INFO: task kworker/u12:1:16807 blocked for more than 143 seconds.
Tainted: G U I L syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/u12:1 state:D stack:26568 pid:16807 tgid:16807 ppid:2 task_flags:0x4208060 flags:0x00080000
Workqueue: hci11 hci_rx_work
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5260 [inline]
__schedule+0x1138/0x5ee0 kernel/sched/core.c:6867
__schedule_loop kernel/sched/core.c:6949 [inline]
schedule+0xe7/0x3a0 kernel/sched/core.c:6964
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7021
__mutex_lock_common kernel/locking/mutex.c:692 [inline]
__mutex_lock+0xc69/0x1ca0 kernel/locking/mutex.c:776
hci_connect_cfm include/net/bluetooth/hci_core.h:2128 [inline]
le_conn_complete_evt+0x1921/0x1fa0 net/bluetooth/hci_event.c:5821
hci_le_conn_complete_evt+0x23c/0x3a0 net/bluetooth/hci_event.c:5847
hci_le_meta_evt+0x357/0x610 net/bluetooth/hci_event.c:7408
hci_event_func net/bluetooth/hci_event.c:7716 [inline]
hci_event_packet+0x685/0x1210 net/bluetooth/hci_event.c:7773
hci_rx_work+0x2c9/0x1020 net/bluetooth/hci_core.c:4076
process_one_work+0x9ba/0x1b20 kernel/workqueue.c:3257
process_scheduled_works kernel/workqueue.c:3340 [inline]
worker_thread+0x6c8/0xf10 kernel/workqueue.c:3421
kthread+0x3c5/0x780 kernel/kthread.c:463
ret_from_fork+0x983/0xb10 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
</TASK>
INFO: task syz.2.8385:23266 blocked for more than 143 seconds.
Tainted: G U I L syzkaller #0
Blocked by coredump.
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.2.8385 state:D stack:27256 pid:23266 tgid:23266 ppid:5845 task_flags:0x40044c flags:0x00080003
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5260 [inline]
__schedule+0x1138/0x5ee0 kernel/sched/core.c:6867
__schedule_loop kernel/sched/core.c:6949 [inline]
schedule+0xe7/0x3a0 kernel/sched/core.c:6964
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7021
__mutex_lock_common kernel/locking/mutex.c:692 [inline]
__mutex_lock+0xc69/0x1ca0 kernel/locking/mutex.c:776
tun_detach drivers/net/tun.c:634 [inline]
tun_chr_close+0x38/0x230 drivers/net/tun.c:3436
__fput+0x402/0xb70 fs/file_table.c:468
task_work_run+0x150/0x240 kernel/task_work.c:233
exit_task_work include/linux/task_work.h:40 [inline]
do_exit+0x87f/0x2bd0 kernel/exit.c:971
do_group_exit+0xd3/0x2a0 kernel/exit.c:1112
get_signal+0x2671/0x26d0 kernel/signal.c:3034
arch_do_signal_or_restart+0x8f/0x7a0 arch/x86/kernel/signal.c:337
__exit_to_user_mode_loop kernel/entry/common.c:41 [inline]
exit_to_user_mode_loop+0x8c/0x540 kernel/entry/common.c:75
__exit_to_user_mode_prepare include/linux/irq-entry-common.h:226 [inline]
syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:256 [inline]
syscall_exit_to_user_mode_work include/linux/entry-common.h:159 [inline]
syscall_exit_to_user_mode include/linux/entry-common.h:194 [inline]
do_syscall_64+0x4ee/0xf80 arch/x86/entry/syscall_64.c:100
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7efcca3c2085
RSP: 002b:00007efccb198f80 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
RAX: fffffffffffffdfc RBX: 00007efcca5e5fa0 RCX: 00007efcca3c2085
RDX: 00007efccb198fc0 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 00007efcca413f91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
R13: 00007efcca5e6038 R14: 00007efcca5e5fa0 R15: 00007fff90c5b6d8
</TASK>
INFO: task kworker/u12:3:2245 blocked for more than 144 seconds.
Tainted: G U I L syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/u12:3 state:D stack:26888 pid:2245 tgid:2245 ppid:2 task_flags:0x4208060 flags:0x00080000
Workqueue: hci3 hci_rx_work
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5260 [inline]
__schedule+0x1138/0x5ee0 kernel/sched/core.c:6867
__schedule_loop kernel/sched/core.c:6949 [inline]
schedule+0xe7/0x3a0 kernel/sched/core.c:6964
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7021
__mutex_lock_common kernel/locking/mutex.c:692 [inline]
__mutex_lock+0xc69/0x1ca0 kernel/locking/mutex.c:776
hci_connect_cfm include/net/bluetooth/hci_core.h:2128 [inline]
hci_remote_features_evt+0x498/0x9c0 net/bluetooth/hci_event.c:3729
hci_event_func net/bluetooth/hci_event.c:7719 [inline]
hci_event_packet+0xa39/0x1210 net/bluetooth/hci_event.c:7773
hci_rx_work+0x2c9/0x1020 net/bluetooth/hci_core.c:4076
process_one_work+0x9ba/0x1b20 kernel/workqueue.c:3257
process_scheduled_works kernel/workqueue.c:3340 [inline]
worker_thread+0x6c8/0xf10 kernel/workqueue.c:3421
kthread+0x3c5/0x780 kernel/kthread.c:463
ret_from_fork+0x983/0xb10 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
</TASK>
INFO: task kworker/u12:4:2246 blocked for more than 144 seconds.
