poison_kmalloc_redzone mm/kasan/common.c:370 [inline]
__kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:387
rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P11322/1:b..l
rcu: (detected by 1, t=10502 jiffies, g=67433, q=420 ncpus=2)
task:syz-executor.1 state:R running task stack:25264 pid:11322 tgid:11318 ppid:9657 flags:0x00004006
Call Trace:
context_switch kernel/sched/core.c:5192 [inline]
__schedule+0x17e8/0x4a20 kernel/sched/core.c:6529
preempt_schedule_irq+0xfb/0x1c0 kernel/sched/core.c:6851
irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:ip_vs_conn_flush net/netfilter/ipvs/ip_vs_conn.c:1393 [inline]
RIP: 0010:ip_vs_conn_net_cleanup+0x39e/0x560 net/netfilter/ipvs/ip_vs_conn.c:1475
Code: ff 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c 20 ff ff ff 48 89 ef e8 33 64 1c f8 e9 13 ff ff ff e8 89 55 b6 f7 eb 05 e8 82 55 b6 f7 ed f3 ff ff 48 8b 5c 24 20 48 ff c3 48 63 05 8e 8d d2 05 48 39
RSP: 0018:ffffc9000cc3fae8 EFLAGS: 00000246
RAX: ffffffff89dcf26e RBX: 0000000000000000 RCX: 0000000000040000
RDX: ffffc90010799000 RSI: 000000000003ffff RDI: 0000000000040000
RBP: 1ffff1100c761329 R08: ffffffff89dce748 R09: 1ffffffff25f96e8
R10: dffffc0000000000 R11: fffffbfff25f96e9 R12: ffff8880685a6000
R13: dffffc0000000000 R14: ffffc9000cc3fbe0 R15: dffffc0000000000
__ip_vs_cleanup_batch+0x74/0x100 net/netfilter/ipvs/ip_vs_core.c:2351
ops_exit_list net/core/net_namespace.c:178 [inline]
setup_net+0xa3b/0xca0 net/core/net_namespace.c:375
copy_net_ns+0x4e2/0x7b0 net/core/net_namespace.c:508
create_new_namespaces+0x425/0x7b0 kernel/nsproxy.c:110
unshare_nsproxy_namespaces+0x124/0x180 kernel/nsproxy.c:228
ksys_unshare+0x619/0xc10 kernel/fork.c:3304
__do_sys_unshare kernel/fork.c:3375 [inline]
__se_sys_unshare kernel/fork.c:3373 [inline]
__x64_sys_unshare+0x38/0x40 kernel/fork.c:3373
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f675d87cea9
RSP: 002b:00007f675e5ea0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
RAX: ffffffffffffffda RBX: 00007f675d9b41f0 RCX: 00007f675d87cea9
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000062040200
RBP: 00007f675d8ebff4 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000006e R14: 00007f675d9b41f0 R15: 00007ffc3be432c8
rcu: rcu_preempt kthread starved for 10532 jiffies! g67433 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt state:R running task stack:25136 pid:17 tgid:17 ppid:2 flags:0x00004000
Call Trace:
context_switch kernel/sched/core.c:5192 [inline]
__schedule+0x17e8/0x4a20 kernel/sched/core.c:6529
__schedule_loop kernel/sched/core.c:6606 [inline]
schedule+0x14b/0x320 kernel/sched/core.c:6621
schedule_timeout+0x1be/0x310 kernel/time/timer.c:2581
rcu_gp_fqs_loop+0x2df/0x1330 kernel/rcu/tree.c:2029
rcu_gp_kthread+0xa7/0x3b0 kernel/rcu/tree.c:2231
kthread+0x2f0/0x390 kernel/kthread.c:389
ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:144
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
rcu: Stack dump where RCU GP kthread last ran:
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0 skipped: idling at native_safe_halt arch/x86/include/asm/irqflags.h:48 [inline]
NMI backtrace for cpu 0 skipped: idling at arch_safe_halt arch/x86/include/asm/irqflags.h:86 [inline]
NMI backtrace for cpu 0 skipped: idling at acpi_safe_halt+0x21/0x30 drivers/acpi/processor_idle.c:112
kasan_kmalloc include/linux/kasan.h:211 [inline]
__kmalloc_cache_noprof+0x19c/0x2c0 mm/slub.c:4171
kmalloc_noprof include/linux/slab.h:660 [inline]
kzalloc_noprof include/linux/slab.h:778 [inline]
