syzbot


INFO: task hung in wg_netns_pre_exit (2)
Status: auto-closed as invalid on 2022/03/15 05:14
Reported-by: syzbot+fa3b49ed40f26375a8ee@syzkaller.appspotmail.com
First crash: 320d, last: 187d
similar bugs (1):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream INFO: task hung in wg_netns_pre_exit 3 521d 595d 0/22 auto-closed as invalid on 2021/03/15 22:17

Sample crash report:
INFO: task syz-executor.3:21334 blocked for more than 141 seconds.
      Not tainted 5.15.0-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.3  state:D stack:26848 pid:21334 ppid: 22389 flags:0x00004004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:4972 [inline]
 __schedule+0xa9a/0x4940 kernel/sched/core.c:6253
 schedule+0xd2/0x260 kernel/sched/core.c:6326
 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:6385
 __mutex_lock_common kernel/locking/mutex.c:680 [inline]
 __mutex_lock+0xa32/0x12f0 kernel/locking/mutex.c:740
 wg_netns_pre_exit+0x15/0x190 drivers/net/wireguard/device.c:402
 ops_pre_exit_list net/core/net_namespace.c:158 [inline]
 setup_net+0x587/0xa30 net/core/net_namespace.c:343
 copy_net_ns+0x318/0x760 net/core/net_namespace.c:470
 create_new_namespaces+0x3f6/0xb20 kernel/nsproxy.c:110
 unshare_nsproxy_namespaces+0xc1/0x1f0 kernel/nsproxy.c:226
 ksys_unshare+0x445/0x920 kernel/fork.c:3075
 __do_sys_unshare kernel/fork.c:3146 [inline]
 __se_sys_unshare kernel/fork.c:3144 [inline]
 __x64_sys_unshare+0x2d/0x40 kernel/fork.c:3144
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7f8a7bd5eae9
RSP: 002b:00007f8a792d4188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
RAX: ffffffffffffffda RBX: 00007f8a7be71f60 RCX: 00007f8a7bd5eae9
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000064020680
RBP: 00007f8a7bdb8f6d R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fff826b730f R14: 00007f8a792d4300 R15: 0000000000022000
 </TASK>
INFO: task syz-executor.5:21338 blocked for more than 147 seconds.
      Not tainted 5.15.0-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.5  state:D stack:25120 pid:21338 ppid:  6811 flags:0x00000004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:4972 [inline]
 __schedule+0xa9a/0x4940 kernel/sched/core.c:6253
 schedule+0xd2/0x260 kernel/sched/core.c:6326
 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:6385
 __mutex_lock_common kernel/locking/mutex.c:680 [inline]
 __mutex_lock+0xa32/0x12f0 kernel/locking/mutex.c:740
 rtnl_lock net/core/rtnetlink.c:72 [inline]
 rtnetlink_rcv_msg+0x3be/0xb80 net/core/rtnetlink.c:5568
 netlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2491
 netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]
 netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1345
 netlink_sendmsg+0x86d/0xda0 net/netlink/af_netlink.c:1916
 sock_sendmsg_nosec net/socket.c:704 [inline]
 sock_sendmsg+0xcf/0x120 net/socket.c:724
 ____sys_sendmsg+0x6e8/0x810 net/socket.c:2409
 ___sys_sendmsg+0xf3/0x170 net/socket.c:2463
 __sys_sendmsg+0xe5/0x1b0 net/socket.c:2492
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7f270cb8dae9
RSP: 002b:00007f270a103188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007f270cca0f60 RCX: 00007f270cb8dae9
RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008
RBP: 00007f270cbe7f6d R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffc2c96fdff R14: 00007f270a103300 R15: 0000000000022000
 </TASK>

Showing all locks held in the system:
2 locks held by kworker/u4:0/8:
1 lock held by khungtaskd/26:
 #0: ffffffff8bb80ee0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 kernel/locking/lockdep.c:6458
1 lock held by in:imklog/6320:
 #0: ffff88801b1dfb70 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe9/0x100 fs/file.c:990
1 lock held by syz-executor.1/31231:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.1/31252:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.5/31791:
 #0: ffff88803bed3950 (&sb->s_type->i_mutex_key#14){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:783 [inline]
 #0: ffff88803bed3950 (&sb->s_type->i_mutex_key#14){+.+.}-{3:3}, at: __sock_release+0x86/0x280 net/socket.c:648
3 locks held by syz-executor.0/3620:
 #0: ffff88802d570ff0 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0xb7/0x1150 net/bluetooth/hci_core.c:1614
 #1: ffff88802d570078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_do_close+0x283/0x1150 net/bluetooth/hci_core.c:1659
 #2: ffffffff8d520d28 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_disconn_cfm include/net/bluetooth/hci_core.h:1540 [inline]
 #2: ffffffff8d520d28 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xda/0x260 net/bluetooth/hci_conn.c:1742
1 lock held by syz-executor.1/6728:
 #0: ffff88802dd75590 (&sb->s_type->i_mutex_key#14){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:783 [inline]
 #0: ffff88802dd75590 (&sb->s_type->i_mutex_key#14){+.+.}-{3:3}, at: __sock_release+0x86/0x280 net/socket.c:648
1 lock held by syz-executor.0/8062:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.1/8393:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.1/11350:
 #0: ffff88819b561590 (&sb->s_type->i_mutex_key#14){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:783 [inline]
