INFO: task syz.1.10383:28487 blocked for more than 143 seconds.
Tainted: G U L syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.1.10383 state:D stack:27496 pid:28487 tgid:28483 ppid:5830 task_flags:0x400140 flags:0x00080002
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5256 [inline]
__schedule+0x1139/0x6150 kernel/sched/core.c:6863
__schedule_loop kernel/sched/core.c:6945 [inline]
schedule+0xe7/0x3a0 kernel/sched/core.c:6960
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7017
__mutex_lock_common kernel/locking/mutex.c:692 [inline]
__mutex_lock+0xc69/0x1ca0 kernel/locking/mutex.c:776
class_wiphy_constructor include/net/cfg80211.h:6363 [inline]
nl80211_set_wiphy+0x1df/0x3310 net/wireless/nl80211.c:3836
genl_family_rcv_msg_doit+0x209/0x2f0 net/netlink/genetlink.c:1115
genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]
genl_rcv_msg+0x55c/0x800 net/netlink/genetlink.c:1210
netlink_rcv_skb+0x158/0x420 net/netlink/af_netlink.c:2550
genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219
netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
netlink_unicast+0x5aa/0x870 net/netlink/af_netlink.c:1344
netlink_sendmsg+0x8c8/0xdd0 net/netlink/af_netlink.c:1894
sock_sendmsg_nosec net/socket.c:727 [inline]
__sock_sendmsg net/socket.c:742 [inline]
____sys_sendmsg+0xa5d/0xc30 net/socket.c:2592
___sys_sendmsg+0x134/0x1d0 net/socket.c:2646
__sys_sendmsg+0x16d/0x220 net/socket.c:2678
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcd/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fcc9598f7c9
RSP: 002b:00007fcc9689d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007fcc95be5fa0 RCX: 00007fcc9598f7c9
RDX: 0000000020040894 RSI: 0000200000000080 RDI: 0000000000000003
RBP: 00007fcc95a13f91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fcc95be6038 R14: 00007fcc95be5fa0 R15: 00007ffd3417e268
</TASK>
INFO: task syz.0.10388:28495 blocked for more than 143 seconds.
Tainted: G U L syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.0.10388 state:D stack:27496 pid:28495 tgid:28494 ppid:5828 task_flags:0x400140 flags:0x00080002
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5256 [inline]
__schedule+0x1139/0x6150 kernel/sched/core.c:6863
__schedule_loop kernel/sched/core.c:6945 [inline]
schedule+0xe7/0x3a0 kernel/sched/core.c:6960
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7017
__mutex_lock_common kernel/locking/mutex.c:692 [inline]
__mutex_lock+0xc69/0x1ca0 kernel/locking/mutex.c:776
nl80211_pre_doit+0xb4/0xb10 net/wireless/nl80211.c:17932
genl_family_rcv_msg_doit+0x1c3/0x2f0 net/netlink/genetlink.c:1110
genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]
genl_rcv_msg+0x55c/0x800 net/netlink/genetlink.c:1210
netlink_rcv_skb+0x158/0x420 net/netlink/af_netlink.c:2550
genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219
netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
netlink_unicast+0x5aa/0x870 net/netlink/af_netlink.c:1344
netlink_sendmsg+0x8c8/0xdd0 net/netlink/af_netlink.c:1894
sock_sendmsg_nosec net/socket.c:727 [inline]
__sock_sendmsg net/socket.c:742 [inline]
____sys_sendmsg+0xa5d/0xc30 net/socket.c:2592
___sys_sendmsg+0x134/0x1d0 net/socket.c:2646
__sys_sendmsg+0x16d/0x220 net/socket.c:2678
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcd/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f1dd0f8f7c9
RSP: 002b:00007f1dcf1f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007f1dd11e5fa0 RCX: 00007f1dd0f8f7c9
RDX: 0000000000000090 RSI: 00002000000003c0 RDI: 0000000000000003
RBP: 00007f1dd1013f91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f1dd11e6038 R14: 00007f1dd11e5fa0 R15: 00007fffe9ee6a38
</TASK>
INFO: task syz.3.10393:28506 blocked for more than 144 seconds.