dropmon_net_event+0x220/0x2a0 net/core/drop_monitor.c:1583
notifier_call_chain+0x19f/0x3e0 kernel/notifier.c:93
call_netdevice_notifiers_extack net/core/dev.c:2030 [inline]
call_netdevice_notifiers net/core/dev.c:2044 [inline]
register_netdevice+0x1570/0x19e0 net/core/dev.c:10408
vxcan_newlink+0x4f2/0x610 drivers/net/can/vxcan.c:244
rtnl_newlink_create net/core/rtnetlink.c:3596 [inline]
__rtnl_newlink net/core/rtnetlink.c:3816 [inline]
rtnl_newlink+0x16c7/0x22b0 net/core/rtnetlink.c:3829
rtnetlink_rcv_msg+0x892/0x1170 net/core/rtnetlink.c:6727
netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2550
netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]
netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1357
netlink_sendmsg+0x8db/0xcb0 net/netlink/af_netlink.c:1901
sock_sendmsg_nosec net/socket.c:730 [inline]
__sock_sendmsg+0x221/0x270 net/socket.c:745
__sys_sendto+0x3a4/0x4f0 net/socket.c:2192
__do_sys_sendto net/socket.c:2204 [inline]
__se_sys_sendto net/socket.c:2200 [inline]
__x64_sys_sendto+0xde/0x100 net/socket.c:2200
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7ff4c707eb9c
RSP: 002b:00007ffc39c21c00 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 00007ff4c7ce4620 RCX: 00007ff4c707eb9c
RDX: 000000000000003c RSI: 00007ff4c7ce4670 RDI: 0000000000000003
RBP: 0000000000000000 R08: 00007ffc39c21c54 R09: 000000000000000c
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
R13: 0000000000000000 R14: 00007ff4c7ce4670 R15: 0000000000000000
Showing all locks held in the system:
5 locks held by kworker/u8:7/2446:
#0: ffff888015ed5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3223 [inline]
#0: ffff888015ed5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3329
#1: ffffc900093f7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3224 [inline]
#1: ffffc900093f7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3329
#2: ffffffff8f5e2c90 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 net/core/net_namespace.c:594
#3: ffff888020155408 (&wg->device_update_lock){+.+.}-{3:3}, at: wg_destruct+0x110/0x2e0 drivers/net/wireguard/device.c:249
#4: ffffffff8e33a740 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x4c/0x530 kernel/rcu/tree.c:4480
2 locks held by getty/4842:
#0: ffff88802afd60a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243
#1: ffffc90002f162f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 drivers/tty/n_tty.c:2211
6 locks held by kworker/1:14/6152:
1 lock held by syz-executor.0/11244:
2 locks held by syz-executor.1/11322:
1 lock held by syz-executor.2/11341:
4 locks held by syz-executor.4/11343:
#0: ffffffff8eb384a8 (reading_mutex){+.+.}-{3:3}, at: rng_dev_read+0x171/0x6d0 drivers/char/hw_random/core.c:219
#1: ffffc90000a18c00 (net/core/rtnetlink.c:82){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 kernel/time/timer.c:1789
#2: ffffffff8e3354a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:326 [inline]
#2: ffffffff8e3354a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:838 [inline]
#2: ffffffff8e3354a0 (rcu_read_lock){....}-{1:2}, at: report_rtnl_holders+0x20/0x2d0 net/core/rtnetlink.c:95
#3: ffffffff8e3354a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:326 [inline]
#3: ffffffff8e3354a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:838 [inline]
#3: ffffffff8e3354a0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 kernel/locking/lockdep.c:6689
1 lock held by syz-executor.4/11344:
=============================================
DEBUG: holding rtnl_mutex for 10716 jiffies.