 #0: ffff88819b561590 (&sb->s_type->i_mutex_key#14){+.+.}-{3:3}, at: __sock_release+0x86/0x280 net/socket.c:648
1 lock held by syz-executor.1/12693:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/25836:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.3/26075:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.3/26100:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.5/28119:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.5/28364:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/29578:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/30020:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/30362:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/30516:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/30790:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/30813:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.2/30981:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.2/32483:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/2035:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/2352:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/3143:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/3580:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.2/3837:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/4614:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/7609:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
4 locks held by syz-executor.2/7818:
1 lock held by syz-executor.0/8015:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/8524:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/8656:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.3/10254:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/10803:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/11764:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/11880:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.5/11994:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/12605:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
3 locks held by kworker/0:36/14104:
 #0: ffff888010c67d38 ((wq_completion)events){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline]
 #0: ffff888010c67d38 ((wq_completion)events){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline]
 #0: ffff888010c67d38 ((wq_completion)events){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1198 [inline]
 #0: ffff888010c67d38 ((wq_completion)events){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:635 [inline]
 #0: ffff888010c67d38 ((wq_completion)events){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:662 [inline]
 #0: ffff888010c67d38 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x896/0x1690 kernel/workqueue.c:2269
 #1: ffffc9002280fdb0 (fqdir_free_work){+.+.}-{0:0}, at: process_one_work+0x8ca/0x1690 kernel/workqueue.c:2273
 #2: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/15943:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/17227:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/18242:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/18472:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/18623:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.2/18945:
 #0: ffff88809508e290 (&sb->s_type->i_mutex_key#14){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:783 [inline]
 #0: ffff88809508e290 (&sb->s_type->i_mutex_key#14){+.+.}-{3:3}, at: __sock_release+0x86/0x280 net/socket.c:648
1 lock held by syz-executor.0/19231:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/21161:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.5/21827:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/22538:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/23749:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/25077:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.2/26220:
 #0: ffff888067fd0390 (&sb->s_type->i_mutex_key#14){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:783 [inline]
 #0: ffff888067fd0390 (&sb->s_type->i_mutex_key#14){+.+.}-{3:3}, at: __sock_release+0x86/0x280 net/socket.c:648
1 lock held by syz-executor.0/27979:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.2/28204:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
2 locks held by kworker/0:47/30097:
 #0: ffff888010c67d38 ((wq_completion)events){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline]
 #0: ffff888010c67d38 ((wq_completion)events){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline]
 #0: ffff888010c67d38 ((wq_completion)events){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1198 [inline]
 #0: ffff888010c67d38 ((wq_completion)events){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:635 [inline]
 #0: ffff888010c67d38 ((wq_completion)events){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:662 [inline]
 #0: ffff888010c67d38 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x896/0x1690 kernel/workqueue.c:2269
 #1: ffffc9001134fdb0 (free_ipc_work){+.+.}-{0:0}, at: process_one_work+0x8ca/0x1690 kernel/workqueue.c:2273
1 lock held by syz-executor.2/32279:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.2/32446:
 #0: ffff8881584bcad0 (&sb->s_type->i_mutex_key#14){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:783 [inline]
 #0: ffff8881584bcad0 (&sb->s_type->i_mutex_key#14){+.+.}-{3:3}, at: __sock_release+0x86/0x280 net/socket.c:648
1 lock held by syz-executor.0/1131:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.2/1719:
 #0: ffff88802dc9d590 (&sb->s_type->i_mutex_key#14){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:783 [inline]
 #0: ffff88802dc9d590 (&sb->s_type->i_mutex_key#14){+.+.}-{3:3}, at: __sock_release+0x86/0x280 net/socket.c:648
1 lock held by syz-executor.2/1973:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/4522:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/5106:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.2/5427:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/6512:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.2/7429:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.2/7509:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.2/8013:
 #0: ffff8880a1590310 (&sb->s_type->i_mutex_key#14){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:783 [inline]
 #0: ffff8880a1590310 (&sb->s_type->i_mutex_key#14){+.+.}-{3:3}, at: __sock_release+0x86/0x280 net/socket.c:648
1 lock held by syz-executor.5/10050:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.5/10550:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/13418:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/14634:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/14690:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/15022:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
2 locks held by syz-executor.2/17363:
 #0: ffff888158616590 (&sb->s_type->i_mutex_key#14){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:783 [inline]
 #0: ffff888158616590 (&sb->s_type->i_mutex_key#14){+.+.}-{3:3}, at: __sock_release+0x86/0x280 net/socket.c:648
 #1: ffffffff8bb8a268 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock kernel/rcu/tree_exp.h:322 [inline]
 #1: ffffffff8bb8a268 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x2d5/0x620 kernel/rcu/tree_exp.h:836
1 lock held by syz-executor.0/18218:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/19275:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
3 locks held by kworker/u4:12/19359:
 #0: ffff888012da6138 ((wq_completion)netns){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline]
 #0: ffff888012da6138 ((wq_completion)netns){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline]
 #0: ffff888012da6138 ((wq_completion)netns){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1198 [inline]
 #0: ffff888012da6138 ((wq_completion)netns){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:635 [inline]
 #0: ffff888012da6138 ((wq_completion)netns){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:662 [inline]
 #0: ffff888012da6138 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x896/0x1690 kernel/workqueue.c:2269
 #1: ffffc9000a47fdb0 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x8ca/0x1690 kernel/workqueue.c:2273
 #2: ffffffff8d2fc350 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x9b/0xb00 net/core/net_namespace.c:555
1 lock held by syz-executor.4/19501:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/20332:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/20846:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/22261:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/22876:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.2/23301:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/25060:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/25728:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/26846:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/29333:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/29880:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.2/31924:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/32692:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/372:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/2368:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/3085:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/5270:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.2/8376:
 #0: ffff88823bda2c90 (&sb->s_type->i_mutex_key#14){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:783 [inline]
 #0: ffff88823bda2c90 (&sb->s_type->i_mutex_key#14){+.+.}-{3:3}, at: __sock_release+0x86/0x280 net/socket.c:648
1 lock held by syz-executor.0/10684:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/11587:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/11609:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/11683:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/12653:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/12769:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.2/13334:
 #0: ffff88802ee58a10 (&sb->s_type->i_mutex_key#14){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:783 [inline]
 #0: ffff88802ee58a10 (&sb->s_type->i_mutex_key#14){+.+.}-{3:3}, at: __sock_release+0x86/0x280 net/socket.c:648
