------------[ cut here ]------------ WARNING: CPU: 0 PID: 5137 at net/sched/sch_cake.c:2094 cake_dequeue+0x2af1/0x4690 net/sched/sch_cake.c:2094 Modules linked in: CPU: 0 PID: 5137 Comm: kworker/0:3 Not tainted 6.10.0-syzkaller-11323-g7846b618e0a4 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 Workqueue: events_power_efficient wg_ratelimiter_gc_entries RIP: 0010:cake_dequeue+0x2af1/0x4690 net/sched/sch_cake.c:2094 Code: 74 08 4c 89 f7 e8 af d7 6b f8 4d 89 26 eb 05 e8 75 e1 08 f8 45 31 f6 4c 8b a4 24 08 01 00 00 e9 d4 de ff ff e8 60 e1 08 f8 90 <0f> 0b 90 48 8b 94 24 f0 00 00 00 48 89 d0 48 c1 e8 03 42 0f b6 04 RSP: 0018:ffffc900000079c0 EFLAGS: 00010246 RAX: ffffffff898a6160 RBX: 000000000000ffff RCX: ffff888029100000 RDX: 0000000080000102 RSI: 000000000000ffff RDI: 0000000000000400 RBP: ffffc90000007c28 R08: ffffffff898a5f7c R09: ffffffff898a69e5 R10: 0000000000000003 R11: ffff888029100000 R12: ffff888049800010 R13: dffffc0000000000 R14: 000000000000ffff R15: ffff888049800000 FS: 0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fe9ca85724f CR3: 000000005b28e000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <IRQ> dequeue_skb net/sched/sch_generic.c:293 [inline] qdisc_restart net/sched/sch_generic.c:398 [inline] __qdisc_run+0x272/0x2170 net/sched/sch_generic.c:416 qdisc_run+0xda/0x270 include/net/pkt_sched.h:127 net_tx_action+0x89c/0xa50 net/core/dev.c:5322 handle_softirqs+0x2c4/0x970 kernel/softirq.c:554 __do_softirq kernel/softirq.c:588 [inline] invoke_softirq kernel/softirq.c:428 [inline] __irq_exit_rcu+0xf4/0x1c0 kernel/softirq.c:637 irq_exit_rcu+0x9/0x30 kernel/softirq.c:649 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline] sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1043 </IRQ> <TASK> asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702 RIP: 0010:lock_acquire+0x264/0x550 kernel/locking/lockdep.c:5763 Code: 2b 00 74 08 4c 89 f7 e8 1a cb 86 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25 RSP: 0018:ffffc90003e179e0 EFLAGS: 00000206 RAX: 0000000000000001 RBX: 1ffff920007c2f48 RCX: 78a3097f134c2b00 RDX: dffffc0000000000 RSI: ffffffff8bcadea0 RDI: ffffffff8c1fa440 RBP: ffffc90003e17b40 R08: ffffffff92fd06df R09: 1ffffffff25fa0db R10: dffffc0000000000 R11: fffffbfff25fa0dc R12: 1ffff920007c2f44 R13: dffffc0000000000 R14: ffffc90003e17a40 R15: 0000000000000246 __raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline] _raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:154 spin_lock include/linux/spinlock.h:351 [inline] wg_ratelimiter_gc_entries+0x60/0x470 drivers/net/wireguard/ratelimiter.c:63 process_one_work kernel/workqueue.c:3231 [inline] process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3312 worker_thread+0x86d/0xd40 kernel/workqueue.c:3390 kthread+0x2f0/0x390 kernel/kthread.c:389 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 </TASK> ---------------- Code disassembly (best guess): 0: 2b 00 sub (%rax),%eax 2: 74 08 je 0xc 4: 4c 89 f7 mov %r14,%rdi 7: e8 1a cb 86 00 call 0x86cb26 c: f6 44 24 61 02 testb $0x2,0x61(%rsp) 11: 0f 85 85 01 00 00 jne 0x19c 17: 41 f7 c7 00 02 00 00 test $0x200,%r15d 1e: 74 01 je 0x21 20: fb sti 21: 48 c7 44 24 40 0e 36 movq $0x45e0360e,0x40(%rsp) 28: e0 45 * 2a: 4b c7 44 25 00 00 00 movq $0x0,0x0(%r13,%r12,1) <-- trapping instruction 31: 00 00 33: 43 c7 44 25 09 00 00 movl $0x0,0x9(%r13,%r12,1) 3a: 00 00 3c: 43 rex.XB 3d: c7 .byte 0xc7 3e: 44 rex.R 3f: 25 .byte 0x25