INFO: task kworker/u4:1:21537 blocked for more than 147 seconds.
      Not tainted 6.1.0-syzkaller-13822-g6feb57c2fd7c #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/u4:1    state:D
 stack:23496 pid:21537 ppid:2      flags:0x00004000
Workqueue: netns cleanup_net
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5244 [inline]
 __schedule+0xb8a/0x5450 kernel/sched/core.c:6555
 schedule+0xde/0x1b0 kernel/sched/core.c:6631
 rxrpc_destroy_all_calls+0x1ee/0x640 net/rxrpc/call_object.c:733
 rxrpc_exit_net+0x15c/0x300 net/rxrpc/net_ns.c:125
 ops_exit_list+0xb0/0x170 net/core/net_namespace.c:169
 cleanup_net+0x4ee/0xb10 net/core/net_namespace.c:606
 process_one_work+0x9bf/0x1710 kernel/workqueue.c:2289
 worker_thread+0x669/0x1090 kernel/workqueue.c:2436
 kthread+0x2e8/0x3a0 kernel/kthread.c:376
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308
 </TASK>

Showing all locks held in the system:
1 lock held by rcu_tasks_kthre/12:
 #0: ffffffff8c790c70 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x26/0xc70 kernel/rcu/tasks.h:507
1 lock held by rcu_tasks_trace/13:
 #0: ffffffff8c790970 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x26/0xc70 kernel/rcu/tasks.h:507
1 lock held by khungtaskd/27:
 #0: ffffffff8c7917c0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x57/0x264 kernel/locking/lockdep.c:6494
2 locks held by getty/4748:
 #0: ffff88802b743098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x26/0x80 drivers/tty/tty_ldisc.c:244
 #1: ffffc900015902f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xef4/0x13e0 drivers/tty/n_tty.c:2177
2 locks held by kworker/u4:13/5477:
3 locks held by kworker/0:17/11625:
 #0: ffff888012470d38 ((wq_completion)events){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline]
 #0: ffff888012470d38 ((wq_completion)events){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline]
 #0: ffff888012470d38 ((wq_completion)events){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1280 [inline]
 #0: ffff888012470d38 ((wq_completion)events){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:636 [inline]
 #0: ffff888012470d38 ((wq_completion)events){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:663 [inline]
 #0: ffff888012470d38 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x86d/0x1710 kernel/workqueue.c:2260
 #1: ffffc9000334fda8 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x8a1/0x1710 kernel/workqueue.c:2264
 #2: ffffffff8e0be368 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xf/0x70 net/core/link_watch.c:277
3 locks held by kworker/u4:1/21537:
 #0: ffff8880125df938 ((wq_completion)netns){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline]
 #0: ffff8880125df938 ((wq_completion)netns){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline]
 #0: ffff8880125df938 ((wq_completion)netns){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1280 [inline]
 #0: ffff8880125df938 ((wq_completion)netns){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:636 [inline]
 #0: ffff8880125df938 ((wq_completion)netns){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:663 [inline]
 #0: ffff8880125df938 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x86d/0x1710 kernel/workqueue.c:2260
 #1: ffffc9000585fda8 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x8a1/0x1710 kernel/workqueue.c:2264
 #2: ffffffff8e0aa6d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x9f/0xb10 net/core/net_namespace.c:568
2 locks held by kworker/1:5/4361:
 #0: ffff888012472538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline]
 #0: ffff888012472538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline]
 #0: ffff888012472538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1280 [inline]
 #0: ffff888012472538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:636 [inline]
 #0: ffff888012472538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:663 [inline]
 #0: ffff888012472538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x86d/0x1710 kernel/workqueue.c:2260
 #1: ffffc90005c07da8 ((work_completion)(&rew->rew_work)){+.+.}-{0:0}, at: process_one_work+0x8a1/0x1710 kernel/workqueue.c:2264
2 locks held by syz-executor.3/10110:
 #0: ffffffff8e0aa6d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x2f8/0x6b0 net/core/net_namespace.c:479
 #1: ffffffff8c79c478 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock kernel/rcu/tree_exp.h:292 [inline]
 #1: ffffffff8c79c478 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x5df/0x780 kernel/rcu/tree_exp.h:946
2 locks held by syz-executor.3/10120:
 #0: ffffffff8e0aa6d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x2f8/0x6b0 net/core/net_namespace.c:479
 #1: ffffffff8c79c478 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock kernel/rcu/tree_exp.h:324 [inline]
 #1: ffffffff8c79c478 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x24f/0x780 kernel/rcu/tree_exp.h:946
2 locks held by syz-executor.5/10138:
 #0: ffffffff8e0aa6d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x2f8/0x6b0 net/core/net_namespace.c:479
 #1: ffff8880b983b598 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested kernel/sched/core.c:545 [inline]
 #1: ffff8880b983b598 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x90/0x120 kernel/sched/core.c:530
1 lock held by syz-executor.1/10131:
2 locks held by syz-executor.1/10137:
 #0: ffffffff8e0aa6d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x2f8/0x6b0 net/core/net_namespace.c:479
 #1: ffffffff8e0be368 (rtnl_mutex){+.+.}-{3:3}, at: wg_netns_pre_exit+0x1b/0x210 drivers/net/wireguard/device.c:420
2 locks held by syz-executor.2/10141:
1 lock held by syz-executor.2/10145:
 #0: ffffffff8e0aa6d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x2f8/0x6b0 net/core/net_namespace.c:479