task:syz-executor.0 state:R running task stack:18808 pid:11244 tgid:11244 ppid:11231 flags:0x00004002
Call Trace:
context_switch kernel/sched/core.c:5192 [inline]
__schedule+0x17e8/0x4a20 kernel/sched/core.c:6529
preempt_schedule_irq+0xfb/0x1c0 kernel/sched/core.c:6851
irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:kernel_text_address+0x36/0xe0 kernel/extable.c:133
Code: c7 c0 00 00 00 81 bd 01 00 00 00 48 39 c7 72 0c 48 c7 c0 00 00 c0 8b 48 39 c3 72 0c 48 89 df e8 80 ac a1 ff 85 c0 74 0b 89 e8 <5b> 41 5e 5d c3 cc cc cc cc 48 c7 c0 c0 b2 ad 8f 48 c1 e8 03 48 b9
RSP: 0000:ffffc9000bcb6768 EFLAGS: 00000283
RAX: 0000000000000001 RBX: ffffffff89626e07 RCX: ffff8880547a9e00
RDX: ffff8880547a9e00 RSI: 0000000000000001 RDI: ffffffff89626e07
RBP: 0000000000000001 R08: ffffffff8140de67 R09: ffffffff8140f95f
R10: 0000000000000003 R11: ffff8880547a9e00 R12: ffff8880547a9e00
R13: ffffffff817ef6f0 R14: dffffc0000000000 R15: 1ffff92001796d01
__kernel_text_address+0xd/0x40 kernel/extable.c:79
unwind_get_return_address+0x5d/0xc0 arch/x86/kernel/unwind_orc.c:369
arch_stack_walk+0x125/0x1b0 arch/x86/kernel/stacktrace.c:26
stack_trace_save+0x118/0x1d0 kernel/stacktrace.c:122
kasan_save_stack mm/kasan/common.c:47 [inline]
kasan_save_track+0x3f/0x80 mm/kasan/common.c:68
poison_kmalloc_redzone mm/kasan/common.c:370 [inline]
__kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:387
kasan_kmalloc include/linux/kasan.h:211 [inline]
__kmalloc_cache_noprof+0x19c/0x2c0 mm/slub.c:4171
kmalloc_noprof include/linux/slab.h:660 [inline]
kzalloc_noprof include/linux/slab.h:778 [inline]
dropmon_net_event+0x220/0x2a0 net/core/drop_monitor.c:1583
notifier_call_chain+0x19f/0x3e0 kernel/notifier.c:93
call_netdevice_notifiers_extack net/core/dev.c:2030 [inline]
call_netdevice_notifiers net/core/dev.c:2044 [inline]
register_netdevice+0x1570/0x19e0 net/core/dev.c:10408
vxcan_newlink+0x4f2/0x610 drivers/net/can/vxcan.c:244
rtnl_newlink_create net/core/rtnetlink.c:3596 [inline]
__rtnl_newlink net/core/rtnetlink.c:3816 [inline]
rtnl_newlink+0x16c7/0x22b0 net/core/rtnetlink.c:3829
rtnetlink_rcv_msg+0x892/0x1170 net/core/rtnetlink.c:6727
netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2550
netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]
netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1357
netlink_sendmsg+0x8db/0xcb0 net/netlink/af_netlink.c:1901
sock_sendmsg_nosec net/socket.c:730 [inline]
__sock_sendmsg+0x221/0x270 net/socket.c:745
__sys_sendto+0x3a4/0x4f0 net/socket.c:2192
__do_sys_sendto net/socket.c:2204 [inline]
__se_sys_sendto net/socket.c:2200 [inline]
__x64_sys_sendto+0xde/0x100 net/socket.c:2200
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7ff4c707eb9c
RSP: 002b:00007ffc39c21c00 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 00007ff4c7ce4620 RCX: 00007ff4c707eb9c
RDX: 000000000000003c RSI: 00007ff4c7ce4670 RDI: 0000000000000003
RBP: 0000000000000000 R08: 00007ffc39c21c54 R09: 000000000000000c
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
R13: 0000000000000000 R14: 00007ff4c7ce4670 R15: 0000000000000000
Showing all locks held in the system:
5 locks held by kworker/u8:7/2446:
#0: ffff888015ed5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3223 [inline]
#0: ffff888015ed5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3329
#1: ffffc900093f7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3224 [inline]
#1: ffffc900093f7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3329
#2: ffffffff8f5e2c90 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 net/core/net_namespace.c:594
#3: ffff888020155408 (&wg->device_update_lock){+.+.}-{3:3}, at: wg_destruct+0x110/0x2e0 drivers/net/wireguard/device.c:249
#4: ffffffff8e33a740 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x4c/0x530 kernel/rcu/tree.c:4480
2 locks held by getty/4842:
#0: ffff88802afd60a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243
#1: ffffc90002f162f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 drivers/tty/n_tty.c:2211
6 locks held by kworker/1:14/6152:
1 lock held by syz-executor.0/11244:
2 locks held by syz-executor.1/11322:
1 lock held by syz-executor.2/11341:
4 locks held by syz-executor.4/11343:
#0: ffffffff8eb384a8 (reading_mutex){+.+.}-{3:3}, at: rng_dev_read+0x171/0x6d0 drivers/char/hw_random/core.c:219
#1: ffffc90000a18c00 (net/core/rtnetlink.c:82){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 kernel/time/timer.c:1789
#2: ffffffff8e3354a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:326 [inline]
#2: ffffffff8e3354a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:838 [inline]
#2: ffffffff8e3354a0 (rcu_read_lock){....}-{1:2}, at: report_rtnl_holders+0x20/0x2d0 net/core/rtnetlink.c:95
#3: ffffffff8e3354a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:326 [inline]
#3: ffffffff8e3354a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:838 [inline]
#3: ffffffff8e3354a0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 kernel/locking/lockdep.c:6689
1 lock held by syz-executor.4/11344:
=============================================
DEBUG: holding rtnl_mutex for 10900 jiffies.