Tainted: G U I L syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/u12:4 state:D stack:26648 pid:2246 tgid:2246 ppid:2 task_flags:0x4208060 flags:0x00080000
Workqueue: hci10 hci_rx_work
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5260 [inline]
__schedule+0x1138/0x5ee0 kernel/sched/core.c:6867
__schedule_loop kernel/sched/core.c:6949 [inline]
schedule+0xe7/0x3a0 kernel/sched/core.c:6964
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7021
__mutex_lock_common kernel/locking/mutex.c:692 [inline]
__mutex_lock+0xc69/0x1ca0 kernel/locking/mutex.c:776
hci_connect_cfm include/net/bluetooth/hci_core.h:2128 [inline]
le_conn_complete_evt+0x1921/0x1fa0 net/bluetooth/hci_event.c:5821
hci_le_conn_complete_evt+0x23c/0x3a0 net/bluetooth/hci_event.c:5847
hci_le_meta_evt+0x357/0x610 net/bluetooth/hci_event.c:7408
hci_event_func net/bluetooth/hci_event.c:7716 [inline]
hci_event_packet+0x685/0x1210 net/bluetooth/hci_event.c:7773
hci_rx_work+0x2c9/0x1020 net/bluetooth/hci_core.c:4076
process_one_work+0x9ba/0x1b20 kernel/workqueue.c:3257
process_scheduled_works kernel/workqueue.c:3340 [inline]
worker_thread+0x6c8/0xf10 kernel/workqueue.c:3421
kthread+0x3c5/0x780 kernel/kthread.c:463
ret_from_fork+0x983/0xb10 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
</TASK>
INFO: task kworker/u12:7:2250 blocked for more than 144 seconds.
Tainted: G U I L syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/u12:7 state:D stack:26824 pid:2250 tgid:2250 ppid:2 task_flags:0x4208060 flags:0x00080000
Workqueue: hci9 hci_rx_work
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5260 [inline]
__schedule+0x1138/0x5ee0 kernel/sched/core.c:6867
__schedule_loop kernel/sched/core.c:6949 [inline]
schedule+0xe7/0x3a0 kernel/sched/core.c:6964
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7021
__mutex_lock_common kernel/locking/mutex.c:692 [inline]
__mutex_lock+0xc69/0x1ca0 kernel/locking/mutex.c:776
hci_connect_cfm include/net/bluetooth/hci_core.h:2128 [inline]
le_conn_complete_evt+0x1921/0x1fa0 net/bluetooth/hci_event.c:5821
hci_le_conn_complete_evt+0x23c/0x3a0 net/bluetooth/hci_event.c:5847
hci_le_meta_evt+0x357/0x610 net/bluetooth/hci_event.c:7408
hci_event_func net/bluetooth/hci_event.c:7716 [inline]
hci_event_packet+0x685/0x1210 net/bluetooth/hci_event.c:7773
hci_rx_work+0x2c9/0x1020 net/bluetooth/hci_core.c:4076
process_one_work+0x9ba/0x1b20 kernel/workqueue.c:3257
process_scheduled_works kernel/workqueue.c:3340 [inline]
worker_thread+0x6c8/0xf10 kernel/workqueue.c:3421
kthread+0x3c5/0x780 kernel/kthread.c:463
ret_from_fork+0x983/0xb10 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
</TASK>
INFO: task syz-executor:2288 blocked for more than 144 seconds.
Tainted: G U I L syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor state:D stack:23992 pid:2288 tgid:2288 ppid:1 task_flags:0x400140 flags:0x00080002
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5260 [inline]
__schedule+0x1138/0x5ee0 kernel/sched/core.c:6867
__schedule_loop kernel/sched/core.c:6949 [inline]
schedule+0xe7/0x3a0 kernel/sched/core.c:6964
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7021
__mutex_lock_common kernel/locking/mutex.c:692 [inline]
__mutex_lock+0xc69/0x1ca0 kernel/locking/mutex.c:776
rtnl_lock net/core/rtnetlink.c:80 [inline]
rtnl_nets_lock net/core/rtnetlink.c:341 [inline]
rtnl_newlink+0x5f6/0x1f50 net/core/rtnetlink.c:4071
rtnetlink_rcv_msg+0x95e/0xe90 net/core/rtnetlink.c:6958
netlink_rcv_skb+0x158/0x420 net/netlink/af_netlink.c:2550
netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
netlink_unicast+0x5aa/0x870 net/netlink/af_netlink.c:1344
netlink_sendmsg+0x8c8/0xdd0 net/netlink/af_netlink.c:1894
sock_sendmsg_nosec net/socket.c:727 [inline]
__sock_sendmsg net/socket.c:742 [inline]
__sys_sendto+0x4a3/0x520 net/socket.c:2206
__do_sys_sendto net/socket.c:2213 [inline]
__se_sys_sendto net/socket.c:2209 [inline]
__x64_sys_sendto+0xe0/0x1c0 net/socket.c:2209
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcd/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7ffa02d9165c
RSP: 002b:00007ffe97fd1a30 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 00007ffa03b14620 RCX: 00007ffa02d9165c
RDX: 000000000000004c RSI: 00007ffa03b14670 RDI: 0000000000000003
RBP: 0000000000000000 R08: 00007ffe97fd1a84 R09: 000000000000000c
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
R13: 0000000000000000 R14: 00007ffa03b14670 R15: 0000000000000000
</TASK>
INFO: task syz-executor:2289 blocked for more than 145 seconds.
