INFO: task syz.5.162:6385 blocked for more than 143 seconds.
Not tainted 6.14.0-next-20250404-syzkaller #0
Blocked by coredump.
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.5.162 state:D stack:25416 pid:6385 tgid:6385 ppid:6281 task_flags:0x40044c flags:0x00004006
Call Trace:
context_switch kernel/sched/core.c:5382 [inline]
__schedule+0x1b88/0x5240 kernel/sched/core.c:6767
__schedule_loop kernel/sched/core.c:6845 [inline]
schedule+0x163/0x360 kernel/sched/core.c:6860
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6917
__mutex_lock_common kernel/locking/mutex.c:678 [inline]
__mutex_lock+0x805/0x10c0 kernel/locking/mutex.c:746
rcu_barrier+0x4c/0x530 kernel/rcu/tree.c:3774
netdev_run_todo+0x380/0xf30 net/core/dev.c:11283
tun_detach drivers/net/tun.c:639 [inline]
tun_chr_close+0x137/0x1b0 drivers/net/tun.c:3390
__fput+0x3e9/0x9f0 fs/file_table.c:465
task_work_run+0x251/0x310 kernel/task_work.c:227
exit_task_work include/linux/task_work.h:40 [inline]
do_exit+0xa0d/0x27e0 kernel/exit.c:953
do_group_exit+0x207/0x2c0 kernel/exit.c:1102
get_signal+0x1696/0x1730 kernel/signal.c:3034
arch_do_signal_or_restart+0x98/0x840 arch/x86/kernel/signal.c:337
exit_to_user_mode_loop kernel/entry/common.c:111 [inline]
exit_to_user_mode_prepare include/linux/entry-common.h:329 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]
syscall_exit_to_user_mode+0xce/0x340 kernel/entry/common.c:218
do_syscall_64+0x100/0x230 arch/x86/entry/syscall_64.c:100
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f6e5eb8d169
RSP: 002b:00007fff0ea3d528 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
RAX: 0000000000000000 RBX: 0000000000022ea1 RCX: 00007f6e5eb8d169
RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
RBP: 00007f6e5eda7ba0 R08: 0000000000000001 R09: 000000030ea3d81f
R10: 00007f6e5ea00000 R11: 0000000000000246 R12: 00007f6e5eda5fac
R13: 00007f6e5eda5fa0 R14: ffffffffffffffff R15: 00007fff0ea3d640
INFO: task syz.4.171:6408 blocked for more than 145 seconds.
Not tainted 6.14.0-next-20250404-syzkaller #0
Blocked by coredump.
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.4.171 state:D stack:25288 pid:6408 tgid:6408 ppid:5845 task_flags:0x40044c flags:0x00004006
Call Trace:
context_switch kernel/sched/core.c:5382 [inline]
__schedule+0x1b88/0x5240 kernel/sched/core.c:6767
__schedule_loop kernel/sched/core.c:6845 [inline]
schedule+0x163/0x360 kernel/sched/core.c:6860
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6917
__mutex_lock_common kernel/locking/mutex.c:678 [inline]
__mutex_lock+0x805/0x10c0 kernel/locking/mutex.c:746
rcu_barrier+0x4c/0x530 kernel/rcu/tree.c:3774
netdev_run_todo+0x380/0xf30 net/core/dev.c:11283
tun_detach drivers/net/tun.c:639 [inline]
tun_chr_close+0x137/0x1b0 drivers/net/tun.c:3390
__fput+0x3e9/0x9f0 fs/file_table.c:465
task_work_run+0x251/0x310 kernel/task_work.c:227
exit_task_work include/linux/task_work.h:40 [inline]
do_exit+0xa0d/0x27e0 kernel/exit.c:953
do_group_exit+0x207/0x2c0 kernel/exit.c:1102
get_signal+0x1696/0x1730 kernel/signal.c:3034
arch_do_signal_or_restart+0x98/0x840 arch/x86/kernel/signal.c:337
exit_to_user_mode_loop kernel/entry/common.c:111 [inline]
exit_to_user_mode_prepare include/linux/entry-common.h:329 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]
syscall_exit_to_user_mode+0xce/0x340 kernel/entry/common.c:218
do_syscall_64+0x100/0x230 arch/x86/entry/syscall_64.c:100
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f97e918d169
RSP: 002b:00007fff0fe94498 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
RAX: 0000000000000000 RBX: 00000000000240c1 RCX: 00007f97e918d169
RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
RBP: 00007f97e93a7ba0 R08: 0000000000000001 R09: 000000030fe9478f
R10: 00007f97e9000000 R11: 0000000000000246 R12: 00007f97e93a5fac
R13: 00007f97e93a5fa0 R14: ffffffffffffffff R15: 00007fff0fe945b0
INFO: task syz-executor:6524 blocked for more than 146 seconds.