task:syz-executor.0 state:R running task stack:18808 pid:11244 tgid:11244 ppid:11231 flags:0x00004002
Call Trace:
context_switch kernel/sched/core.c:5192 [inline]
__schedule+0x17e8/0x4a20 kernel/sched/core.c:6529
preempt_schedule_irq+0xfb/0x1c0 kernel/sched/core.c:6851
irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:kernel_text_address+0x36/0xe0 kernel/extable.c:133
Code: c7 c0 00 00 00 81 bd 01 00 00 00 48 39 c7 72 0c 48 c7 c0 00 00 c0 8b 48 39 c3 72 0c 48 89 df e8 80 ac a1 ff 85 c0 74 0b 89 e8 <5b> 41 5e 5d c3 cc cc cc cc 48 c7 c0 c0 b2 ad 8f 48 c1 e8 03 48 b9
RSP: 0000:ffffc9000bcb6768 EFLAGS: 00000283
RAX: 0000000000000001 RBX: ffffffff89626e07 RCX: ffff8880547a9e00
RDX: ffff8880547a9e00 RSI: 0000000000000001 RDI: ffffffff89626e07
RBP: 0000000000000001 R08: ffffffff8140de67 R09: ffffffff8140f95f
R10: 0000000000000003 R11: ffff8880547a9e00 R12: ffff8880547a9e00
R13: ffffffff817ef6f0 R14: dffffc0000000000 R15: 1ffff92001796d01
__kernel_text_address+0xd/0x40 kernel/extable.c:79
unwind_get_return_address+0x5d/0xc0 arch/x86/kernel/unwind_orc.c:369
arch_stack_walk+0x125/0x1b0 arch/x86/kernel/stacktrace.c:26
stack_trace_save+0x118/0x1d0 kernel/stacktrace.c:122
kasan_save_stack mm/kasan/common.c:47 [inline]
kasan_save_track+0x3f/0x80 mm/kasan/common.c:68
poison_kmalloc_redzone mm/kasan/common.c:370 [inline]
__kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:387
kasan_kmalloc include/linux/kasan.h:211 [inline]
__kmalloc_cache_noprof+0x19c/0x2c0 mm/slub.c:4171
kmalloc_noprof include/linux/slab.h:660 [inline]
kzalloc_noprof include/linux/slab.h:778 [inline]
dropmon_net_event+0x220/0x2a0 net/core/drop_monitor.c:1583
notifier_call_chain+0x19f/0x3e0 kernel/notifier.c:93
call_netdevice_notifiers_extack net/core/dev.c:2030 [inline]
call_netdevice_notifiers net/core/dev.c:2044 [inline]
register_netdevice+0x1570/0x19e0 net/core/dev.c:10408
vxcan_newlink+0x4f2/0x610 drivers/net/can/vxcan.c:244
rtnl_newlink_create net/core/rtnetlink.c:3596 [inline]
__rtnl_newlink net/core/rtnetlink.c:3816 [inline]
rtnl_newlink+0x16c7/0x22b0 net/core/rtnetlink.c:3829
rtnetlink_rcv_msg+0x892/0x1170 net/core/rtnetlink.c:6727
netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2550
netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]
netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1357
netlink_sendmsg+0x8db/0xcb0 net/netlink/af_netlink.c:1901
sock_sendmsg_nosec net/socket.c:730 [inline]
__sock_sendmsg+0x221/0x270 net/socket.c:745
__sys_sendto+0x3a4/0x4f0 net/socket.c:2192
__do_sys_sendto net/socket.c:2204 [inline]
__se_sys_sendto net/socket.c:2200 [inline]
__x64_sys_sendto+0xde/0x100 net/socket.c:2200
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7ff4c707eb9c
RSP: 002b:00007ffc39c21c00 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 00007ff4c7ce4620 RCX: 00007ff4c707eb9c
RDX: 000000000000003c RSI: 00007ff4c7ce4670 RDI: 0000000000000003
RBP: 0000000000000000 R08: 00007ffc39c21c54 R09: 000000000000000c
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
R13: 0000000000000000 R14: 00007ff4c7ce4670 R15: 0000000000000000
Showing all locks held in the system:
5 locks held by kworker/u8:7/2446:
#0: ffff888015ed5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3223 [inline]
#0: ffff888015ed5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3329
#1: ffffc900093f7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3224 [inline]
