program:
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/ipc\x00')
unshare(0x6a040000)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x12}, [@IFLA_MTU={0x8, 0x4, 0x46}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)

[   75.308557][ T5300] Bluetooth: hci0: command tx timeout
[   75.657719][ T1348] e1000 0000:00:06.0 eth0: Reset adapter
[   75.699956][ T5315] 
[   75.700933][ T5315] ======================================================
[   75.703525][ T5315] WARNING: possible circular locking dependency detected
[   75.706248][ T5315] 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 Not tainted
[   75.708930][ T5315] ------------------------------------------------------
[   75.711765][ T5315] syz.0.0/5315 is trying to acquire lock:
[   75.713963][ T5315] ffff8880333a96f0 ((work_completion)(&adapter->reset_task)){+.+.}-{0:0}, at: __flush_work+0xd2/0xbc0
[   75.718715][ T5315] 
[   75.718715][ T5315] but task is already holding lock:
[   75.721747][ T5315] ffffffff8f505988 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[   75.725403][ T5315] 
[   75.725403][ T5315] which lock already depends on the new lock.
[   75.725403][ T5315] 
[   75.729657][ T5315] 
[   75.729657][ T5315] the existing dependency chain (in reverse order) is:
[   75.733204][ T5315] 
[   75.733204][ T5315] -> #1 (rtnl_mutex){+.+.}-{4:4}:
[   75.736331][ T5315]        lock_acquire+0x120/0x360
[   75.738509][ T5315]        __mutex_lock+0x182/0xe80
[   75.740664][ T5315]        e1000_reset_task+0x56/0xc0
[   75.742797][ T5315]        process_scheduled_works+0xade/0x17b0
[   75.745188][ T5315]        worker_thread+0x8a0/0xda0
[   75.747266][ T5315]        kthread+0x70e/0x8a0
[   75.749178][ T5315]        ret_from_fork+0x3fc/0x770
[   75.751309][ T5315]        ret_from_fork_asm+0x1a/0x30
[   75.753455][ T5315] 
[   75.753455][ T5315] -> #0 ((work_completion)(&adapter->reset_task)){+.+.}-{0:0}:
[   75.757467][ T5315]        validate_chain+0xb9b/0x2140
[   75.759770][ T5315]        __lock_acquire+0xab9/0xd20
[   75.761985][ T5315]        lock_acquire+0x120/0x360
[   75.764154][ T5315]        __flush_work+0x6b8/0xbc0
[   75.766241][ T5315]        __cancel_work_sync+0xbe/0x110
[   75.768598][ T5315]        e1000_down+0x402/0x6b0
[   75.770357][ T5315]        e1000_close+0x17b/0xa10
[   75.772566][ T5315]        __dev_close_many+0x364/0x6f0
[   75.775127][ T5315]        __dev_change_flags+0x2c7/0x6d0
[   75.777498][ T5315]        netif_change_flags+0x88/0x1a0
[   75.779791][ T5315]        do_setlink+0xcb9/0x40d0
[   75.781893][ T5315]        rtnl_newlink+0x149f/0x1c70
[   75.783874][ T5315]        rtnetlink_rcv_msg+0x7cf/0xb70
[   75.785997][ T5315]        netlink_rcv_skb+0x21c/0x490
[   75.788196][ T5315]        netlink_unicast+0x758/0x8d0
[   75.790486][ T5315]        netlink_sendmsg+0x805/0xb30
[   75.792675][ T5315]        __sock_sendmsg+0x219/0x270
[   75.794792][ T5315]        ____sys_sendmsg+0x505/0x830
[   75.796846][ T5315]        ___sys_sendmsg+0x21f/0x2a0
[   75.799056][ T5315]        __x64_sys_sendmsg+0x19b/0x260
[   75.801379][ T5315]        do_syscall_64+0xfa/0x3b0
[   75.803567][ T5315]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.806236][ T5315] 
[   75.806236][ T5315] other info that might help us debug this:
[   75.806236][ T5315] 
[   75.810513][ T5315]  Possible unsafe locking scenario:
[   75.810513][ T5315] 
[   75.813748][ T5315]        CPU0                    CPU1
[   75.815903][ T5315]        ----                    ----
[   75.818070][ T5315]   lock(rtnl_mutex);
[   75.819765][ T5315]                                lock((work_completion)(&adapter->reset_task));