Not tainted 6.14.0-next-20250404-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor state:D stack:21848 pid:6524 tgid:6524 ppid:1 task_flags:0x400140 flags:0x00000004
Call Trace:
context_switch kernel/sched/core.c:5382 [inline]
__schedule+0x1b88/0x5240 kernel/sched/core.c:6767
__schedule_loop kernel/sched/core.c:6845 [inline]
schedule+0x163/0x360 kernel/sched/core.c:6860
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6917
__mutex_lock_common kernel/locking/mutex.c:678 [inline]
__mutex_lock+0x805/0x10c0 kernel/locking/mutex.c:746
device_lock include/linux/device.h:922 [inline]
device_del+0xa8/0x9b0 drivers/base/core.c:3817
device_unregister+0x20/0xc0 drivers/base/core.c:3896
nsim_bus_dev_del drivers/net/netdevsim/bus.c:462 [inline]
del_device_store+0x367/0x490 drivers/net/netdevsim/bus.c:226
kernfs_fop_write_iter+0x398/0x510 fs/kernfs/file.c:334
new_sync_write fs/read_write.c:591 [inline]
vfs_write+0x70f/0xd10 fs/read_write.c:684
ksys_write+0x19d/0x2d0 fs/read_write.c:736
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7ff6e378bc1f
RSP: 002b:00007ffe9a5583c0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007ff6e378bc1f
RDX: 0000000000000001 RSI: 00007ffe9a558410 RDI: 0000000000000005
RBP: 00007ff6e380f4fd R08: 0000000000000000 R09: 00007ffe9a558217
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
R13: 00007ffe9a558410 R14: 00007ff6e44d4620 R15: 0000000000000003
Showing all locks held in the system:
4 locks held by kworker/0:0/9:
3 locks held by kworker/0:1/10:
3 locks held by kworker/u8:1/13:
#0: ffff8880311c6948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3213 [inline]
#0: ffff8880311c6948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x990/0x18e0 kernel/workqueue.c:3319
#1: ffffc90000127c60 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3214 [inline]
#1: ffffc90000127c60 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9cb/0x18e0 kernel/workqueue.c:3319
#2: ffffffff900ff548 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#2: ffffffff900ff548 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30 net/ipv6/addrconf.c:4730
1 lock held by kworker/R-mm_pe/14:
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x31/0x390 kernel/workqueue.c:2678
1 lock held by khungtaskd/31:
#0: ffffffff8ed3e440 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
#0: ffffffff8ed3e440 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:841 [inline]
#0: ffffffff8ed3e440 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x30/0x180 kernel/locking/lockdep.c:6764
2 locks held by kworker/u8:2/36:
3 locks held by kworker/1:1/47:
#0: ffff88805dd4a148 ((wq_completion)wg-kex-wg0#8){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3213 [inline]
#0: ffff88805dd4a148 ((wq_completion)wg-kex-wg0#8){+.+.}-{0:0}, at: process_scheduled_works+0x990/0x18e0 kernel/workqueue.c:3319
#1: ffffc90000b87c60 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3214 [inline]
#1: ffffc90000b87c60 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9cb/0x18e0 kernel/workqueue.c:3319
#2: ffff88805c62d278 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_begin_session+0x38/0xc00 drivers/net/wireguard/noise.c:822
6 locks held by kworker/u8:4/63:
#0: ffff88801bef6148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3213 [inline]
#0: ffff88801bef6148 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x990/0x18e0 kernel/workqueue.c:3319
#1: ffffc90001557c60 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3214 [inline]
#1: ffffc90001557c60 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9cb/0x18e0 kernel/workqueue.c:3319
#2: ffffffff900f2910 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0x17c/0xd60 net/core/net_namespace.c:608
#3: ffff8880122470e8 (&dev->mutex){....}-{4:4}, at: device_lock include/linux/device.h:922 [inline]
#3: ffff8880122470e8 (&dev->mutex){....}-{4:4}, at: devl_dev_lock net/devlink/devl_internal.h:108 [inline]
#3: ffff8880122470e8 (&dev->mutex){....}-{4:4}, at: devlink_pernet_pre_exit+0x13d/0x450 net/devlink/core.c:506
#4: ffff88805c918250 (&devlink->lock_key#2){+.+.}-{4:4}, at: devl_lock net/devlink/core.c:276 [inline]