Tainted: G U L syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.3.10393 state:D stack:27160 pid:28506 tgid:28505 ppid:5829 task_flags:0x400140 flags:0x00080002
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5256 [inline]
__schedule+0x1139/0x6150 kernel/sched/core.c:6863
__schedule_loop kernel/sched/core.c:6945 [inline]
schedule+0xe7/0x3a0 kernel/sched/core.c:6960
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7017
__mutex_lock_common kernel/locking/mutex.c:692 [inline]
__mutex_lock+0xc69/0x1ca0 kernel/locking/mutex.c:776
ethnl_set_features+0x1fb/0xcd0 net/ethtool/features.c:238
genl_family_rcv_msg_doit+0x209/0x2f0 net/netlink/genetlink.c:1115
genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]
genl_rcv_msg+0x55c/0x800 net/netlink/genetlink.c:1210
netlink_rcv_skb+0x158/0x420 net/netlink/af_netlink.c:2550
genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219
netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
netlink_unicast+0x5aa/0x870 net/netlink/af_netlink.c:1344
netlink_sendmsg+0x8c8/0xdd0 net/netlink/af_netlink.c:1894
sock_sendmsg_nosec net/socket.c:727 [inline]
__sock_sendmsg net/socket.c:742 [inline]
____sys_sendmsg+0xa5d/0xc30 net/socket.c:2592
___sys_sendmsg+0x134/0x1d0 net/socket.c:2646
__sys_sendmsg+0x16d/0x220 net/socket.c:2678
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcd/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f63aab8f7c9
RSP: 002b:00007f63abae0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007f63aade5fa0 RCX: 00007f63aab8f7c9
RDX: 0000000004000000 RSI: 0000200000000440 RDI: 0000000000000003
RBP: 00007f63aac13f91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f63aade6038 R14: 00007f63aade5fa0 R15: 00007ffe3c940b48
</TASK>
Showing all locks held in the system:
1 lock held by khungtaskd/31:
#0: ffffffff8e3c94a0 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
#0: ffffffff8e3c94a0 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:867 [inline]
#0: ffffffff8e3c94a0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 kernel/locking/lockdep.c:6775
2 locks held by syz-executor/5816:
#0: ffff88807581f308 (vm_lock){++++}-{0:0}, at: lock_vma_under_rcu+0x117/0x580 mm/mmap_lock.c:259
#1: ffff888034a26518 (sb_pagefaults){.+.+}-{0:0}, at: do_page_mkwrite+0x174/0x380 mm/memory.c:3528
4 locks held by kworker/1:3/5832:
#0: ffff88814372ad48 ((wq_completion)wg-kex-wg2#4){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 kernel/workqueue.c:3232
#1: ffffc9000418fc90 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __asm__ ("" : "=r"(__ptr) : "0"((__typeof__(*((worker))) *)(( unsigned long)((worker))))); (typeof((__typeof__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20 kernel/workqueue.c:3233
#2: ffff888079881308 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_response+0x22b/0x950 drivers/net/wireguard/noise.c:742
#3: ffff888029aec890 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_response+0x2f7/0x950 drivers/net/wireguard/noise.c:753
2 locks held by kworker/0:8/11092:
3 locks held by kworker/u10:0/11196:
3 locks held by kworker/u10:1/11201:
4 locks held by kworker/u10:2/11203:
3 locks held by kworker/u10:3/11205:
3 locks held by kworker/u10:5/11209:
3 locks held by kworker/u10:6/11214:
#0: ffff88814c434948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 kernel/workqueue.c:3232
#1: ffffc90003037c90 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20 kernel/workqueue.c:3233
#2: ffffffff90142068 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#2: ffffffff90142068 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x12/0x30 net/ipv6/addrconf.c:4734
4 locks held by kworker/u10:7/11217:
3 locks held by kworker/u10:8/11224:
3 locks held by kworker/u10:9/11235:
3 locks held by kworker/u10:10/11323:
8 locks held by kworker/u10:11/11638:
3 locks held by kworker/u10:12/12797:
3 locks held by kworker/u10:13/13154:
3 locks held by kworker/u10:15/16637:
3 locks held by syz.2.7404/21603:
#0: ffff88807a42cec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_close+0x26/0xc0 net/bluetooth/hci_core.c:499
#1: ffff88807a42c0c0 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x3af/0x1260 net/bluetooth/hci_sync.c:5314
#2: ffffffff8e3d4bf8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x284/0x3c0 kernel/rcu/tree_exp.h:311
3 locks held by kworker/u10:16/23016:
6 locks held by kworker/u10:17/23453:
2 locks held by kworker/u10:18/23725:
4 locks held by kworker/u10:19/27856:
2 locks held by getty/28072:
#0: ffff8880320510a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 drivers/tty/tty_ldisc.c:243
#1: ffffc900043e32f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x1510 drivers/tty/n_tty.c:2211
3 locks held by syz.1.10383/28487:
#0: ffffffff901e8510 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
#1: ffffffff90142068 (rtnl_mutex){+.+.}-{4:4}, at: nl80211_set_wiphy+0x94/0x3310 net/wireless/nl80211.c:3802
#2: ffff888022ee8788 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: class_wiphy_constructor include/net/cfg80211.h:6363 [inline]
#2: ffff888022ee8788 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: nl80211_set_wiphy+0x1df/0x3310 net/wireless/nl80211.c:3836
2 locks held by syz.0.10388/28495:
#0: ffffffff901e8510 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
#1: ffffffff90142068 (rtnl_mutex){+.+.}-{4:4}, at: nl80211_pre_doit+0xb4/0xb10 net/wireless/nl80211.c:17932
2 locks held by syz.3.10393/28506:
#0: ffffffff901e8510 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
#1: ffffffff90142068 (rtnl_mutex){+.+.}-{4:4}, at: ethnl_set_features+0x1fb/0xcd0 net/ethtool/features.c:238
1 lock held by syz-executor/28519:
#0: ffffffff90142068 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#0: ffffffff90142068 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 net/ipv4/devinet.c:978
1 lock held by syz-executor/28520:
#0: ffffffff90142068 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#0: ffffffff90142068 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 net/ipv4/devinet.c:978
5 locks held by kworker/u11:3/28529:
#0: ffff888028563948 ((wq_completion)hci4){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 kernel/workqueue.c:3232
#1: ffffc9000503fc90 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20 kernel/workqueue.c:3233
#2: ffff888012a38ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x175/0x470 net/bluetooth/hci_sync.c:331
#3: ffff888012a380c0 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x13f/0xb20 net/bluetooth/hci_sync.c:5702
#4: ffffffff903bee88 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm include/net/bluetooth/hci_core.h:2128 [inline]
#4: ffffffff903bee88 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x14f/0x360 net/bluetooth/hci_conn.c:1336
4 locks held by kworker/u10:21/28533:
4 locks held by kworker/u10:22/28538:
4 locks held by kworker/0:11/28543:
3 locks held by kworker/u10:26/28564:
1 lock held by syz-executor/28567:
#0: ffffffff90142068 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#0: ffffffff90142068 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 net/ipv4/devinet.c:978
1 lock held by syz-executor/28568:
#0: ffffffff90142068 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#0: ffffffff90142068 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 net/ipv4/devinet.c:978
1 lock held by syz-executor/28577:
#0: ffffffff90142068 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#0: ffffffff90142068 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 net/ipv4/devinet.c:978