Tainted: G U I L syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor state:D stack:24904 pid:2289 tgid:2289 ppid:1 task_flags:0x400140 flags:0x00080002
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5260 [inline]
__schedule+0x1138/0x5ee0 kernel/sched/core.c:6867
__schedule_loop kernel/sched/core.c:6949 [inline]
schedule+0xe7/0x3a0 kernel/sched/core.c:6964
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7021
__mutex_lock_common kernel/locking/mutex.c:692 [inline]
__mutex_lock+0xc69/0x1ca0 kernel/locking/mutex.c:776
rtnl_lock net/core/rtnetlink.c:80 [inline]
rtnl_nets_lock net/core/rtnetlink.c:341 [inline]
rtnl_newlink+0x5f6/0x1f50 net/core/rtnetlink.c:4071
rtnetlink_rcv_msg+0x95e/0xe90 net/core/rtnetlink.c:6958
netlink_rcv_skb+0x158/0x420 net/netlink/af_netlink.c:2550
netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
netlink_unicast+0x5aa/0x870 net/netlink/af_netlink.c:1344
netlink_sendmsg+0x8c8/0xdd0 net/netlink/af_netlink.c:1894
sock_sendmsg_nosec net/socket.c:727 [inline]
__sock_sendmsg net/socket.c:742 [inline]
__sys_sendto+0x4a3/0x520 net/socket.c:2206
__do_sys_sendto net/socket.c:2213 [inline]
__se_sys_sendto net/socket.c:2209 [inline]
__x64_sys_sendto+0xe0/0x1c0 net/socket.c:2209
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcd/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fde0dd9165c
RSP: 002b:00007ffe1da29de0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 00007fde0eb14620 RCX: 00007fde0dd9165c
RDX: 000000000000004c RSI: 00007fde0eb14670 RDI: 0000000000000003
RBP: 0000000000000000 R08: 00007ffe1da29e34 R09: 000000000000000c
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
R13: 0000000000000000 R14: 00007fde0eb14670 R15: 0000000000000000
</TASK>
INFO: task syz-executor:2293 blocked for more than 145 seconds.
Tainted: G U I L syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor state:D stack:24904 pid:2293 tgid:2293 ppid:1 task_flags:0x400140 flags:0x00080002
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5260 [inline]
__schedule+0x1138/0x5ee0 kernel/sched/core.c:6867
__schedule_loop kernel/sched/core.c:6949 [inline]
schedule+0xe7/0x3a0 kernel/sched/core.c:6964
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7021
__mutex_lock_common kernel/locking/mutex.c:692 [inline]
__mutex_lock+0xc69/0x1ca0 kernel/locking/mutex.c:776
rtnl_lock net/core/rtnetlink.c:80 [inline]
rtnl_nets_lock net/core/rtnetlink.c:341 [inline]
rtnl_newlink+0x5f6/0x1f50 net/core/rtnetlink.c:4071
rtnetlink_rcv_msg+0x95e/0xe90 net/core/rtnetlink.c:6958
netlink_rcv_skb+0x158/0x420 net/netlink/af_netlink.c:2550
netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
netlink_unicast+0x5aa/0x870 net/netlink/af_netlink.c:1344
netlink_sendmsg+0x8c8/0xdd0 net/netlink/af_netlink.c:1894
sock_sendmsg_nosec net/socket.c:727 [inline]
__sock_sendmsg net/socket.c:742 [inline]
__sys_sendto+0x4a3/0x520 net/socket.c:2206
__do_sys_sendto net/socket.c:2213 [inline]
__se_sys_sendto net/socket.c:2209 [inline]
__x64_sys_sendto+0xe0/0x1c0 net/socket.c:2209
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcd/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f30c459165c
RSP: 002b:00007ffe76233b90 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 00007f30c5314620 RCX: 00007f30c459165c
RDX: 000000000000004c RSI: 00007f30c5314670 RDI: 0000000000000003
RBP: 0000000000000000 R08: 00007ffe76233be4 R09: 000000000000000c
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
R13: 0000000000000000 R14: 00007f30c5314670 R15: 0000000000000000
</TASK>
INFO: task kworker/u12:9:2321 blocked for more than 146 seconds.