#4: ffff88805c918250 (&devlink->lock_key#2){+.+.}-{4:4}, at: devl_dev_lock net/devlink/devl_internal.h:109 [inline]
#4: ffff88805c918250 (&devlink->lock_key#2){+.+.}-{4:4}, at: devlink_pernet_pre_exit+0x14f/0x450 net/devlink/core.c:506
#5: ffffffff8ed43840 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x530 kernel/rcu/tree.c:3774
2 locks held by kworker/0:2/975:
3 locks held by kworker/u8:6/1331:
#0: ffff88801b089148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3213 [inline]
#0: ffff88801b089148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x990/0x18e0 kernel/workqueue.c:3319
#1: ffffc9000446fc60 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3214 [inline]
#1: ffffc9000446fc60 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9cb/0x18e0 kernel/workqueue.c:3319
#2: ffffffff900ff548 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60 net/core/link_watch.c:285
1 lock held by kworker/R-dm_bu/2813:
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x31/0x390 kernel/workqueue.c:2678
4 locks held by kworker/1:2/3401:
#0: ffff88807dbac948 ((wq_completion)wg-kex-wg2#14){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3213 [inline]
#0: ffff88807dbac948 ((wq_completion)wg-kex-wg2#14){+.+.}-{0:0}, at: process_scheduled_works+0x990/0x18e0 kernel/workqueue.c:3319
#1: ffffc9000be47c60 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3214 [inline]
#1: ffffc9000be47c60 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9cb/0x18e0 kernel/workqueue.c:3319
#2: ffff88806120d308 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x151/0xd60 drivers/net/wireguard/noise.c:598
#3: ffff88807c1aa0f0 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x711/0xd60 drivers/net/wireguard/noise.c:632
2 locks held by getty/5594:
#0: ffff888031d9d0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243
#1: ffffc9000334b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x5bb/0x1700 drivers/tty/n_tty.c:2222
7 locks held by kworker/u9:2/5846:
#0: ffff88802a8d8948 ((wq_completion)hci5){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3213 [inline]
#0: ffff88802a8d8948 ((wq_completion)hci5){+.+.}-{0:0}, at: process_scheduled_works+0x990/0x18e0 kernel/workqueue.c:3319
#1: ffffc900042ffc60 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3214 [inline]
#1: ffffc900042ffc60 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9cb/0x18e0 kernel/workqueue.c:3319
#2: ffff88803248cd80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1ec/0x400 net/bluetooth/hci_sync.c:331
#3: ffff88803248c078 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1f1/0xeb0 net/bluetooth/hci_sync.c:5597
#4: ffffffff90265228 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm include/net/bluetooth/hci_core.h:2051 [inline]
#4: ffffffff90265228 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x15d/0x300 net/bluetooth/hci_conn.c:1269
#5: ffff88805c113338 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x71/0x690 net/bluetooth/l2cap_core.c:1761
#6: ffffffff8ed43978 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock kernel/rcu/tree_exp.h:336 [inline]
#6: ffffffff8ed43978 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x454/0x830 kernel/rcu/tree_exp.h:998
4 locks held by kworker/u9:3/5849:
#0: ffff8880635f2148 ((wq_completion)hci17#2){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3213 [inline]
#0: ffff8880635f2148 ((wq_completion)hci17#2){+.+.}-{0:0}, at: process_scheduled_works+0x990/0x18e0 kernel/workqueue.c:3319
#1: ffffc9000432fc60 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3214 [inline]
#1: ffffc9000432fc60 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9cb/0x18e0 kernel/workqueue.c:3319
#2: ffff8880865a4078 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9f/0x9e0 net/bluetooth/hci_event.c:3702
#3: ffffffff90265228 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm include/net/bluetooth/hci_core.h:2051 [inline]
#3: ffffffff90265228 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x5b1/0x9e0 net/bluetooth/hci_event.c:3736
2 locks held by syz-executor/5851:
#0: ffffffff8f480728 (bio_slab_lock){+.+.}-{4:4}, at: bio_put_slab block/bio.c:140 [inline]
#0: ffffffff8f480728 (bio_slab_lock){+.+.}-{4:4}, at: bioset_exit+0x42d/0x650 block/bio.c:1664
#1: ffffffff8ed43840 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x530 kernel/rcu/tree.c:3774
5 locks held by kworker/u9:6/5857:
#0: ffff888055ee7148 ((wq_completion)hci10){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3213 [inline]
#0: ffff888055ee7148 ((wq_completion)hci10){+.+.}-{0:0}, at: process_scheduled_works+0x990/0x18e0 kernel/workqueue.c:3319
#1: ffffc900043bfc60 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3214 [inline]
#1: ffffc900043bfc60 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9cb/0x18e0 kernel/workqueue.c:3319
#2: ffff888080becd80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1ec/0x400 net/bluetooth/hci_sync.c:331
#3: ffff888080bec078 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1f1/0xeb0 net/bluetooth/hci_sync.c:5597
#4: ffffffff90265228 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm include/net/bluetooth/hci_core.h:2051 [inline]
#4: ffffffff90265228 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x15d/0x300 net/bluetooth/hci_conn.c:1269
5 locks held by kworker/u9:9/5861:
#0: ffff8880541b7948 ((wq_completion)hci9){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3213 [inline]
#0: ffff8880541b7948 ((wq_completion)hci9){+.+.}-{0:0}, at: process_scheduled_works+0x990/0x18e0 kernel/workqueue.c:3319
#1: ffffc900042efc60 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3214 [inline]
#1: ffffc900042efc60 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9cb/0x18e0 kernel/workqueue.c:3319
#2: ffff888064410d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1ec/0x400 net/bluetooth/hci_sync.c:331
#3: ffff888064410078 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1f1/0xeb0 net/bluetooth/hci_sync.c:5597
#4: ffffffff90265228 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm include/net/bluetooth/hci_core.h:2051 [inline]
#4: ffffffff90265228 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x15d/0x300 net/bluetooth/hci_conn.c:1269
1 lock held by kworker/R-wg-cr/5877:
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x31/0x390 kernel/workqueue.c:2678
1 lock held by kworker/R-wg-cr/5878:
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x31/0x390 kernel/workqueue.c:2678
1 lock held by kworker/R-wg-cr/5880:
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x31/0x390 kernel/workqueue.c:2678
1 lock held by kworker/R-wg-cr/5882:
1 lock held by kworker/R-wg-cr/5883:
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_detach_from_pool kernel/workqueue.c:2736 [inline]
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: rescuer_thread+0xa44/0x1020 kernel/workqueue.c:3529
1 lock held by kworker/R-wg-cr/5884:
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x31/0x390 kernel/workqueue.c:2678
1 lock held by kworker/R-wg-cr/5885:
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x31/0x390 kernel/workqueue.c:2678
1 lock held by kworker/R-wg-cr/5888:
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_detach_from_pool kernel/workqueue.c:2736 [inline]
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: rescuer_thread+0xa44/0x1020 kernel/workqueue.c:3529
1 lock held by kworker/R-wg-cr/5891:
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x31/0x390 kernel/workqueue.c:2678
1 lock held by kworker/R-wg-cr/5892:
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x31/0x390 kernel/workqueue.c:2678
1 lock held by kworker/R-wg-cr/5893:
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x31/0x390 kernel/workqueue.c:2678
3 locks held by kworker/0:3/5895:
2 locks held by kworker/0:4/5910:
3 locks held by kworker/1:6/5919:
#0: ffff88805e235d48 ((wq_completion)wg-kex-wg0#2){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3213 [inline]
#0: ffff88805e235d48 ((wq_completion)wg-kex-wg0#2){+.+.}-{0:0}, at: process_scheduled_works+0x990/0x18e0 kernel/workqueue.c:3319
#1: ffffc90004e47c60 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3214 [inline]