=============================================

NMI backtrace for cpu 1
CPU: 1 PID: 27 Comm: khungtaskd Not tainted 6.1.0-syzkaller-13822-g6feb57c2fd7c #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0xd1/0x138 lib/dump_stack.c:106
 nmi_cpu_backtrace.cold+0x24/0x18a lib/nmi_backtrace.c:111
 nmi_trigger_cpumask_backtrace+0x333/0x3c0 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:148 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:220 [inline]
 watchdog+0xc75/0xfc0 kernel/hung_task.c:377
 kthread+0x2e8/0x3a0 kernel/kthread.c:376
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308
 </TASK>
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 10145 Comm: syz-executor.2 Not tainted 6.1.0-syzkaller-13822-g6feb57c2fd7c #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
RIP: 0010:__sanitizer_cov_trace_pc+0x4d/0x70 kernel/kcov.c:212
Code: ff 00 74 0e 85 c9 74 35 8b 82 6c 15 00 00 85 c0 74 2b 8b 82 48 15 00 00 83 f8 02 75 20 48 8b 8a 50 15 00 00 8b 92 4c 15 00 00 <48> 8b 01 48 83 c0 01 48 39 c2 76 07 48 89 01 48 89 34 c1 c3 66 66
RSP: 0018:ffffc90005ab7858 EFLAGS: 00000246
RAX: 0000000000000002 RBX: ffff888080f24714 RCX: ffffc90013579000
RDX: 0000000000040000 RSI: ffffffff8984f2a1 RDI: 0000000000000006
RBP: dffffc0000000000 R08: 0000000000000006 R09: ffff888078dc3654
R10: ffffffff8ff37000 R11: 0000000000000000 R12: ffff888080f24708
R13: ffff888078dc3654 R14: 0000000000000000 R15: ffffc90005ab7908
FS:  00007f4a935fe700(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005555566c0848 CR3: 0000000079c9f000 CR4: 0000000000350ef0
Call Trace:
 <TASK>
 ensure_safe_net_sysctl net/sysctl_net.c:130 [inline]
 register_net_sysctl+0x91/0x3c0 net/sysctl_net.c:167
 __addrconf_sysctl_register+0x1db/0x3d0 net/ipv6/addrconf.c:7083
 addrconf_sysctl_register net/ipv6/addrconf.c:7130 [inline]
 addrconf_sysctl_register+0x139/0x1d0 net/ipv6/addrconf.c:7119
 ipv6_add_dev+0xa80/0x1320 net/ipv6/addrconf.c:450
 addrconf_notify+0x85c/0x1c80 net/ipv6/addrconf.c:3528
 notifier_call_chain+0xb5/0x200 kernel/notifier.c:87
 call_netdevice_notifiers_info+0xb5/0x130 net/core/dev.c:1944
 call_netdevice_notifiers_extack net/core/dev.c:1982 [inline]
 call_netdevice_notifiers net/core/dev.c:1996 [inline]
 register_netdevice+0xfb4/0x1640 net/core/dev.c:10078
 register_netdev+0x31/0x50 net/core/dev.c:10173
 ip6gre_init_net+0x3d1/0x630 net/ipv6/ip6_gre.c:1617
 ops_init+0xb9/0x680 net/core/net_namespace.c:135
 setup_net+0x793/0xe60 net/core/net_namespace.c:333
 copy_net_ns+0x31b/0x6b0 net/core/net_namespace.c:483
 create_new_namespaces+0x3f6/0xb20 kernel/nsproxy.c:110
 unshare_nsproxy_namespaces+0xc5/0x1f0 kernel/nsproxy.c:228
 ksys_unshare+0x449/0x920 kernel/fork.c:3202
 __do_sys_unshare kernel/fork.c:3273 [inline]
 __se_sys_unshare kernel/fork.c:3271 [inline]
 __x64_sys_unshare+0x31/0x40 kernel/fork.c:3271
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f4a94a8c0d9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f4a935fe168 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
RAX: ffffffffffffffda RBX: 00007f4a94bac050 RCX: 00007f4a94a8c0d9
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
RBP: 00007f4a94ae7ae9 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffddd2f2b1f R14: 00007f4a935fe300 R15: 0000000000022000
 </TASK>