Tainted: G U I L syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/u12:9 state:D stack:28760 pid:2321 tgid:2321 ppid:2 task_flags:0x4208060 flags:0x00080000
Workqueue: hci5 hci_cmd_sync_work
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5260 [inline]
__schedule+0x1138/0x5ee0 kernel/sched/core.c:6867
__schedule_loop kernel/sched/core.c:6949 [inline]
schedule+0xe7/0x3a0 kernel/sched/core.c:6964
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7021
__mutex_lock_common kernel/locking/mutex.c:692 [inline]
__mutex_lock+0xc69/0x1ca0 kernel/locking/mutex.c:776
hci_connect_cfm include/net/bluetooth/hci_core.h:2128 [inline]
hci_conn_failed+0x14f/0x360 net/bluetooth/hci_conn.c:1336
hci_abort_conn_sync+0x76a/0xb20 net/bluetooth/hci_sync.c:5722
abort_conn_sync+0x197/0x360 net/bluetooth/hci_conn.c:2962
hci_cmd_sync_work+0x1ab/0x470 net/bluetooth/hci_sync.c:332
process_one_work+0x9ba/0x1b20 kernel/workqueue.c:3257
process_scheduled_works kernel/workqueue.c:3340 [inline]
worker_thread+0x6c8/0xf10 kernel/workqueue.c:3421
kthread+0x3c5/0x780 kernel/kthread.c:463
ret_from_fork+0x983/0xb10 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
</TASK>
INFO: task syz-executor:2332 blocked for more than 146 seconds.
Tainted: G U I L syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor state:D stack:27656 pid:2332 tgid:2332 ppid:1 task_flags:0x400140 flags:0x00080002
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5260 [inline]
__schedule+0x1138/0x5ee0 kernel/sched/core.c:6867
__schedule_loop kernel/sched/core.c:6949 [inline]
schedule+0xe7/0x3a0 kernel/sched/core.c:6964
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7021
__mutex_lock_common kernel/locking/mutex.c:692 [inline]
__mutex_lock+0xc69/0x1ca0 kernel/locking/mutex.c:776
rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
inet_rtm_newaddr+0x30c/0x1540 net/ipv4/devinet.c:978
rtnetlink_rcv_msg+0x95e/0xe90 net/core/rtnetlink.c:6958
netlink_rcv_skb+0x158/0x420 net/netlink/af_netlink.c:2550
netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
netlink_unicast+0x5aa/0x870 net/netlink/af_netlink.c:1344
netlink_sendmsg+0x8c8/0xdd0 net/netlink/af_netlink.c:1894
sock_sendmsg_nosec net/socket.c:727 [inline]
__sock_sendmsg net/socket.c:742 [inline]
__sys_sendto+0x4a3/0x520 net/socket.c:2206
__do_sys_sendto net/socket.c:2213 [inline]
__se_sys_sendto net/socket.c:2209 [inline]
__x64_sys_sendto+0xe0/0x1c0 net/socket.c:2209
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcd/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f8f97d9165c
RSP: 002b:00007ffe3fe5d0e0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 00007f8f98b14620 RCX: 00007f8f97d9165c
RDX: 0000000000000028 RSI: 00007f8f98b14670 RDI: 0000000000000003
RBP: 0000000000000000 R08: 00007ffe3fe5d134 R09: 000000000000000c
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
R13: 0000000000000000 R14: 00007f8f98b14670 R15: 0000000000000000
</TASK>
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task syz-executor:2334 blocked for more than 146 seconds.
Tainted: G U I L syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor state:D stack:27656 pid:2334 tgid:2334 ppid:1 task_flags:0x400140 flags:0x00080002
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5260 [inline]
__schedule+0x1138/0x5ee0 kernel/sched/core.c:6867
__schedule_loop kernel/sched/core.c:6949 [inline]
schedule+0xe7/0x3a0 kernel/sched/core.c:6964
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7021
__mutex_lock_common kernel/locking/mutex.c:692 [inline]
__mutex_lock+0xc69/0x1ca0 kernel/locking/mutex.c:776
rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
inet_rtm_newaddr+0x30c/0x1540 net/ipv4/devinet.c:978
rtnetlink_rcv_msg+0x95e/0xe90 net/core/rtnetlink.c:6958
netlink_rcv_skb+0x158/0x420 net/netlink/af_netlink.c:2550
netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
netlink_unicast+0x5aa/0x870 net/netlink/af_netlink.c:1344
netlink_sendmsg+0x8c8/0xdd0 net/netlink/af_netlink.c:1894
sock_sendmsg_nosec net/socket.c:727 [inline]
__sock_sendmsg net/socket.c:742 [inline]
__sys_sendto+0x4a3/0x520 net/socket.c:2206
__do_sys_sendto net/socket.c:2213 [inline]
__se_sys_sendto net/socket.c:2209 [inline]
__x64_sys_sendto+0xe0/0x1c0 net/socket.c:2209
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcd/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f646d59165c
RSP: 002b:00007fffec594220 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 00007f646e314620 RCX: 00007f646d59165c
RDX: 0000000000000028 RSI: 00007f646e314670 RDI: 0000000000000003
RBP: 0000000000000000 R08: 00007fffec594274 R09: 000000000000000c
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
R13: 0000000000000000 R14: 00007f646e314670 R15: 0000000000000000
</TASK>
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
Showing all locks held in the system:
2 locks held by kworker/0:1/10:
1 lock held by khungtaskd/31:
#0: ffffffff8e3c94a0 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
#0: ffffffff8e3c94a0 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:867 [inline]
#0: ffffffff8e3c94a0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 kernel/locking/lockdep.c:6775
3 locks held by syz-executor/5820:
#0: ffff888078601948 (vm_lock){++++}-{0:0}, at: lock_vma_under_rcu+0x117/0x580 mm/mmap_lock.c:259
#1: ffff88814e634518 (sb_pagefaults){.+.+}-{0:0}, at: do_page_mkwrite+0x174/0x380 mm/memory.c:3531
#2: ffff88804795bf40 (mapping.invalidate_lock#2){++++}-{4:4}, at: filemap_invalidate_lock_shared include/linux/fs.h:1092 [inline]
#2: ffff88804795bf40 (mapping.invalidate_lock#2){++++}-{4:4}, at: ext4_page_mkwrite+0x353/0x1880 fs/ext4/inode.c:6670
2 locks held by kworker/0:3/5838:
2 locks held by kworker/0:7/5940:
3 locks held by kworker/u11:0/16490:
#0: ffff88814d738148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 kernel/workqueue.c:3232
#1: ffffc9000ede7c90 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20 kernel/workqueue.c:3233
#2: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#2: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_dad_work+0x120/0x14f0 net/ipv6/addrconf.c:4194
2 locks held by kworker/u11:1/16496:
#0: ffff88813ff69148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 kernel/workqueue.c:3232
#1: ffffc90018ae7c90 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20 kernel/workqueue.c:3233
3 locks held by kworker/u11:2/16497:
3 locks held by kworker/u11:3/16498:
3 locks held by kworker/u11:4/16499:
3 locks held by kworker/u11:6/16508:
3 locks held by kworker/u11:7/16516:
#0: ffff88813ff69948 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 kernel/workqueue.c:3232
#1: ffffc90002e37c90 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20 kernel/workqueue.c:3233
#2: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0x51/0xc0 net/core/link_watch.c:303
3 locks held by kworker/u11:9/16557:
3 locks held by kworker/u11:10/16580:
5 locks held by kworker/u11:12/16665:
3 locks held by kworker/u11:13/16712:
4 locks held by kworker/u12:1/16807:
#0: ffff888020f4b948 ((wq_completion)hci11#2){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 kernel/workqueue.c:3232
#1: ffffc90004c3fc90 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20 kernel/workqueue.c:3233
#2: ffff88802d1bc0c0 (&hdev->lock){+.+.}-{4:4}, at: le_conn_complete_evt+0xce/0x1fa0 net/bluetooth/hci_event.c:5689
#3: ffffffff903c39c8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm include/net/bluetooth/hci_core.h:2128 [inline]
#3: ffffffff903c39c8 (hci_cb_list_lock){+.+.}-{4:4}, at: le_conn_complete_evt+0x1921/0x1fa0 net/bluetooth/hci_event.c:5821
3 locks held by kworker/u11:14/17161:
3 locks held by kworker/0:9/18661:
#0: ffff88813ff55948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 kernel/workqueue.c:3232
#1: ffffc90003037c90 (deferred_process_work){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20 kernel/workqueue.c:3233
#2: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20 net/switchdev/switchdev.c:104
2 locks held by kworker/0:10/19967:
3 locks held by kworker/u11:15/21471:
1 lock held by syz.2.8385/23266:
#0: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: tun_detach drivers/net/tun.c:634 [inline]
#0: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x230 drivers/net/tun.c:3436
2 locks held by syz.0.8871/24301:
#0: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: tun_detach drivers/net/tun.c:634 [inline]
#0: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x230 drivers/net/tun.c:3436
#1: ffffffff8e3d4bf8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a3/0x3c0 kernel/rcu/tree_exp.h:343
2 locks held by getty/25953:
#0: ffff88814e4940a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 drivers/tty/tty_ldisc.c:243
#1: ffffc90002f322f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x1510 drivers/tty/n_tty.c:2211
4 locks held by kworker/u11:16/30046:
1 lock held by syz-executor/32583:
#0: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: tun_detach drivers/net/tun.c:634 [inline]
#0: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x230 drivers/net/tun.c:3436
4 locks held by kworker/u12:2/32585:
#0: ffff888032031948 ((wq_completion)hci7){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 kernel/workqueue.c:3232
#1: ffffc9000be5fc90 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20 kernel/workqueue.c:3233
#2: ffff88807bf7cec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x175/0x470 net/bluetooth/hci_sync.c:331
#3: ffff88807bf7c0c0 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x13f/0xb20 net/bluetooth/hci_sync.c:5703
2 locks held by kworker/u11:17/413:
#0: ffff88813ff69148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 kernel/workqueue.c:3232
#1: ffffc9000467fc90 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20 kernel/workqueue.c:3233
3 locks held by syz.3.13494/2180:
#0: ffff8880277b4ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_close+0x26/0xc0 net/bluetooth/hci_core.c:499
#1: ffff8880277b40c0 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x3af/0x1260 net/bluetooth/hci_sync.c:5315
#2: ffffffff903c39c8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_disconn_cfm include/net/bluetooth/hci_core.h:2143 [inline]
#2: ffffffff903c39c8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xbb/0x290 net/bluetooth/hci_conn.c:2637
3 locks held by syz-executor/2241:
#0: ffff88807c57cec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_close+0x26/0xc0 net/bluetooth/hci_core.c:499
#1: ffff88807c57c0c0 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x3af/0x1260 net/bluetooth/hci_sync.c:5315
#2: ffffffff903c39c8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_disconn_cfm include/net/bluetooth/hci_core.h:2143 [inline]
#2: ffffffff903c39c8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xbb/0x290 net/bluetooth/hci_conn.c:2637
4 locks held by kworker/u12:3/2245:
#0: ffff8880471bb948 ((wq_completion)hci3#2){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 kernel/workqueue.c:3232
#1: ffffc9000cfcfc90 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20 kernel/workqueue.c:3233
#2: ffff88805b8080c0 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x94/0x9c0 net/bluetooth/hci_event.c:3695
#3: ffffffff903c39c8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm include/net/bluetooth/hci_core.h:2128 [inline]
#3: ffffffff903c39c8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x498/0x9c0 net/bluetooth/hci_event.c:3729
4 locks held by kworker/u12:4/2246:
#0: ffff88801f73c148 ((wq_completion)hci10#2){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 kernel/workqueue.c:3232
#1: ffffc9000cfbfc90 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20 kernel/workqueue.c:3233
#2: ffff888033f280c0 (&hdev->lock){+.+.}-{4:4}, at: le_conn_complete_evt+0xce/0x1fa0 net/bluetooth/hci_event.c:5689
#3: ffffffff903c39c8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm include/net/bluetooth/hci_core.h:2128 [inline]
#3: ffffffff903c39c8 (hci_cb_list_lock){+.+.}-{4:4}, at: le_conn_complete_evt+0x1921/0x1fa0 net/bluetooth/hci_event.c:5821
6 locks held by kworker/u12:5/2247:
#0: ffff888020f4f148 ((wq_completion)hci0){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 kernel/workqueue.c:3232
#1: ffffc9000cfafc90 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20 kernel/workqueue.c:3233
#2: ffff8880267f0ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x175/0x470 net/bluetooth/hci_sync.c:331
#3: ffff8880267f00c0 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x13f/0xb20 net/bluetooth/hci_sync.c:5703
#4: ffffffff903c39c8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm include/net/bluetooth/hci_core.h:2128 [inline]
#4: ffffffff903c39c8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x14f/0x360 net/bluetooth/hci_conn.c:1336
#5: ffff88802865eb38 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x80/0x760 net/bluetooth/l2cap_core.c:1763
4 locks held by kworker/u12:6/2249:
#0: ffff88805d4d1148 ((wq_completion)hci2#2){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 kernel/workqueue.c:3232
#1: ffffc9000d017c90 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20 kernel/workqueue.c:3233
#2: ffff88804c39c0c0 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x94/0x9c0 net/bluetooth/hci_event.c:3695
#3: ffffffff903c39c8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm include/net/bluetooth/hci_core.h:2128 [inline]
#3: ffffffff903c39c8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x498/0x9c0 net/bluetooth/hci_event.c:3729
4 locks held by kworker/u12:7/2250:
#0: ffff88801f738148 ((wq_completion)hci9#2){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 kernel/workqueue.c:3232
#1: ffffc9000c6f7c90 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20 kernel/workqueue.c:3233
#2: ffff88805ee680c0 (&hdev->lock){+.+.}-{4:4}, at: le_conn_complete_evt+0xce/0x1fa0 net/bluetooth/hci_event.c:5689
#3: ffffffff903c39c8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm include/net/bluetooth/hci_core.h:2128 [inline]
#3: ffffffff903c39c8 (hci_cb_list_lock){+.+.}-{4:4}, at: le_conn_complete_evt+0x1921/0x1fa0 net/bluetooth/hci_event.c:5821
8 locks held by kworker/u11:19/2260:
3 locks held by kworker/u11:21/2266:
1 lock held by syz-executor/2288:
#0: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock net/core/rtnetlink.c:80 [inline]
#0: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_nets_lock net/core/rtnetlink.c:341 [inline]
#0: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x5f6/0x1f50 net/core/rtnetlink.c:4071
1 lock held by syz-executor/2289:
#0: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock net/core/rtnetlink.c:80 [inline]
#0: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_nets_lock net/core/rtnetlink.c:341 [inline]
#0: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x5f6/0x1f50 net/core/rtnetlink.c:4071
1 lock held by syz-executor/2293:
#0: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock net/core/rtnetlink.c:80 [inline]
#0: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_nets_lock net/core/rtnetlink.c:341 [inline]
#0: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x5f6/0x1f50 net/core/rtnetlink.c:4071
4 locks held by kworker/u11:24/2300:
2 locks held by modprobe/2315:
1 lock held by modprobe/2316:
4 locks held by kworker/u11:25/2317:
3 locks held by kworker/u11:26/2319:
5 locks held by kworker/u12:9/2321:
#0: ffff888032035948 ((wq_completion)hci5){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 kernel/workqueue.c:3232
#1: ffffc9000b84fc90 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20 kernel/workqueue.c:3233