#1: ffffc90004e47c60 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9cb/0x18e0 kernel/workqueue.c:3319
#2: ffff88805c629708 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_begin_session+0x38/0xc00 drivers/net/wireguard/noise.c:822
2 locks held by kworker/0:5/5941:
2 locks held by kworker/0:6/5942:
2 locks held by kworker/0:7/6174:
3 locks held by kworker/0:8/6177:
1 lock held by kworker/R-wg-cr/6296:
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_detach_from_pool kernel/workqueue.c:2736 [inline]
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: rescuer_thread+0xa44/0x1020 kernel/workqueue.c:3529
1 lock held by kworker/R-wg-cr/6297:
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x31/0x390 kernel/workqueue.c:2678
1 lock held by kworker/R-wg-cr/6301:
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x31/0x390 kernel/workqueue.c:2678
4 locks held by kworker/0:9/6330:
1 lock held by syz.5.162/6385:
#0: ffffffff8ed43840 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x530 kernel/rcu/tree.c:3774
1 lock held by syz.4.171/6408:
#0: ffffffff8ed43840 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x530 kernel/rcu/tree.c:3774
1 lock held by kworker/R-wg-cr/6415:
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x31/0x390 kernel/workqueue.c:2678
1 lock held by kworker/R-wg-cr/6416:
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x31/0x390 kernel/workqueue.c:2678
3 locks held by kworker/0:10/6418:
1 lock held by syz.3.173/6436:
#0: ffffffff8ed43840 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x530 kernel/rcu/tree.c:3774
1 lock held by syz.6.174/6441:
#0: ffffffff8ed43840 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x530 kernel/rcu/tree.c:3774
2 locks held by kworker/0:11/6453:
1 lock held by kworker/R-wg-cr/6465:
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_detach_from_pool kernel/workqueue.c:2736 [inline]
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: rescuer_thread+0xa44/0x1020 kernel/workqueue.c:3529
1 lock held by kworker/R-wg-cr/6466:
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x31/0x390 kernel/workqueue.c:2678
1 lock held by kworker/R-wg-cr/6467:
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x31/0x390 kernel/workqueue.c:2678
2 locks held by syz-executor/6471:
#0: ffff8880557d40e0 (&type->s_umount_key#67){++++}-{4:4}, at: __super_lock fs/super.c:56 [inline]
#0: ffff8880557d40e0 (&type->s_umount_key#67){++++}-{4:4}, at: __super_lock_excl fs/super.c:71 [inline]
#0: ffff8880557d40e0 (&type->s_umount_key#67){++++}-{4:4}, at: deactivate_super+0xb5/0xf0 fs/super.c:505
#1: ffffffff8ed43840 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x530 kernel/rcu/tree.c:3774
1 lock held by kworker/R-wg-cr/6482:
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x31/0x390 kernel/workqueue.c:2678
5 locks held by kworker/R-wg-cr/6489:
1 lock held by kworker/R-wg-cr/6490:
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x31/0x390 kernel/workqueue.c:2678
5 locks held by syz-executor/6524:
#0: ffff8880368cc420 (sb_writers#7){.+.+}-{0:0}, at: file_start_write include/linux/fs.h:3041 [inline]
#0: ffff8880368cc420 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x23f/0xd10 fs/read_write.c:680
#1: ffff88804ae58888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1e2/0x510 fs/kernfs/file.c:325
#2: ffff888143bab4b8 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x206/0x510 fs/kernfs/file.c:326
#3: ffffffff8f998ca8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xfe/0x490 drivers/net/netdevsim/bus.c:216
#4: ffff8880122470e8 (&dev->mutex){....}-{4:4}, at: device_lock include/linux/device.h:922 [inline]
#4: ffff8880122470e8 (&dev->mutex){....}-{4:4}, at: device_del+0xa8/0x9b0 drivers/base/core.c:3817
1 lock held by kworker/R-wg-cr/6534:
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x31/0x390 kernel/workqueue.c:2678
1 lock held by kworker/R-wg-cr/6535:
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x31/0x390 kernel/workqueue.c:2678
1 lock held by kworker/R-wg-cr/6536:
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_detach_from_pool kernel/workqueue.c:2736 [inline]
