INFO: task kworker/u8:7:4354 blocked for more than 141 seconds.
      Not tainted 6.14.0-rc7-syzkaller-00196-g88d324e69ea9 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/u8:7    state:D stack:20816 pid:4354  tgid:4354  ppid:2      task_flags:0x4208060 flags:0x00004000
Workqueue: events_unbound linkwatch_event
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5378 [inline]
 __schedule+0x190e/0x4c90 kernel/sched/core.c:6765
 __schedule_loop kernel/sched/core.c:6842 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6857
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6914
 __mutex_lock_common kernel/locking/mutex.c:662 [inline]
 __mutex_lock+0x817/0x1010 kernel/locking/mutex.c:730
 linkwatch_event+0xe/0x60 net/core/link_watch.c:285
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0xac0/0x18e0 kernel/workqueue.c:3319
 worker_thread+0x870/0xd30 kernel/workqueue.c:3400
 kthread+0x7ab/0x920 kernel/kthread.c:464
 ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
INFO: task syz-executor:10793 blocked for more than 143 seconds.
      Not tainted 6.14.0-rc7-syzkaller-00196-g88d324e69ea9 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor    state:D stack:21280 pid:10793 tgid:10793 ppid:1      task_flags:0x400140 flags:0x00000004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5378 [inline]
 __schedule+0x190e/0x4c90 kernel/sched/core.c:6765
 __schedule_loop kernel/sched/core.c:6842 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6857
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6914
 __mutex_lock_common kernel/locking/mutex.c:662 [inline]
 __mutex_lock+0x817/0x1010 kernel/locking/mutex.c:730
 rtnl_lock net/core/rtnetlink.c:79 [inline]
 rtnl_nets_lock net/core/rtnetlink.c:335 [inline]
 rtnl_newlink+0xc55/0x1d30 net/core/rtnetlink.c:4021
 rtnetlink_rcv_msg+0x793/0xcf0 net/core/rtnetlink.c:6912
 netlink_rcv_skb+0x208/0x480 net/netlink/af_netlink.c:2533
 netlink_unicast_kernel net/netlink/af_netlink.c:1312 [inline]
 netlink_unicast+0x7f8/0x990 net/netlink/af_netlink.c:1338
 netlink_sendmsg+0x8de/0xcb0 net/netlink/af_netlink.c:1882
 sock_sendmsg_nosec net/socket.c:718 [inline]
 __sock_sendmsg+0x223/0x270 net/socket.c:733
 __sys_sendto+0x363/0x4c0 net/socket.c:2187
 __do_sys_sendto net/socket.c:2194 [inline]
 __se_sys_sendto net/socket.c:2190 [inline]
 __x64_sys_sendto+0xde/0x100 net/socket.c:2190
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f86f058effc
RSP: 002b:00007fffaac67850 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 00007f86f12d4620 RCX: 00007f86f058effc
RDX: 000000000000002c RSI: 00007f86f12d4670 RDI: 0000000000000003
RBP: 0000000000000000 R08: 00007fffaac678a4 R09: 000000000000000c
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
R13: 0000000000000000 R14: 00007f86f12d4670 R15: 0000000000000000
 </TASK>
INFO: task syz-executor:10796 blocked for more than 144 seconds.
      Not tainted 6.14.0-rc7-syzkaller-00196-g88d324e69ea9 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor    state:D stack:24864 pid:10796 tgid:10796 ppid:1      task_flags:0x400140 flags:0x00004006
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5378 [inline]
 __schedule+0x190e/0x4c90 kernel/sched/core.c:6765
 __schedule_loop kernel/sched/core.c:6842 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6857
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6914
 __mutex_lock_common kernel/locking/mutex.c:662 [inline]
 __mutex_lock+0x817/0x1010 kernel/locking/mutex.c:730
 ib_get_eth_speed+0x153/0x800 drivers/infiniband/core/verbs.c:1995
 rxe_query_port+0x95/0x3b0 drivers/infiniband/sw/rxe/rxe_verbs.c:62
 __ib_query_port drivers/infiniband/core/device.c:2095 [inline]
 ib_query_port+0x168/0x7d0 drivers/infiniband/core/device.c:2127
 ib_setup_port_attrs+0x299/0x2440 drivers/infiniband/core/sysfs.c:1440
 add_one_compat_dev+0x51a/0x710 drivers/infiniband/core/device.c:959
 rdma_dev_init_net+0x1f1/0x280 drivers/infiniband/core/device.c:1175
 ops_init+0x34b/0x5b0 net/core/net_namespace.c:138
 setup_net+0x287/0x9e0 net/core/net_namespace.c:362
 copy_net_ns+0x33f/0x570 net/core/net_namespace.c:516
 create_new_namespaces+0x425/0x7b0 kernel/nsproxy.c:110
 unshare_nsproxy_namespaces+0x124/0x180 kernel/nsproxy.c:228
 ksys_unshare+0x57d/0xa70 kernel/fork.c:3342
 __do_sys_unshare kernel/fork.c:3413 [inline]
 __se_sys_unshare kernel/fork.c:3411 [inline]
 __x64_sys_unshare+0x38/0x40 kernel/fork.c:3411
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f1f60d8e967
RSP: 002b:00007ffe7f573058 EFLAGS: 00000206 ORIG_RAX: 0000000000000110
RAX: ffffffffffffffda RBX: 00007f1f60fa5f40 RCX: 00007f1f60d8e967
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000
RBP: 00007f1f60fa6738 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000008
R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
 </TASK>
INFO: task syz-executor:10802 blocked for more than 144 seconds.
