syzbot

 ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
watchdog: BUG: soft lockup - CPU#0 stuck for 246s! [kworker/0:2:935]
Modules linked in:
irq event stamp: 33208969
hardirqs last  enabled at (33208968): [<ffffffff8b14d892>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]
hardirqs last  enabled at (33208968): [<ffffffff8b14d892>] _raw_spin_unlock_irqrestore+0x52/0x80 kernel/locking/spinlock.c:194
hardirqs last disabled at (33208969): [<ffffffff8b120c0e>] sysvec_apic_timer_interrupt+0xe/0xb0 arch/x86/kernel/apic/apic.c:1043
softirqs last  enabled at (417062): [<ffffffff8613ecaf>] rcu_lock_release include/linux/rcupdate.h:336 [inline]
softirqs last  enabled at (417062): [<ffffffff8613ecaf>] rcu_read_unlock_bh include/linux/rcupdate.h:906 [inline]
softirqs last  enabled at (417062): [<ffffffff8613ecaf>] mod_peer_timer+0x16f/0x2c0 drivers/net/wireguard/timers.c:38
softirqs last disabled at (417066): [<ffffffff8614e602>] wg_socket_send_skb_to_peer+0x62/0x220 drivers/net/wireguard/socket.c:173
CPU: 0 UID: 0 PID: 935 Comm: kworker/0:2 Not tainted 6.11.0-rc5-syzkaller-00057-g86987d84b968 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
Workqueue: wg-crypt-wg2 wg_packet_tx_worker
RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x70 kernel/kcov.c:209
Code: be b0 01 00 00 e8 a0 ff ff ff 31 c0 e9 84 82 a4 09 66 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 65 48 8b 15 54 1c 78 7e 65 8b 05 55 1c 78 7e a9 00 01
RSP: 0018:ffffc90003e16c90 EFLAGS: 00000246
RAX: 0000000000000000 RBX: ffffc90003e16d70 RCX: ffffffff813ce689
RDX: ffff888021a15a00 RSI: 0000000000000004 RDI: 0000000000000001
RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000004
R10: 0000000000000002 R11: 0000000000000000 R12: ffffffff90a3fde0
R13: ffffc90003e16d68 R14: ffffffff90a3fde4 R15: 0000000000000002
FS:  0000000000000000(0000) GS:ffff8880b9200000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000000 CR3: 000000007ce84000 CR4: 0000000000350ef0
Call Trace:
 <IRQ>
 </IRQ>
 <TASK>
 unwind_next_frame+0xd82/0x23a0 arch/x86/kernel/unwind_orc.c:583
 __unwind_start+0x5aa/0x880 arch/x86/kernel/unwind_orc.c:760
 unwind_start arch/x86/include/asm/unwind.h:64 [inline]
 arch_stack_walk+0xb2/0x170 arch/x86/kernel/stacktrace.c:24
 stack_trace_save+0x95/0xd0 kernel/stacktrace.c:122
 kasan_save_stack+0x33/0x60 mm/kasan/common.c:47
 kasan_save_track+0x14/0x30 mm/kasan/common.c:68
 kasan_save_free_info+0x3b/0x60 mm/kasan/generic.c:579
 poison_slab_object+0xf7/0x160 mm/kasan/common.c:240
 __kasan_slab_free+0x32/0x50 mm/kasan/common.c:256
 kasan_slab_free include/linux/kasan.h:184 [inline]
 slab_free_hook mm/slub.c:2252 [inline]
 slab_free mm/slub.c:4473 [inline]
 kmem_cache_free+0x12f/0x3a0 mm/slub.c:4548
 skb_kfree_head net/core/skbuff.c:1082 [inline]
 skb_kfree_head net/core/skbuff.c:1079 [inline]
 skb_free_head+0x18a/0x1d0 net/core/skbuff.c:1096
 skb_release_data+0x75c/0x980 net/core/skbuff.c:1123
 skb_release_all net/core/skbuff.c:1188 [inline]
 __kfree_skb net/core/skbuff.c:1202 [inline]
 sk_skb_reason_drop+0x133/0x200 net/core/skbuff.c:1240
 kfree_skb_reason include/linux/skbuff.h:1260 [inline]
 enqueue_to_backlog+0x47f/0xe60 net/core/dev.c:4895
 netif_rx_internal+0x109/0x5f0 net/core/dev.c:5190
 __netif_rx+0xf2/0x2c0 net/core/dev.c:5210
 loopback_xmit+0x284/0x700 drivers/net/loopback.c:89
 __netdev_start_xmit include/linux/netdevice.h:4913 [inline]
 netdev_start_xmit include/linux/netdevice.h:4922 [inline]
 xmit_one net/core/dev.c:3580 [inline]
 dev_hard_start_xmit+0x146/0x790 net/core/dev.c:3596
 __dev_queue_xmit+0x7c7/0x4300 net/core/dev.c:4423
 dev_queue_xmit include/linux/netdevice.h:3105 [inline]
 neigh_hh_output include/net/neighbour.h:526 [inline]
 neigh_output include/net/neighbour.h:540 [inline]
 ip_finish_output2+0x16fe/0x25e0 net/ipv4/ip_output.c:235
 ip_do_fragment+0x864/0x18b0 net/ipv4/ip_output.c:916
 ip_fragment.constprop.0+0x161/0x230 net/ipv4/ip_output.c:584
 __ip_finish_output net/ipv4/ip_output.c:311 [inline]
 __ip_finish_output+0x2fc/0x950 net/ipv4/ip_output.c:295
 ip_finish_output+0x31/0x310 net/ipv4/ip_output.c:323
 NF_HOOK_COND include/linux/netfilter.h:303 [inline]
 ip_output+0x13b/0x2a0 net/ipv4/ip_output.c:433
 dst_output include/net/dst.h:450 [inline]
 ip_local_out+0x33e/0x4a0 net/ipv4/ip_output.c:129
 iptunnel_xmit+0x5b4/0x9b0 net/ipv4/ip_tunnel_core.c:82
 send4+0x48e/0xe30 drivers/net/wireguard/socket.c:85
 wg_socket_send_skb_to_peer+0x196/0x220 drivers/net/wireguard/socket.c:175
 wg_packet_create_data_done drivers/net/wireguard/send.c:251 [inline]
 wg_packet_tx_worker+0x1aa/0x810 drivers/net/wireguard/send.c:276
 process_one_work+0x9c8/0x1b40 kernel/workqueue.c:3231
 process_scheduled_works kernel/workqueue.c:3312 [inline]
 worker_thread+0x6c8/0xed0 kernel/workqueue.c:3389
 kthread+0x2c4/0x3a0 kernel/kthread.c:389
 ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1 skipped: idling at native_safe_halt arch/x86/include/asm/irqflags.h:48 [inline]
NMI backtrace for cpu 1 skipped: idling at arch_safe_halt arch/x86/include/asm/irqflags.h:106 [inline]
NMI backtrace for cpu 1 skipped: idling at acpi_safe_halt+0x1a/0x20 drivers/acpi/processor_idle.c:111