[   75.823535][ T5315]                                lock(rtnl_mutex);
[   75.826066][ T5315]   lock((work_completion)(&adapter->reset_task));
[   75.828731][ T5315] 
[   75.828731][ T5315]  *** DEADLOCK ***
[   75.828731][ T5315] 
[   75.832282][ T5315] 2 locks held by syz.0.0/5315:
[   75.834398][ T5315]  #0: ffffffff8f505988 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[   75.838395][ T5315]  #1: ffffffff8e13ccc0 (rcu_read_lock){....}-{1:3}, at: __flush_work+0xd2/0xbc0
[   75.842180][ T5315] 
[   75.842180][ T5315] stack backtrace:
[   75.844753][ T5315] CPU: 0 UID: 0 PID: 5315 Comm: syz.0.0 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) 
[   75.844763][ T5315] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.844768][ T5315] Call Trace:
[   75.844774][ T5315]  <TASK>
[   75.844778][ T5315]  dump_stack_lvl+0x189/0x250
[   75.844797][ T5315]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.844810][ T5315]  ? __pfx__printk+0x10/0x10
[   75.844821][ T5315]  ? print_lock_name+0xde/0x100
[   75.844830][ T5315]  print_circular_bug+0x2ee/0x310
[   75.844844][ T5315]  check_noncircular+0x134/0x160
[   75.844860][ T5315]  validate_chain+0xb9b/0x2140
[   75.844873][ T5315]  ? do_raw_spin_lock+0x121/0x290
[   75.844884][ T5315]  ? look_up_lock_class+0x74/0x170
[   75.844898][ T5315]  ? register_lock_class+0x51/0x320
[   75.844910][ T5315]  __lock_acquire+0xab9/0xd20
[   75.844923][ T5315]  ? __flush_work+0xd2/0xbc0
[   75.844937][ T5315]  lock_acquire+0x120/0x360
[   75.844949][ T5315]  ? __flush_work+0xd2/0xbc0
[   75.844964][ T5315]  ? _raw_spin_unlock_irq+0x23/0x50
[   75.844976][ T5315]  ? __flush_work+0xd2/0xbc0
[   75.844991][ T5315]  __flush_work+0x6b8/0xbc0
[   75.845004][ T5315]  ? __flush_work+0xd2/0xbc0
[   75.845020][ T5315]  ? __flush_work+0xd2/0xbc0
[   75.845033][ T5315]  ? __pfx___flush_work+0x10/0x10
[   75.845047][ T5315]  ? __pfx_wq_barrier_func+0x10/0x10
[   75.845062][ T5315]  ? __pfx___cancel_work+0x10/0x10
[   75.845071][ T5315]  ? __local_bh_enable_ip+0x12d/0x1c0
[   75.845086][ T5315]  __cancel_work_sync+0xbe/0x110
[   75.845095][ T5315]  e1000_down+0x402/0x6b0
[   75.845112][ T5315]  ? e1000_down+0xb2/0x6b0
[   75.845125][ T5315]  ? __pfx_e1000_close+0x10/0x10
[   75.845134][ T5315]  e1000_close+0x17b/0xa10
[   75.845145][ T5315]  ? do_raw_spin_unlock+0x4d/0x240
[   75.845153][ T5315]  ? dev_deactivate_many+0xb82/0xd40
[   75.845168][ T5315]  ? __pfx_e1000_close+0x10/0x10
[   75.845177][ T5315]  ? dev_deactivate_many+0x258/0xd40
[   75.845191][ T5315]  ? __pfx_e1000_close+0x10/0x10
[   75.845201][ T5315]  __dev_close_many+0x364/0x6f0
[   75.845216][ T5315]  ? __pfx___dev_close_many+0x10/0x10
[   75.845230][ T5315]  __dev_change_flags+0x2c7/0x6d0
[   75.845245][ T5315]  ? __pfx_netif_set_mtu_ext+0x10/0x10
[   75.845259][ T5315]  ? __pfx___dev_change_flags+0x10/0x10
[   75.845272][ T5315]  ? netif_state_change+0x256/0x3a0
[   75.845285][ T5315]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   75.845311][ T5315]  netif_change_flags+0x88/0x1a0
[   75.845327][ T5315]  do_setlink+0xcb9/0x40d0
[   75.845343][ T5315]  ? __lock_acquire+0xab9/0xd20
[   75.845356][ T5315]  ? __pfx_do_setlink+0x10/0x10
[   75.845370][ T5315]  ? do_raw_spin_lock+0x121/0x290
[   75.845381][ T5315]  ? lockdep_hardirqs_on+0x9c/0x150
[   75.845394][ T5315]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   75.845407][ T5315]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   75.845420][ T5315]  ? rcu_is_watching+0x15/0xb0
[   75.845433][ T5315]  ? __mutex_lock+0xa6d/0xe80
[   75.845447][ T5315]  ? __mutex_lock+0x51b/0xe80
[   75.845462][ T5315]  ? rtnl_newlink+0x8db/0x1c70