#1: ffffc900093f7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3329
#2: ffffffff8f5e2c90 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 net/core/net_namespace.c:594
#3: ffff888020155408 (&wg->device_update_lock){+.+.}-{3:3}, at: wg_destruct+0x110/0x2e0 drivers/net/wireguard/device.c:249
#4: ffffffff8e33a740 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x4c/0x530 kernel/rcu/tree.c:4480
2 locks held by getty/4842:
#0: ffff88802afd60a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243
#1: ffffc90002f162f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 drivers/tty/n_tty.c:2211
6 locks held by kworker/1:14/6152:
1 lock held by syz-executor.0/11244:
2 locks held by syz-executor.1/11322:
1 lock held by syz-executor.2/11341:
4 locks held by syz-executor.4/11343:
#0: ffffffff8eb384a8 (reading_mutex){+.+.}-{3:3}, at: rng_dev_read+0x171/0x6d0 drivers/char/hw_random/core.c:219
#1: ffffc90000a18c00 (net/core/rtnetlink.c:82){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 kernel/time/timer.c:1789
#2: ffffffff8e3354a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:326 [inline]
#2: ffffffff8e3354a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:838 [inline]
#2: ffffffff8e3354a0 (rcu_read_lock){....}-{1:2}, at: report_rtnl_holders+0x20/0x2d0 net/core/rtnetlink.c:95
#3: ffffffff8e3354a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:326 [inline]
#3: ffffffff8e3354a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:838 [inline]
#3: ffffffff8e3354a0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 kernel/locking/lockdep.c:6689
1 lock held by syz-executor.4/11344:
=============================================
DEBUG: holding rtnl_mutex for 11084 jiffies.
task:syz-executor.0 state:R running task stack:18808 pid:11244 tgid:11244 ppid:11231 flags:0x00004002
Call Trace:
context_switch kernel/sched/core.c:5192 [inline]
__schedule+0x17e8/0x4a20 kernel/sched/core.c:6529
preempt_schedule_irq+0xfb/0x1c0 kernel/sched/core.c:6851
irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:kernel_text_address+0x36/0xe0 kernel/extable.c:133
Code: c7 c0 00 00 00 81 bd 01 00 00 00 48 39 c7 72 0c 48 c7 c0 00 00 c0 8b 48 39 c3 72 0c 48 89 df e8 80 ac a1 ff 85 c0 74 0b 89 e8 <5b> 41 5e 5d c3 cc cc cc cc 48 c7 c0 c0 b2 ad 8f 48 c1 e8 03 48 b9
RSP: 0000:ffffc9000bcb6768 EFLAGS: 00000283
RAX: 0000000000000001 RBX: ffffffff89626e07 RCX: ffff8880547a9e00
RDX: ffff8880547a9e00 RSI: 0000000000000001 RDI: ffffffff89626e07
RBP: 0000000000000001 R08: ffffffff8140de67 R09: ffffffff8140f95f
R10: 0000000000000003 R11: ffff8880547a9e00 R12: ffff8880547a9e00
R13: ffffffff817ef6f0 R14: dffffc0000000000 R15: 1ffff92001796d01
__kernel_text_address+0xd/0x40 kernel/extable.c:79
unwind_get_return_address+0x5d/0xc0 arch/x86/kernel/unwind_orc.c:369
arch_stack_walk+0x125/0x1b0 arch/x86/kernel/stacktrace.c:26
stack_trace_save+0x118/0x1d0 kernel/stacktrace.c:122
kasan_save_stack mm/kasan/common.c:47 [inline]
kasan_save_track+0x3f/0x80 mm/kasan/common.c:68
poison_kmalloc_redzone mm/kasan/common.c:370 [inline]
__kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:387
kasan_kmalloc include/linux/kasan.h:211 [inline]
__kmalloc_cache_noprof+0x19c/0x2c0 mm/slub.c:4171
kmalloc_noprof include/linux/slab.h:660 [inline]
kzalloc_noprof include/linux/slab.h:778 [inline]
dropmon_net_event+0x220/0x2a0 net/core/drop_monitor.c:1583