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: rescuer_thread+0xa44/0x1020 kernel/workqueue.c:3529
2 locks held by kworker/u8:10/6548:
4 locks held by syz-executor/6550:
#0: ffff8880368cc420 (sb_writers#7){.+.+}-{0:0}, at: file_start_write include/linux/fs.h:3041 [inline]
#0: ffff8880368cc420 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x23f/0xd10 fs/read_write.c:680
#1: ffff888055cae888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1e2/0x510 fs/kernfs/file.c:325
#2: ffff888143bab4b8 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x206/0x510 fs/kernfs/file.c:326
#3: ffffffff8f998ca8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xfe/0x490 drivers/net/netdevsim/bus.c:216
2 locks held by kworker/0:12/6552:
1 lock held by syz.7.194/6580:
#0: ffffffff8f480728 (bio_slab_lock){+.+.}-{4:4}, at: bio_find_or_create_slab block/bio.c:122 [inline]
#0: ffffffff8f480728 (bio_slab_lock){+.+.}-{4:4}, at: bioset_init+0x241/0x820 block/bio.c:1705
3 locks held by kworker/0:13/6609:
1 lock held by syz.9.186/6611:
#0: ffffffff8ed43840 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x530 kernel/rcu/tree.c:3774
4 locks held by syz-executor/6614:
#0: ffff8880368cc420 (sb_writers#7){.+.+}-{0:0}, at: file_start_write include/linux/fs.h:3041 [inline]
#0: ffff8880368cc420 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x23f/0xd10 fs/read_write.c:680
#1: ffff888029d6e888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1e2/0x510 fs/kernfs/file.c:325
#2: ffff888143bab4b8 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x206/0x510 fs/kernfs/file.c:326
#3: ffffffff8f998ca8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xfe/0x490 drivers/net/netdevsim/bus.c:216
4 locks held by syz-executor/6627:
#0: ffff8880368cc420 (sb_writers#7){.+.+}-{0:0}, at: file_start_write include/linux/fs.h:3041 [inline]
#0: ffff8880368cc420 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x23f/0xd10 fs/read_write.c:680
#1: ffff888035fc2488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1e2/0x510 fs/kernfs/file.c:325
#2: ffff888143bab4b8 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x206/0x510 fs/kernfs/file.c:326
#3: ffffffff8f998ca8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xfe/0x490 drivers/net/netdevsim/bus.c:216
4 locks held by syz-executor/6631:
#0: ffff8880368cc420 (sb_writers#7){.+.+}-{0:0}, at: file_start_write include/linux/fs.h:3041 [inline]
#0: ffff8880368cc420 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x23f/0xd10 fs/read_write.c:680
#1: ffff8880827e4488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1e2/0x510 fs/kernfs/file.c:325
#2: ffff888143bab4b8 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x206/0x510 fs/kernfs/file.c:326
#3: ffffffff8f998ca8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xfe/0x490 drivers/net/netdevsim/bus.c:216
4 locks held by syz-executor/6649:
#0: ffff8880368cc420 (sb_writers#7){.+.+}-{0:0}, at: file_start_write include/linux/fs.h:3041 [inline]
#0: ffff8880368cc420 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x23f/0xd10 fs/read_write.c:680
#1: ffff88803e94c888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1e2/0x510 fs/kernfs/file.c:325
#2: ffff888143bab4b8 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x206/0x510 fs/kernfs/file.c:326
#3: ffffffff8f998ca8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xfe/0x490 drivers/net/netdevsim/bus.c:216
4 locks held by syz-executor/6658:
#0: ffff8880368cc420 (sb_writers#7){.+.+}-{0:0}, at: file_start_write include/linux/fs.h:3041 [inline]
#0: ffff8880368cc420 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x23f/0xd10 fs/read_write.c:680
#1: ffff888058be5488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1e2/0x510 fs/kernfs/file.c:325
#2: ffff888143bab4b8 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x206/0x510 fs/kernfs/file.c:326
#3: ffffffff8f998ca8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xfe/0x490 drivers/net/netdevsim/bus.c:216
4 locks held by kworker/1:7/6675:
#0: ffff8880295b1148 ((wq_completion)wg-kex-wg0#12){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3213 [inline]