#2: ffff888042988ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x175/0x470 net/bluetooth/hci_sync.c:331
#3: ffff8880429880c0 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x13f/0xb20 net/bluetooth/hci_sync.c:5703
#4: ffffffff903c39c8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm include/net/bluetooth/hci_core.h:2128 [inline]
#4: ffffffff903c39c8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x14f/0x360 net/bluetooth/hci_conn.c:1336
3 locks held by kworker/u11:27/2322:
3 locks held by kworker/u11:28/2323:
4 locks held by kworker/u12:10/2325:
#0: ffff888030d20148 ((wq_completion)hci12#4){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 kernel/workqueue.c:3232
#1: ffffc90003927c90 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20 kernel/workqueue.c:3233
#2: ffff8880793e00c0 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x94/0x9c0 net/bluetooth/hci_event.c:3695
#3: ffffffff903c39c8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm include/net/bluetooth/hci_core.h:2128 [inline]
#3: ffffffff903c39c8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x498/0x9c0 net/bluetooth/hci_event.c:3729
1 lock held by syz-executor/2332:
#0: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#0: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 net/ipv4/devinet.c:978
1 lock held by syz-executor/2334:
#0: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#0: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 net/ipv4/devinet.c:978
4 locks held by kworker/u12:12/2339:
#0: ffff88805e3ee148 ((wq_completion)hci15#2){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 kernel/workqueue.c:3232
#1: ffffc90003387c90 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20 kernel/workqueue.c:3233
#2: ffff8880287b00c0 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x94/0x9c0 net/bluetooth/hci_event.c:3695
#3: ffffffff903c39c8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm include/net/bluetooth/hci_core.h:2128 [inline]
#3: ffffffff903c39c8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x498/0x9c0 net/bluetooth/hci_event.c:3729
2 locks held by kworker/0:24/2350:
4 locks held by kworker/1:7/2360:
#0: ffff888061565d48 ((wq_completion)wg-kex-wg0#10){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 kernel/workqueue.c:3232
#1: ffffc90003f57c90 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __asm__ ("" : "=r"(__ptr) : "0"((__typeof__(*((worker))) *)(( unsigned long)((worker))))); (typeof((__typeof__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20 kernel/workqueue.c:3233
#2: ffff88807f189308 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_response+0x22b/0x950 drivers/net/wireguard/noise.c:742
#3: ffff888061b41708 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_response+0x2f7/0x950 drivers/net/wireguard/noise.c:753
1 lock held by dhcpcd/2365:
#0: ffff88807a703008 (&sb->s_type->i_mutex_key#13){+.+.}-{4:4}, at: inode_lock include/linux/fs.h:1027 [inline]
#0: ffff88807a703008 (&sb->s_type->i_mutex_key#13){+.+.}-{4:4}, at: __sock_release+0x86/0x270 net/socket.c:661
1 lock held by dhcpcd/2366:
#0: ffff88807a705288 (&sb->s_type->i_mutex_key#13){+.+.}-{4:4}, at: inode_lock include/linux/fs.h:1027 [inline]
#0: ffff88807a705288 (&sb->s_type->i_mutex_key#13){+.+.}-{4:4}, at: __sock_release+0x86/0x270 net/socket.c:661
1 lock held by dhcpcd/2367:
#0: ffff88807a703b88 (&sb->s_type->i_mutex_key#13){+.+.}-{4:4}, at: inode_lock include/linux/fs.h:1027 [inline]
#0: ffff88807a703b88 (&sb->s_type->i_mutex_key#13){+.+.}-{4:4}, at: __sock_release+0x86/0x270 net/socket.c:661
1 lock held by dhcpcd/2368:
#0: ffff888061db1348 (&sb->s_type->i_mutex_key#13){+.+.}-{4:4}, at: inode_lock include/linux/fs.h:1027 [inline]
#0: ffff888061db1348 (&sb->s_type->i_mutex_key#13){+.+.}-{4:4}, at: __sock_release+0x86/0x270 net/socket.c:661
2 locks held by dhcpcd/2369:
#0: ffff888061db0208 (&sb->s_type->i_mutex_key#13){+.+.}-{4:4}, at: inode_lock include/linux/fs.h:1027 [inline]
#0: ffff888061db0208 (&sb->s_type->i_mutex_key#13){+.+.}-{4:4}, at: __sock_release+0x86/0x270 net/socket.c:661
#1: ffffffff8e3d4bf8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a3/0x3c0 kernel/rcu/tree_exp.h:343
1 lock held by syz-executor/2374:
#0: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#0: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 net/ipv4/devinet.c:978
1 lock held by syz-executor/2377:
#0: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#0: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 net/ipv4/devinet.c:978
1 lock held by syz-executor/2379:
#0: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#0: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 net/ipv4/devinet.c:978
1 lock held by syz-executor/2383:
#0: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#0: ffffffff90145da8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 net/ipv4/devinet.c:978
4 locks held by kworker/u12:15/2385:
#0: ffff88805e3e9148 ((wq_completion)hci14#2){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 kernel/workqueue.c:3232
#1: ffffc9000353fc90 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20 kernel/workqueue.c:3233
