=============================
WARNING: suspicious RCU usage
6.1.107-syzkaller #0 Not tainted
-----------------------------
net/mac80211/sta_info.c:361 suspicious rcu_dereference_protected() usage!

other info that might help us debug this:


rcu_scheduler_active = 2, debug_locks = 1
4 locks held by syz.1.192/5063:
 #0: ffff8000182829a8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x234/0x734 net/rfkill/core.c:1278
 #1: ffff800017fe1608 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:74
 #2: ffff0000e4be87c8 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: wiphy_lock include/net/cfg80211.h:5639 [inline]
 #2: ffff0000e4be87c8 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: cfg80211_netdev_notifier_call+0x3fc/0x14cc net/wireless/core.c:1503
 #3: ffff0000f406cd40 (&wdev->mtx){+.+.}-{3:3}, at: wdev_lock net/wireless/core.h:232 [inline]
 #3: ffff0000f406cd40 (&wdev->mtx){+.+.}-{3:3}, at: cfg80211_leave+0xd0/0x1b8 net/wireless/core.c:1341

stack backtrace:
CPU: 1 PID: 5063 Comm: syz.1.192 Not tainted 6.1.107-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
Call trace:
 dump_backtrace+0x1c8/0x1f4 arch/arm64/kernel/stacktrace.c:158
 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:165
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x108/0x170 lib/dump_stack.c:106
 dump_stack+0x1c/0x58 lib/dump_stack.c:113
 lockdep_rcu_suspicious+0x260/0x464 kernel/locking/lockdep.c:6592
 sta_remove_link+0x38c/0x474 net/mac80211/sta_info.c:360
 sta_info_free+0x68/0x2ec net/mac80211/sta_info.c:405
 ieee80211_ibss_disconnect+0x2b0/0x5fc net/mac80211/ibss.c:704
 ieee80211_ibss_leave+0x30/0x108 net/mac80211/ibss.c:1868
 ieee80211_leave_ibss+0x20/0x30 net/mac80211/cfg.c:2820
 rdev_leave_ibss net/wireless/rdev-ops.h:561 [inline]
 __cfg80211_leave_ibss+0x248/0x5b4 net/wireless/ibss.c:211
 __cfg80211_leave+0x1cc/0x43c net/wireless/core.c:1293
 cfg80211_leave+0xdc/0x1b8 net/wireless/core.c:1342
 cfg80211_netdev_notifier_call+0x408/0x14cc net/wireless/core.c:1504
 notifier_call_chain kernel/notifier.c:87 [inline]
 raw_notifier_call_chain+0xd4/0x164 kernel/notifier.c:455
 call_netdevice_notifiers_info net/core/dev.c:1970 [inline]
 call_netdevice_notifiers_extack net/core/dev.c:2008 [inline]
 call_netdevice_notifiers net/core/dev.c:2022 [inline]
 __dev_close_many+0x1b8/0x3c4 net/core/dev.c:1515
 dev_close_many+0x1e0/0x468 net/core/dev.c:1566
 dev_close+0x174/0x250 net/core/dev.c:1592
 cfg80211_shutdown_all_interfaces+0xc0/0x1d8 net/wireless/core.c:275
 cfg80211_rfkill_set_block+0x30/0x50 net/wireless/core.c:307
 rfkill_set_block+0x18c/0x37c net/rfkill/core.c:345
 rfkill_fop_write+0x578/0x734 net/rfkill/core.c:1286
 vfs_write+0x2a4/0x91c fs/read_write.c:582
 ksys_write+0x15c/0x26c fs/read_write.c:637
 __do_sys_write fs/read_write.c:649 [inline]
 __se_sys_write fs/read_write.c:646 [inline]
 __arm64_sys_write+0x7c/0x90 fs/read_write.c:646
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2c0 arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:140
 do_el0_svc+0x64/0x218 arch/arm64/kernel/syscall.c:204
 el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585