#0: ffff8880295b1148 ((wq_completion)wg-kex-wg0#12){+.+.}-{0:0}, at: process_scheduled_works+0x990/0x18e0 kernel/workqueue.c:3319
#1: ffffc900043ffc60 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3214 [inline]
#1: ffffc900043ffc60 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9cb/0x18e0 kernel/workqueue.c:3319
#2: ffff88807a701308 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x151/0xd60 drivers/net/wireguard/noise.c:598
#3: ffff88805c3134c0 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x711/0xd60 drivers/net/wireguard/noise.c:632
4 locks held by syz-executor/6677:
#0: ffff8880368cc420 (sb_writers#7){.+.+}-{0:0}, at: file_start_write include/linux/fs.h:3041 [inline]
#0: ffff8880368cc420 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x23f/0xd10 fs/read_write.c:680
#1: ffff88805c011c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1e2/0x510 fs/kernfs/file.c:325
#2: ffff888143bab4b8 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x206/0x510 fs/kernfs/file.c:326
#3: ffffffff8f998ca8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xfe/0x490 drivers/net/netdevsim/bus.c:216
3 locks held by kworker/0:14/6687:
4 locks held by syz-executor/6690:
#0: ffff8880368cc420 (sb_writers#7){.+.+}-{0:0}, at: file_start_write include/linux/fs.h:3041 [inline]
#0: ffff8880368cc420 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x23f/0xd10 fs/read_write.c:680
#1: ffff8880690a8088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1e2/0x510 fs/kernfs/file.c:325
#2: ffff888143bab4b8 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x206/0x510 fs/kernfs/file.c:326
#3: ffffffff8f998ca8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xfe/0x490 drivers/net/netdevsim/bus.c:216
4 locks held by syz-executor/6695:
#0: ffff8880368cc420 (sb_writers#7){.+.+}-{0:0}, at: file_start_write include/linux/fs.h:3041 [inline]
#0: ffff8880368cc420 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x23f/0xd10 fs/read_write.c:680
#1: ffff88807684b488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1e2/0x510 fs/kernfs/file.c:325
#2: ffff888143bab4b8 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x206/0x510 fs/kernfs/file.c:326
#3: ffffffff8f998ca8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xfe/0x490 drivers/net/netdevsim/bus.c:216
4 locks held by syz-executor/6711:
#0: ffff8880368cc420 (sb_writers#7){.+.+}-{0:0}, at: file_start_write include/linux/fs.h:3041 [inline]
#0: ffff8880368cc420 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x23f/0xd10 fs/read_write.c:680
#1: ffff888084396888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1e2/0x510 fs/kernfs/file.c:325
#2: ffff888143bab4b8 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x206/0x510 fs/kernfs/file.c:326
#3: ffffffff8f998ca8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xfe/0x490 drivers/net/netdevsim/bus.c:216
1 lock held by kworker/0:15/6723:
4 locks held by syz-executor/6725:
#0: ffff8880368cc420 (sb_writers#7){.+.+}-{0:0}, at: file_start_write include/linux/fs.h:3041 [inline]
#0: ffff8880368cc420 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x23f/0xd10 fs/read_write.c:680
#1: ffff88803e9b2088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1e2/0x510 fs/kernfs/file.c:325
#2: ffff888143bab4b8 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x206/0x510 fs/kernfs/file.c:326
#3: ffffffff8f998ca8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xfe/0x490 drivers/net/netdevsim/bus.c:216
3 locks held by syz-executor/6738:
#0: ffffffff8f892d60 (&ops->srcu#2){.+.+}-{0:0}, at: rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
#0: ffffffff8f892d60 (&ops->srcu#2){.+.+}-{0:0}, at: rcu_read_lock include/linux/rcupdate.h:841 [inline]
#0: ffffffff8f892d60 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x22/0x250 net/core/rtnetlink.c:570
#1: ffffffff900ff548 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock net/core/rtnetlink.c:80 [inline]
#1: ffffffff900ff548 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_nets_lock net/core/rtnetlink.c:341 [inline]