#2: ffff8880266200c0 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x94/0x9c0 net/bluetooth/hci_event.c:3695
#3: ffffffff903c39c8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm include/net/bluetooth/hci_core.h:2128 [inline]
#3: ffffffff903c39c8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x498/0x9c0 net/bluetooth/hci_event.c:3729
4 locks held by kworker/u12:17/2387:
#0: ffff888030d24948 ((wq_completion)hci13#2){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 kernel/workqueue.c:3232
#1: ffffc900035e7c90 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20 kernel/workqueue.c:3233
#2: ffff8880470880c0 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x94/0x9c0 net/bluetooth/hci_event.c:3695
#3: ffffffff903c39c8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm include/net/bluetooth/hci_core.h:2128 [inline]
#3: ffffffff903c39c8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x498/0x9c0 net/bluetooth/hci_event.c:3729
=============================================
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Tainted: G U I L syzkaller #0 PREEMPT(full)
Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:94 [inline]
dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120
nmi_cpu_backtrace+0x27b/0x390 lib/nmi_backtrace.c:113
nmi_trigger_cpumask_backtrace+0x29c/0x300 lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:161 [inline]
__sys_info lib/sys_info.c:157 [inline]
sys_info+0x133/0x180 lib/sys_info.c:165
check_hung_uninterruptible_tasks kernel/hung_task.c:346 [inline]
watchdog+0xe66/0x1180 kernel/hung_task.c:515
kthread+0x3c5/0x780 kernel/kthread.c:463
ret_from_fork+0x983/0xb10 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
</TASK>
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 2260 Comm: kworker/u11:19 Tainted: G U I L syzkaller #0 PREEMPT(full)
Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
Workqueue: wg-kex-wg1 wg_packet_handshake_send_worker
RIP: 0010:rcu_is_watching_curr_cpu include/linux/context_tracking.h:128 [inline]
RIP: 0010:rcu_is_watching+0x41/0xc0 kernel/rcu/tree.c:751
Code: b3 93 89 c5 83 f8 07 0f 87 82 00 00 00 48 8d 3c ed 20 5f d7 8d 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 <75> 5c 48 03 1c ed 20 5f d7 8d 48 b8 00 00 00 00 00 fc ff df 48 89
RSP: 0018:ffffc90000007480 EFLAGS: 00000246
RAX: dffffc0000000000 RBX: ffffffff93b3d9e8 RCX: ffffffff8a4e3ae7
RDX: 1ffffffff1baebe4 RSI: ffffffff8bf2b480 RDI: ffffffff8dd75f20
RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000
R10: 0000000000000001 R11: ffff888027504830 R12: 0000000000000001
R13: ffff8880614b26dc R14: 0000000000000400 R15: ffffc900000075c0
FS: 0000000000000000(0000) GS:ffff8881248f6000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f170e5a9e9c CR3: 000000000e184000 CR4: 00000000003526f0
Call Trace:
<IRQ>
rcu_read_lock include/linux/rcupdate.h:868 [inline]
net_generic+0x10a/0x2a0 include/net/netns/generic.h:45
is_vlan_ip net/bridge/br_netfilter_hooks.c:93 [inline]
br_nf_forward+0xf1/0x1be0 net/bridge/br_netfilter_hooks.c:768
nf_hook_entry_hookfn include/linux/netfilter.h:158 [inline]
nf_hook_slow+0xbe/0x200 net/netfilter/core.c:623
nf_hook+0x45e/0x780 include/linux/netfilter.h:273
NF_HOOK include/linux/netfilter.h:316 [inline]
__br_forward+0x1be/0x5b0 net/bridge/br_forward.c:115
deliver_clone net/bridge/br_forward.c:131 [inline]
br_flood+0x39c/0x650 net/bridge/br_forward.c:250
br_handle_frame_finish+0x1117/0x1f00 net/bridge/br_input.c:229
nf_hook_bridge_pre net/bridge/br_input.c:313 [inline]
br_handle_frame+0xdde/0x14e0 net/bridge/br_input.c:442
__netif_receive_skb_core.constprop.0+0x6b3/0x35b0 net/core/dev.c:6039
__netif_receive_skb_one_core+0xb0/0x1e0 net/core/dev.c:6150
__netif_receive_skb+0x1d/0x160 net/core/dev.c:6265
process_backlog+0x4ab/0x1650 net/core/dev.c:6617
__napi_poll.constprop.0+0xb3/0x540 net/core/dev.c:7681
napi_poll net/core/dev.c:7744 [inline]
net_rx_action+0x9f9/0xfa0 net/core/dev.c:7896
handle_softirqs+0x219/0x950 kernel/softirq.c:622
do_softirq kernel/softirq.c:523 [inline]
do_softirq+0xb2/0xf0 kernel/softirq.c:510
</IRQ>
<TASK>
__local_bh_enable_ip+0x100/0x120 kernel/softirq.c:450
local_bh_enable include/linux/bottom_half.h:33 [inline]
fpregs_unlock arch/x86/include/asm/fpu/api.h:77 [inline]
kernel_fpu_end arch/x86/kernel/fpu/core.c:506 [inline]
kernel_fpu_end+0x5e/0x70 arch/x86/kernel/fpu/core.c:499
blake2s_compress+0x77/0xe0 lib/crypto/x86/blake2s.h:42
blake2s_update+0xef/0x300 lib/crypto/blake2s.c:119
hmac.constprop.0+0x23f/0x420 drivers/net/wireguard/noise.c:324
kdf.constprop.0+0x1a1/0x280 drivers/net/wireguard/noise.c:375
mix_precomputed_dh drivers/net/wireguard/noise.c:426 [inline]
wg_noise_handshake_create_initiation+0x406/0x610 drivers/net/wireguard/noise.c:560
wg_packet_send_handshake_initiation+0x19a/0x360 drivers/net/wireguard/send.c:34
wg_packet_handshake_send_worker+0x1c/0x30 drivers/net/wireguard/send.c:51
process_one_work+0x9ba/0x1b20 kernel/workqueue.c:3257
process_scheduled_works kernel/workqueue.c:3340 [inline]
worker_thread+0x6c8/0xf10 kernel/workqueue.c:3421
kthread+0x3c5/0x780 kernel/kthread.c:463
ret_from_fork+0x983/0xb10 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
</TASK>