80211_hwsim+0x389/0x870
       do_one_initcall+0xf9/0x640
       kernel_init_freeable+0x53d/0x7a0
       kernel_init+0x1e/0x2d0
       ret_from_fork+0x48/0x80
       ret_from_fork_asm+0x1a/0x30

-> #0 (rtnl_mutex){+.+.}-{4:4}:
       __lock_acquire+0x29fd/0x4580
       lock_acquire+0x19b/0x520
       __mutex_lock+0x13d/0xb50
       unregister_netdevice_many_notify+0x1612/0x1c80
       unregister_netdevice_queue+0x224/0x2e0
       _cfg80211_unregister_wdev+0x57b/0x700
       ieee80211_remove_interfaces+0x2f2/0x6b0
       ieee80211_unregister_hw+0x55/0x3a0
       hwsim_exit_net+0x3a0/0x730
       ops_exit_list+0xb3/0x180
       cleanup_net+0x546/0xad0
       process_one_work+0x8ee/0x1a10
       worker_thread+0x674/0xe70
       kthread+0x3ab/0x720
       ret_from_fork+0x48/0x80
       ret_from_fork_asm+0x1a/0x30

other info that might help us debug this:

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&rdev->wiphy.mtx);
                               lock(rtnl_mutex);
                               lock(&rdev->wiphy.mtx);
  lock(rtnl_mutex);

 *** DEADLOCK ***

4 locks held by kworker/u8:0/11:
 #0: ffff888008fdb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12b6/0x1a10
 #1: ffff8880095dfd30 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x861/0x1a10
 #2: ffffffff862119d0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xad0
 #3: ffff88803a710768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0xf2/0x6b0

stack backtrace:
CPU: 1 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.13.0-next-20250128 #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
Workqueue: netns cleanup_net
Call Trace:
 <TASK>
 dump_stack_lvl+0xca/0x120
 print_circular_bug+0x47b/0x750
 check_noncircular+0x2e9/0x3c0
 __lock_acquire+0x29fd/0x4580
 lock_acquire+0x19b/0x520
 __mutex_lock+0x13d/0xb50
 unregister_netdevice_many_notify+0x1612/0x1c80
 unregister_netdevice_queue+0x224/0x2e0
 _cfg80211_unregister_wdev+0x57b/0x700
 ieee80211_remove_interfaces+0x2f2/0x6b0
 ieee80211_unregister_hw+0x55/0x3a0
 hwsim_exit_net+0x3a0/0x730
 ops_exit_list+0xb3/0x180
 cleanup_net+0x546/0xad0
 process_one_work+0x8ee/0x1a10
 worker_thread+0x674/0xe70
 kthread+0x3ab/0x720
 ret_from_fork+0x48/0x80
 ret_from_fork_asm+0x1a/0x30
 </TASK>
loop4: detected capacity change from 0 to 128
loop5: detected capacity change from 0 to 128
mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
loop5: detected capacity change from 0 to 128
loop4: detected capacity change from 0 to 128
loop5: detected capacity change from 0 to 128
loop4: detected capacity change from 0 to 128
FAULT_INJECTION: forcing a failure.
name failslab, interval 1, probability 0, space 0, times 0
CPU: 0 UID: 0 PID: 9330 Comm: syz-executor.4 Not tainted 6.13.0-next-20250128 #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
Call Trace:
 <TASK>
 dump_stack_lvl+0xfa/0x120
 should_fail_ex+0x4d7/0x5e0
 should_failslab+0xc2/0x120
 kmem_cache_alloc_lru_noprof+0x74/0x3c0
 ext4_alloc_inode+0x28/0x650
 alloc_inode+0x63/0x240
 new_inode+0x1c/0x190
 __ext4_new_inode+0x2f0/0x4b20
 ext4_mkdir+0x33d/0xb30
 vfs_mkdir+0x291/0x4f0
 do_mkdirat+0x1a4/0x350
 __x64_sys_mkdir+0xf3/0x140
 do_syscall_64+0xbf/0x1d0
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f3de98b1c27
Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f3de6e27fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f3de98b1c27
RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
RBP: 00007f3de6e28040 R08: 0000000000000000 R09: ffffffffffffffff
R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
R13: 0000000020000100 R14: 00007f3de6e28000 R15: 0000000020011300
 </TASK>
mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
Bluetooth: hci0: command 0x0c1a tx timeout
Bluetooth: hci0: Opcode 0x0c1a failed: -110
Bluetooth: hci0: Error when powering off device on rfkill (-110)