notifier_call_chain+0x19f/0x3e0 kernel/notifier.c:93
call_netdevice_notifiers_extack net/core/dev.c:2030 [inline]
call_netdevice_notifiers net/core/dev.c:2044 [inline]
register_netdevice+0x1570/0x19e0 net/core/dev.c:10408
vxcan_newlink+0x4f2/0x610 drivers/net/can/vxcan.c:244
rtnl_newlink_create net/core/rtnetlink.c:3596 [inline]
__rtnl_newlink net/core/rtnetlink.c:3816 [inline]
rtnl_newlink+0x16c7/0x22b0 net/core/rtnetlink.c:3829
rtnetlink_rcv_msg+0x892/0x1170 net/core/rtnetlink.c:6727
netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2550
netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]
netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1357
netlink_sendmsg+0x8db/0xcb0 net/netlink/af_netlink.c:1901
sock_sendmsg_nosec net/socket.c:730 [inline]
__sock_sendmsg+0x221/0x270 net/socket.c:745
__sys_sendto+0x3a4/0x4f0 net/socket.c:2192
__do_sys_sendto net/socket.c:2204 [inline]
__se_sys_sendto net/socket.c:2200 [inline]
__x64_sys_sendto+0xde/0x100 net/socket.c:2200
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7ff4c707eb9c
RSP: 002b:00007ffc39c21c00 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 00007ff4c7ce4620 RCX: 00007ff4c707eb9c
RDX: 000000000000003c RSI: 00007ff4c7ce4670 RDI: 0000000000000003
RBP: 0000000000000000 R08: 00007ffc39c21c54 R09: 000000000000000c
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
R13: 0000000000000000 R14: 00007ff4c7ce4670 R15: 0000000000000000
Showing all locks held in the system:
5 locks held by kworker/u8:7/2446:
#0: ffff888015ed5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3223 [inline]
#0: ffff888015ed5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3329
#1: ffffc900093f7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3224 [inline]
#1: ffffc900093f7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3329
#2: ffffffff8f5e2c90 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 net/core/net_namespace.c:594
#3: ffff888020155408 (&wg->device_update_lock){+.+.}-{3:3}, at: wg_destruct+0x110/0x2e0 drivers/net/wireguard/device.c:249
#4: ffffffff8e33a740 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x4c/0x530 kernel/rcu/tree.c:4480
2 locks held by getty/4842:
#0: ffff88802afd60a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243
#1: ffffc90002f162f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 drivers/tty/n_tty.c:2211
6 locks held by kworker/1:14/6152:
1 lock held by syz-executor.0/11244:
2 locks held by syz-executor.1/11322:
1 lock held by syz-executor.2/11341:
3 locks held by syz-executor.4/11343:
#0: ffffc90000a18c00 (net/core/rtnetlink.c:82){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 kernel/time/timer.c:1789
#1: ffffffff8e3354a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:326 [inline]
#1: ffffffff8e3354a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:838 [inline]
#1: ffffffff8e3354a0 (rcu_read_lock){....}-{1:2}, at: report_rtnl_holders+0x20/0x2d0 net/core/rtnetlink.c:95
#2: ffffffff8e3354a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:326 [inline]
#2: ffffffff8e3354a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:838 [inline]
#2: ffffffff8e3354a0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 kernel/locking/lockdep.c:6689
1 lock held by syz-executor.4/11344:
=============================================
DEBUG: holding rtnl_mutex for 11268 jiffies.