1 lock held by syz-executor/28583:
#0: ffffffff90142068 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#0: ffffffff90142068 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 net/ipv4/devinet.c:978
7 locks held by kworker/u11:7/28585:
#0: ffff888028561148 ((wq_completion)hci5){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 kernel/workqueue.c:3232
#1: ffffc90004eefc90 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20 kernel/workqueue.c:3233
#2: ffff88801cfc8ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x175/0x470 net/bluetooth/hci_sync.c:331
#3: ffff88801cfc80c0 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x13f/0xb20 net/bluetooth/hci_sync.c:5702
#4: ffffffff903bee88 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm include/net/bluetooth/hci_core.h:2128 [inline]
#4: ffffffff903bee88 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x14f/0x360 net/bluetooth/hci_conn.c:1336
#5: ffff88807976cb38 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x80/0x760 net/bluetooth/l2cap_core.c:1763
#6: ffffffff8e3d4bf8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a3/0x3c0 kernel/rcu/tree_exp.h:343
5 locks held by kworker/0:13/28599:
2 locks held by kworker/0:14/28600:
1 lock held by syz-executor/28612:
#0: ffffffff90142068 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#0: ffffffff90142068 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 net/ipv4/devinet.c:978
1 lock held by syz-executor/28615:
#0: ffffffff90142068 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#0: ffffffff90142068 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 net/ipv4/devinet.c:978
4 locks held by kworker/u10:27/28617:
=============================================
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Tainted: G U L syzkaller #0 PREEMPT(full)
Tainted: [U]=USER, [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:94 [inline]
dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120
nmi_cpu_backtrace+0x27b/0x390 lib/nmi_backtrace.c:113
nmi_trigger_cpumask_backtrace+0x29c/0x300 lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:160 [inline]
__sys_info lib/sys_info.c:157 [inline]
sys_info+0x133/0x180 lib/sys_info.c:165
check_hung_uninterruptible_tasks kernel/hung_task.c:346 [inline]
watchdog+0xe66/0x1180 kernel/hung_task.c:515
kthread+0x3c5/0x780 kernel/kthread.c:463
ret_from_fork+0x983/0xb10 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
</TASK>
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 11638 Comm: kworker/u10:11 Tainted: G U L syzkaller #0 PREEMPT(full)
Tainted: [U]=USER, [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
Workqueue: wg-kex-wg1 wg_packet_handshake_send_worker
RIP: 0010:__rcu_read_lock+0xb4/0xf0 kernel/rcu/tree_plugin.h:416
Code: 04 00 00 65 48 8b 1d 53 4b 0f 12 48 8d bb 84 04 00 00 48 89 fa 48 c1 ea 03 0f b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 <84> d2 75 1f 8b 83 84 04 00 00 3d ff ff ff 3f 7f 07 5b 5d c3 cc cc
RSP: 0018:ffffc90000006ae8 EFLAGS: 00000202
RAX: 0000000000000007 RBX: ffff888029901e80 RCX: ffffc90000006ac4
RDX: 0000000000000000 RSI: ffffffff89461483 RDI: ffff888029902304
RBP: ffff888029901e80 R08: 0000000000000001 R09: 0000000039529a68
R10: 0000000000000002 R11: 00000000000845e6 R12: ffffffff81a8d780
R13: ffffc90000006b70 R14: 0000000000000000 R15: ffff888029901e80
FS: 0000000000000000(0000) GS:ffff888124904000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fcc95bb42f8 CR3: 00000000326d2000 CR4: 00000000003526f0
Call Trace:
<IRQ>
rcu_read_lock include/linux/rcupdate.h:865 [inline]
class_rcu_constructor include/linux/rcupdate.h:1195 [inline]
unwind_next_frame+0xae/0x20a0 arch/x86/kernel/unwind_orc.c:479
arch_stack_walk+0x94/0x100 arch/x86/kernel/stacktrace.c:25