#1: ffffffff900ff548 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0xd68/0x1fe0 net/core/rtnetlink.c:4064
#2: ffffffff8ed43978 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock kernel/rcu/tree_exp.h:304 [inline]
#2: ffffffff8ed43978 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x384/0x830 kernel/rcu/tree_exp.h:998
1 lock held by kworker/R-bond0/6744:
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: set_pf_worker kernel/workqueue.c:3325 [inline]
#0: ffffffff8ebe54a8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: rescuer_thread+0xd2/0x1020 kernel/workqueue.c:3452
1 lock held by syz-executor/6748:
#0: ffffffff900ff548 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#0: ffffffff900ff548 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x406/0x1c40 net/ipv4/devinet.c:979
=============================================
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full)
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
Call Trace:
__dump_stack lib/dump_stack.c:94 [inline]
dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120
nmi_cpu_backtrace+0x4ab/0x4e0 lib/nmi_backtrace.c:113
nmi_trigger_cpumask_backtrace+0x198/0x320 lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:158 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:274 [inline]
watchdog+0x1058/0x10a0 kernel/hung_task.c:437
kthread+0x7b7/0x940 kernel/kthread.c:464
ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:153
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 6490 Comm: kworker/R-wg-cr Not tainted 6.14.0-next-20250404-syzkaller #0 PREEMPT(full)
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
Workqueue: wg-crypt-wg2 wg_packet_decrypt_worker
RIP: 0010:mark_held_locks kernel/locking/lockdep.c:-1 [inline]
RIP: 0010:__trace_hardirqs_on_caller kernel/locking/lockdep.c:4344 [inline]
RIP: 0010:lockdep_hardirqs_on_prepare+0xed/0x2b0 kernel/locking/lockdep.c:4411
Code: c7 c7 c3 19 77 8e e8 c2 5a 92 0a 65 ff 05 3b 64 ca 11 41 83 be e8 0a 00 00 00 0f 8e ca 00 00 00 4d 89 f7 49 81 c7 f0 0a 00 00 <31> db 4d 89 fc eb 13 48 ff c3 49 63 86 e8 0a 00 00 49 83 c4 28 48
RSP: 0018:ffffc900000073f8 EFLAGS: 00000086
RAX: 0000000000000000 RBX: 1ffff92000000e90 RCX: ffffffff81cb4d7c
RDX: 0000000000000000 RSI: ffffffff8e7719c3 RDI: ffffffff8ca1e060
RBP: ffffc900000074f0 R08: ffffffff905ffd37 R09: 1ffffffff20bffa6
R10: dffffc0000000000 R11: fffffbfff20bffa7 R12: 1ffff92000000e8c
R13: ffffffff93691020 R14: ffff888030cf1e00 R15: ffff888030cf28f0
FS: 0000000000000000(0000) GS:ffff888124f8f000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f30a79f8050 CR3: 000000000eb38000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
trace_hardirqs_on+0x28/0x40 kernel/trace/trace_preemptirq.c:78
__local_bh_enable_ip+0x168/0x200 kernel/softirq.c:412
local_bh_enable include/linux/bottom_half.h:33 [inline]
ipt_do_table+0x155d/0x1870 net/ipv4/netfilter/ip_tables.c:357
nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]
nf_hook_slow+0xc8/0x220 net/netfilter/core.c:626
nf_hook include/linux/netfilter.h:269 [inline]
NF_HOOK+0x29b/0x450 include/linux/netfilter.h:312
NF_HOOK+0x3a0/0x450 include/linux/netfilter.h:314
__netif_receive_skb_one_core net/core/dev.c:5891 [inline]
__netif_receive_skb+0x2c9/0x670 net/core/dev.c:6004
process_backlog+0x664/0x15c0 net/core/dev.c:6356
__napi_poll+0xcb/0x480 net/core/dev.c:7328
napi_poll net/core/dev.c:7392 [inline]
net_rx_action+0x89d/0x1240 net/core/dev.c:7514
handle_softirqs+0x2d6/0x9b0 kernel/softirq.c:579
do_softirq+0x11f/0x1e0 kernel/softirq.c:480
__local_bh_enable_ip+0x1be/0x200 kernel/softirq.c:407
spin_unlock_bh include/linux/spinlock.h:396 [inline]
ptr_ring_consume_bh include/linux/ptr_ring.h:367 [inline]
wg_packet_decrypt_worker+0x2ab/0xd80 drivers/net/wireguard/receive.c:499
process_one_work kernel/workqueue.c:3238 [inline]
process_scheduled_works+0xac3/0x18e0 kernel/workqueue.c:3319
rescuer_thread+0x662/0x1020 kernel/workqueue.c:3496
kthread+0x7b7/0x940 kernel/kthread.c:464
ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:153
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245