[   75.845475][ T5315]  ? __pfx___mutex_lock+0x10/0x10
[   75.845490][ T5315]  ? ns_capable+0x8a/0xf0
[   75.845502][ T5315]  ? rtnl_link_get_net_capable+0x16a/0x350
[   75.845517][ T5315]  rtnl_newlink+0x149f/0x1c70
[   75.845532][ T5315]  ? __pfx_rtnl_newlink+0x10/0x10
[   75.845545][ T5315]  ? stack_depot_save_flags+0x429/0x900
[   75.845606][ T5315]  ? __lock_acquire+0xab9/0xd20
[   75.845621][ T5315]  ? __lock_acquire+0xab9/0xd20
[   75.845637][ T5315]  ? is_bpf_text_address+0x26/0x2b0
[   75.845651][ T5315]  ? is_bpf_text_address+0x292/0x2b0
[   75.845663][ T5315]  ? is_bpf_text_address+0x26/0x2b0
[   75.845677][ T5315]  ? __lock_acquire+0xab9/0xd20
[   75.845691][ T5315]  ? __pfx_rtnl_newlink+0x10/0x10
[   75.845703][ T5315]  rtnetlink_rcv_msg+0x7cf/0xb70
[   75.845715][ T5315]  ? kasan_save_track+0x4f/0x80
[   75.845726][ T5315]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[   75.845739][ T5315]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   75.845753][ T5315]  ? __lock_acquire+0xab9/0xd20
[   75.845767][ T5315]  netlink_rcv_skb+0x21c/0x490
[   75.845781][ T5315]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   75.845793][ T5315]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   75.845810][ T5315]  ? netlink_deliver_tap+0x2e/0x1b0
[   75.845823][ T5315]  ? netlink_deliver_tap+0x2e/0x1b0
[   75.845836][ T5315]  netlink_unicast+0x758/0x8d0
[   75.845850][ T5315]  netlink_sendmsg+0x805/0xb30
[   75.845863][ T5315]  ? __pfx_netlink_sendmsg+0x10/0x10
[   75.845877][ T5315]  ? aa_sock_msg_perm+0x94/0x160
[   75.845890][ T5315]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   75.845900][ T5315]  ? __pfx_netlink_sendmsg+0x10/0x10
[   75.845913][ T5315]  __sock_sendmsg+0x219/0x270
[   75.845926][ T5315]  ____sys_sendmsg+0x505/0x830
[   75.845937][ T5315]  ? __pfx_____sys_sendmsg+0x10/0x10
[   75.845947][ T5315]  ? import_iovec+0x74/0xa0
[   75.845959][ T5315]  ___sys_sendmsg+0x21f/0x2a0
[   75.845969][ T5315]  ? __pfx____sys_sendmsg+0x10/0x10
[   75.845985][ T5315]  ? __fget_files+0x2a/0x420
[   75.845997][ T5315]  ? __fget_files+0x3a0/0x420
[   75.846011][ T5315]  __x64_sys_sendmsg+0x19b/0x260
[   75.846021][ T5315]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   75.846032][ T5315]  ? rcu_is_watching+0x15/0xb0
[   75.846045][ T5315]  ? do_syscall_64+0xbe/0x3b0
[   75.846060][ T5315]  do_syscall_64+0xfa/0x3b0
[   75.846075][ T5315]  ? lockdep_hardirqs_on+0x9c/0x150
[   75.846089][ T5315]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.846099][ T5315]  ? clear_bhb_loop+0x60/0xb0
[   75.846110][ T5315]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.846120][ T5315] RIP: 0033:0x7fdd5b78e969
[   75.846131][ T5315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.846139][ T5315] RSP: 002b:00007fdd5c625038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   75.846151][ T5315] RAX: ffffffffffffffda RBX: 00007fdd5b9b5fa0 RCX: 00007fdd5b78e969
[   75.846159][ T5315] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000004
[   75.846166][ T5315] RBP: 00007fdd5b810ab1 R08: 0000000000000000 R09: 0000000000000000
[   75.846174][ T5315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   75.846181][ T5315] R13: 0000000000000000 R14: 00007fdd5b9b5fa0 R15: 00007ffd5c475898
[   75.846192][ T5315]  </TASK>
[   76.328324][ T1313] ieee802154 phy0 wpan0: encryption failed: -22
[   76.330792][ T1313] ieee802154 phy1 wpan1: encryption failed: -22
[   77.366914][ T5300] Bluetooth: hci0: command tx timeout
[   79.447389][ T5300] Bluetooth: hci0: command tx timeout
[   81.526858][ T5300] Bluetooth: hci0: command tx timeout