stack_trace_save+0x8e/0xc0 kernel/stacktrace.c:122
kasan_save_stack+0x33/0x60 mm/kasan/common.c:56
kasan_save_track+0x14/0x30 mm/kasan/common.c:77
kasan_save_free_info+0x3b/0x60 mm/kasan/generic.c:584
poison_slab_object mm/kasan/common.c:252 [inline]
__kasan_slab_free+0x5f/0x80 mm/kasan/common.c:284
kasan_slab_free include/linux/kasan.h:234 [inline]
slab_free_hook mm/slub.c:2540 [inline]
slab_free mm/slub.c:6663 [inline]
kmem_cache_free+0x2d8/0x770 mm/slub.c:6774
kfree_skbmem+0x1a4/0x1f0 net/core/skbuff.c:1130
__kfree_skb net/core/skbuff.c:1197 [inline]
sk_skb_reason_drop+0x136/0x1a0 net/core/skbuff.c:1234
kfree_skb_reason include/linux/skbuff.h:1322 [inline]
kfree_skb include/linux/skbuff.h:1331 [inline]
ip6_mc_input+0x82c/0xf60 net/ipv6/ip6_input.c:593
dst_input include/net/dst.h:474 [inline]
dst_input include/net/dst.h:472 [inline]
ip6_rcv_finish+0x3df/0x580 net/ipv6/ip6_input.c:79
ip_sabotage_in+0x21e/0x290 net/bridge/br_netfilter_hooks.c:990
nf_hook_entry_hookfn include/linux/netfilter.h:158 [inline]
nf_hook_slow+0xbe/0x200 net/netfilter/core.c:623
nf_hook.constprop.0+0x424/0x750 include/linux/netfilter.h:273
NF_HOOK include/linux/netfilter.h:316 [inline]
ipv6_rcv+0xa4/0x650 net/ipv6/ip6_input.c:311
__netif_receive_skb_one_core+0x12d/0x1e0 net/core/dev.c:6137
__netif_receive_skb+0x1d/0x160 net/core/dev.c:6250
netif_receive_skb_internal net/core/dev.c:6336 [inline]
netif_receive_skb+0x137/0x760 net/core/dev.c:6395
NF_HOOK include/linux/netfilter.h:318 [inline]
NF_HOOK include/linux/netfilter.h:312 [inline]
br_pass_frame_up+0x346/0x490 net/bridge/br_input.c:70
br_handle_frame_finish+0x10e8/0x1f00 net/bridge/br_input.c:235
br_nf_hook_thresh+0x307/0x410 net/bridge/br_netfilter_hooks.c:1167
br_nf_pre_routing_finish_ipv6+0x76a/0xfc0 net/bridge/br_netfilter_ipv6.c:154
NF_HOOK include/linux/netfilter.h:318 [inline]
br_nf_pre_routing_ipv6+0x3cd/0x8c0 net/bridge/br_netfilter_ipv6.c:184
br_nf_pre_routing+0x860/0x15b0 net/bridge/br_netfilter_hooks.c:508
nf_hook_entry_hookfn include/linux/netfilter.h:158 [inline]
nf_hook_bridge_pre net/bridge/br_input.c:291 [inline]
br_handle_frame+0xb28/0x14e0 net/bridge/br_input.c:442
__netif_receive_skb_core.constprop.0+0x6b3/0x35b0 net/core/dev.c:6024
__netif_receive_skb_one_core+0xb0/0x1e0 net/core/dev.c:6135
__netif_receive_skb+0x1d/0x160 net/core/dev.c:6250
process_backlog+0x4a2/0x1650 net/core/dev.c:6602
__napi_poll.constprop.0+0xb3/0x540 net/core/dev.c:7666
napi_poll net/core/dev.c:7729 [inline]
net_rx_action+0x9f9/0xfa0 net/core/dev.c:7881
handle_softirqs+0x219/0x950 kernel/softirq.c:622
do_softirq kernel/softirq.c:523 [inline]
do_softirq+0xb2/0xf0 kernel/softirq.c:510
</IRQ>
<TASK>
__local_bh_enable_ip+0x100/0x120 kernel/softirq.c:450
local_bh_enable include/linux/bottom_half.h:33 [inline]
fpregs_unlock arch/x86/include/asm/fpu/api.h:77 [inline]
kernel_fpu_end arch/x86/kernel/fpu/core.c:480 [inline]
kernel_fpu_end+0x5e/0x70 arch/x86/kernel/fpu/core.c:473
blake2s_compress+0x77/0xe0 lib/crypto/x86/blake2s.h:42
blake2s_final+0xc9/0x160 lib/crypto/blake2s.c:148
hmac.constprop.0+0x252/0x420 drivers/net/wireguard/noise.c:325
kdf.constprop.0+0x122/0x280 drivers/net/wireguard/noise.c:360
mix_dh+0xd2/0x130 drivers/net/wireguard/noise.c:413
wg_noise_handshake_create_initiation+0x337/0x610 drivers/net/wireguard/noise.c:550
wg_packet_send_handshake_initiation+0x19a/0x360 drivers/net/wireguard/send.c:34
wg_packet_handshake_send_worker+0x1c/0x30 drivers/net/wireguard/send.c:51
process_one_work+0x9ba/0x1b20 kernel/workqueue.c:3257
process_scheduled_works kernel/workqueue.c:3340 [inline]
worker_thread+0x6c8/0xf10 kernel/workqueue.c:3421
kthread+0x3c5/0x780 kernel/kthread.c:463
ret_from_fork+0x983/0xb10 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
</TASK>