task:syz-executor.0 state:R running task stack:18808 pid:11244 tgid:11244 ppid:11231 flags:0x00004002
Call Trace:
context_switch kernel/sched/core.c:5192 [inline]
__schedule+0x17e8/0x4a20 kernel/sched/core.c:6529
preempt_schedule_irq+0xfb/0x1c0 kernel/sched/core.c:6851
irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:kernel_text_address+0x36/0xe0 kernel/extable.c:133
Code: c7 c0 00 00 00 81 bd 01 00 00 00 48 39 c7 72 0c 48 c7 c0 00 00 c0 8b 48 39 c3 72 0c 48 89 df e8 80 ac a1 ff 85 c0 74 0b 89 e8 <5b> 41 5e 5d c3 cc cc cc cc 48 c7 c0 c0 b2 ad 8f 48 c1 e8 03 48 b9
RSP: 0000:ffffc9000bcb6768 EFLAGS: 00000283
RAX: 0000000000000001 RBX: ffffffff89626e07 RCX: ffff8880547a9e00
RDX: ffff8880547a9e00 RSI: 0000000000000001 RDI: ffffffff89626e07
RBP: 0000000000000001 R08: ffffffff8140de67 R09: ffffffff8140f95f
R10: 0000000000000003 R11: ffff8880547a9e00 R12: ffff8880547a9e00
R13: ffffffff817ef6f0 R14: dffffc0000000000 R15: 1ffff92001796d01
__kernel_text_address+0xd/0x40 kernel/extable.c:79
unwind_get_return_address+0x5d/0xc0 arch/x86/kernel/unwind_orc.c:369
arch_stack_walk+0x125/0x1b0 arch/x86/kernel/stacktrace.c:26
stack_trace_save+0x118/0x1d0 kernel/stacktrace.c:122
kasan_save_stack mm/kasan/common.c:47 [inline]
kasan_save_track+0x3f/0x80 mm/kasan/common.c:68
poison_kmalloc_redzone mm/kasan/common.c:370 [inline]
__kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:387
kasan_kmalloc include/linux/kasan.h:211 [inline]
__kmalloc_cache_noprof+0x19c/0x2c0 mm/slub.c:4171
kmalloc_noprof include/linux/slab.h:660 [inline]
kzalloc_noprof include/linux/slab.h:778 [inline]
dropmon_net_event+0x220/0x2a0 net/core/drop_monitor.c:1583
notifier_call_chain+0x19f/0x3e0 kernel/notifier.c:93
call_netdevice_notifiers_extack net/core/dev.c:2030 [inline]
call_netdevice_notifiers net/core/dev.c:2044 [inline]
register_netdevice+0x1570/0x19e0 net/core/dev.c:10408
vxcan_newlink+0x4f2/0x610 drivers/net/can/vxcan.c:244
rtnl_newlink_create net/core/rtnetlink.c:3596 [inline]
__rtnl_newlink net/core/rtnetlink.c:3816 [inline]
rtnl_newlink+0x16c7/0x22b0 net/core/rtnetlink.c:3829
rtnetlink_rcv_msg+0x892/0x1170 net/core/rtnetlink.c:6727
netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2550
netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]
netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1357
netlink_sendmsg+0x8db/0xcb0 net/netlink/af_netlink.c:1901
sock_sendmsg_nosec net/socket.c:730 [inline]
__sock_sendmsg+0x221/0x270 net/socket.c:745
__sys_sendto+0x3a4/0x4f0 net/socket.c:2192
__do_sys_sendto net/socket.c:2204 [inline]
__se_sys_sendto net/socket.c:2200 [inline]
__x64_sys_sendto+0xde/0x100 net/socket.c:2200
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7ff4c707eb9c
RSP: 002b:00007ffc39c21c00 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 00007ff4c7ce4620 RCX: 00007ff4c707eb9c
RDX: 000000000000003c RSI: 00007ff4c7ce4670 RDI: 0000000000000003
RBP: 0000000000000000 R08: 00007ffc39c21c54 R09: 000000000000000c
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
R13: 0000000000000000 R14: 00007ff4c7ce4670 R15: 0000000000000000
Showing all locks held in the system:
5 locks held by kworker/u8:7/2446:
#0: ffff888015ed5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3223 [inline]
#0: ffff888015ed5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3329
#1: ffffc900093f7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3224 [inline]
#1: ffffc900093f7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3329
#2: ffffffff8f5e2c90 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 net/core/net_namespace.c:594
#3: ffff888020155408 (&wg->device_update_lock){+.+.}-{3:3}, at: wg_destruct+0x110/0x2e0 drivers/net/wireguard/device.c:249
#4: ffffffff8e33a740 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x4c/0x530 kernel/rcu/tree.c:4480
2 locks held by getty/4842:
#0: ffff88802afd60a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243
#1: ffffc90002f162f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 drivers/tty/n_tty.c:2211
6 locks held by kworker/1:14/6152:
1 lock held by syz-executor.0/11244:
2 locks held by syz-executor.1/11322:
1 lock held by syz-executor.2/11341:
3 locks held by syz-executor.4/11343:
#0: ffffc90000a18c00 (net/core/rtnetlink.c:82){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 kernel/time/timer.c:1789
#1: ffffffff8e3354a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:326 [inline]
#1: ffffffff8e3354a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:838 [inline]
#1: ffffffff8e3354a0 (rcu_read_lock){....}-{1:2}, at: report_rtnl_holders+0x20/0x2d0 net/core/rtnetlink.c:95
#2: ffffffff8e3354a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:326 [inline]
#2: ffffffff8e3354a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:838 [inline]
#2: ffffffff8e3354a0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 kernel/locking/lockdep.c:6689
1 lock held by syz-executor.4/11344:
=============================================
DEBUG: holding rtnl_mutex for 11452 jiffies.