1 lock held by syz-executor.0/13889:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/14758:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.0/15626:
 #0: ffffffff8bb8a170 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x440 kernel/rcu/tree.c:3985
1 lock held by syz-executor.2/15842:

Crashes (39):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce-selinux-root 2021/11/15 05:12 upstream ce49bfc8d037 83f5c9b5 .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-kasan-gce-selinux-root 2021/09/30 04:34 upstream 02d5e016800d be530f6c .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-kasan-gce-root 2021/09/29 06:00 upstream a4e6f95a891a d82cb927 .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-kasan-gce-selinux-root 2021/09/28 04:20 upstream 0513e464f900 78494d16 .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-kasan-gce-selinux-root 2021/09/21 14:21 upstream d9fb678414c0 169724fe .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-kasan-gce 2021/09/14 02:15 upstream d0ee23f9d78b 58d09404 .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-kasan-gce-root 2021/09/08 20:18 upstream ac08b1c68d1b e2776ee4 .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-kasan-gce-386 2021/09/28 11:49 upstream 0513e464f900 78494d16 .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-kasan-gce-386 2021/09/17 21:29 upstream ddf21bd8ab98 70b76c1d .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-net-this-kasan-gce 2021/07/05 11:44 net dbe69e433722 55aa55c2 .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-net-kasan-gce 2021/10/20 06:37 net-next cb3dc8901ba4 466b7db1 .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-net-kasan-gce 2021/10/20 05:52 net-next cb3dc8901ba4 466b7db1 .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-net-kasan-gce 2021/10/19 18:32 net-next cb3dc8901ba4 466b7db1 .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-net-kasan-gce 2021/10/19 15:34 net-next cb3dc8901ba4 24dc29db .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-net-kasan-gce 2021/10/19 14:07 net-next cb3dc8901ba4 24dc29db .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-net-kasan-gce 2021/10/19 13:19 net-next cb3dc8901ba4 24dc29db .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-net-kasan-gce 2021/10/19 11:53 net-next f616447034a1 24dc29db .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-net-kasan-gce 2021/10/19 11:13 net-next f616447034a1 24dc29db .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-net-kasan-gce 2021/10/18 15:36 net-next d40dfa0cebd8 0c5d9412 .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-net-kasan-gce 2021/10/18 15:22 net-next d40dfa0cebd8 0c5d9412 .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-net-kasan-gce 2021/10/18 15:11 net-next d40dfa0cebd8 0c5d9412 .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-net-kasan-gce 2021/10/18 15:07 net-next d40dfa0cebd8 0c5d9412 .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-net-kasan-gce 2021/10/18 14:58 net-next d40dfa0cebd8 0c5d9412 .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-net-kasan-gce 2021/10/18 14:23 net-next d40dfa0cebd8 0c5d9412 .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-net-kasan-gce 2021/10/18 12:52 net-next d40dfa0cebd8 0c5d9412 .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-net-kasan-gce 2021/10/18 12:29 net-next d40dfa0cebd8 0c5d9412 .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-linux-next-kasan-gce-root 2021/10/21 07:39 linux-next 51dba6e335ff f111d03b .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-linux-next-kasan-gce-root 2021/10/21 02:28 linux-next 51dba6e335ff f111d03b .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-linux-next-kasan-gce-root 2021/10/20 23:42 linux-next 51dba6e335ff f111d03b .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-linux-next-kasan-gce-root 2021/10/20 23:03 linux-next 51dba6e335ff f111d03b .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-linux-next-kasan-gce-root 2021/10/20 12:35 linux-next 51dba6e335ff 418a00eb .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-linux-next-kasan-gce-root 2021/10/20 11:27 linux-next 51dba6e335ff 418a00eb .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-linux-next-kasan-gce-root 2021/10/20 10:08 linux-next 51dba6e335ff 418a00eb .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-linux-next-kasan-gce-root 2021/10/20 08:37 linux-next 51dba6e335ff 466b7db1 .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-linux-next-kasan-gce-root 2021/10/20 08:33 linux-next 51dba6e335ff 466b7db1 .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-linux-next-kasan-gce-root 2021/09/16 06:52 linux-next 368847b165bb 07e953c1 .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-linux-next-kasan-gce-root 2021/09/13 23:35 linux-next 24a36d3171e4 58d09404 .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-linux-next-kasan-gce-root 2021/09/07 22:10 linux-next b2bb710d34d5 064c9eb7 .config log report info INFO: task hung in wg_netns_pre_exit
ci-upstream-linux-next-kasan-gce-root 2021/10/20 09:33 linux-next 51dba6e335ff 466b7db1 .config log report info INFO: task can't die in wg_netns_pre_exit