task:syz-executor.0 state:R running task stack:18808 pid:11244 tgid:11244 ppid:11231 flags:0x00004002
Call Trace:
context_switch kernel/sched/core.c:5192 [inline]
__schedule+0x17e8/0x4a20 kernel/sched/core.c:6529
preempt_schedule_irq+0xfb/0x1c0 kernel/sched/core.c:6851
irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:kernel_text_address+0x36/0xe0 kernel/extable.c:133
Code: c7 c0 00 00 00 81 bd 01 00 00 00 48 39 c7 72 0c 48 c7 c0 00 00 c0 8b 48 39 c3 72 0c 48 89 df e8 80 ac a1 ff 85 c0 74 0b 89 e8 <5b> 41 5e 5d c3 cc cc cc cc 48 c7 c0 c0 b2 ad 8f 48 c1 e8 03 48 b9
RSP: 0000:ffffc9000bcb6768 EFLAGS: 00000283
RAX: 0000000000000001 RBX: ffffffff89626e07 RCX: ffff8880547a9e00
RDX: ffff8880547a9e00 RSI: 0000000000000001 RDI: ffffffff89626e07
RBP: 0000000000000001 R08: ffffffff8140de67 R09: ffffffff8140f95f
R10: 0000000000000003 R11: ffff8880547a9e00 R12: ffff8880547a9e00
R13: ffffffff817ef6f0 R14: dffffc0000000000 R15: 1ffff92001796d01
__kernel_text_address+0xd/0x40 kernel/extable.c:79
unwind_get_return_address+0x5d/0xc0 arch/x86/kernel/unwind_orc.c:369
arch_stack_walk+0x125/0x1b0 arch/x86/kernel/stacktrace.c:26
stack_trace_save+0x118/0x1d0 kernel/stacktrace.c:122
kasan_save_stack mm/kasan/common.c:47 [inline]
kasan_save_track+0x3f/0x80 mm/kasan/common.c:68
poison_kmalloc_redzone mm/kasan/common.c:370 [inline]
__kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:387
kasan_kmalloc include/linux/kasan.h:211 [inline]
__kmalloc_cache_noprof+0x19c/0x2c0 mm/slub.c:4171
kmalloc_noprof include/linux/slab.h:660 [inline]
kzalloc_noprof include/linux/slab.h:778 [inline]
dropmon_net_event+0x220/0x2a0 net/core/drop_monitor.c:1583
notifier_call_chain+0x19f/0x3e0 kernel/notifier.c:93
call_netdevice_notifiers_extack net/core/dev.c:2030 [inline]
call_netdevice_notifiers net/core/dev.c:2044 [inline]
register_netdevice+0x1570/0x19e0 net/core/dev.c:10408
vxcan_newlink+0x4f2/0x610 drivers/net/can/vxcan.c:244
rtnl_newlink_create net/core/rtnetlink.c:3596 [inline]
__rtnl_newlink net/core/rtnetlink.c:3816 [inline]
rtnl_newlink+0x16c7/0x22b0 net/core/rtnetlink.c:3829
rtnetlink_rcv_msg+0x892/0x1170 net/core/rtnetlink.c:6727
netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2550
netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]
netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1357