      Not tainted 6.14.0-rc7-syzkaller-00196-g88d324e69ea9 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor    state:D stack:24864 pid:10802 tgid:10802 ppid:1      task_flags:0x400140 flags:0x00000004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5378 [inline]
 __schedule+0x190e/0x4c90 kernel/sched/core.c:6765
 __schedule_loop kernel/sched/core.c:6842 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6857
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6914
 __mutex_lock_common kernel/locking/mutex.c:662 [inline]
 __mutex_lock+0x817/0x1010 kernel/locking/mutex.c:730
 __tun_chr_ioctl+0x47a/0x2310 drivers/net/tun.c:3121
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:906 [inline]
 __se_sys_ioctl+0xf7/0x170 fs/ioctl.c:892
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fb94098cd6b
RSP: 002b:00007ffe377ceea0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007fb940ba5f40 RCX: 00007fb94098cd6b
RDX: 00007ffe377cef20 RSI: 00000000400454ca RDI: 00000000000000c8
RBP: 00007fb940ba6738 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008
R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
 </TASK>
INFO: task syz-executor:10804 blocked for more than 145 seconds.
      Not tainted 6.14.0-rc7-syzkaller-00196-g88d324e69ea9 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor    state:D stack:24864 pid:10804 tgid:10804 ppid:1      task_flags:0x400140 flags:0x00004006
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5378 [inline]
 __schedule+0x190e/0x4c90 kernel/sched/core.c:6765
 __schedule_loop kernel/sched/core.c:6842 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6857
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6914
 __mutex_lock_common kernel/locking/mutex.c:662 [inline]
 __mutex_lock+0x817/0x1010 kernel/locking/mutex.c:730
 add_one_compat_dev+0x10d/0x710 drivers/infiniband/core/device.c:933
 rdma_dev_init_net+0x1f1/0x280 drivers/infiniband/core/device.c:1175
 ops_init+0x34b/0x5b0 net/core/net_namespace.c:138
 setup_net+0x287/0x9e0 net/core/net_namespace.c:362
 copy_net_ns+0x33f/0x570 net/core/net_namespace.c:516
 create_new_namespaces+0x425/0x7b0 kernel/nsproxy.c:110
 unshare_nsproxy_namespaces+0x124/0x180 kernel/nsproxy.c:228
 ksys_unshare+0x57d/0xa70 kernel/fork.c:3342
 __do_sys_unshare kernel/fork.c:3413 [inline]
 __se_sys_unshare kernel/fork.c:3411 [inline]
 __x64_sys_unshare+0x38/0x40 kernel/fork.c:3411
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7feb1698e967
RSP: 002b:00007fffd5662aa8 EFLAGS: 00000206 ORIG_RAX: 0000000000000110
RAX: ffffffffffffffda RBX: 00007feb16ba5f40 RCX: 00007feb1698e967
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000
RBP: 00007feb16ba6738 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000008
R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
 </TASK>
INFO: task syz-executor:10805 blocked for more than 147 seconds.
      Not tainted 6.14.0-rc7-syzkaller-00196-g88d324e69ea9 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor    state:D stack:25952 pid:10805 tgid:10805 ppid:1      task_flags:0x400140 flags:0x00000004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5378 [inline]
 __schedule+0x190e/0x4c90 kernel/sched/core.c:6765
 __schedule_loop kernel/sched/core.c:6842 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6857
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6914
 __mutex_lock_common kernel/locking/mutex.c:662 [inline]
 __mutex_lock+0x817/0x1010 kernel/locking/mutex.c:730
 rtnl_net_lock include/linux/rtnetlink.h:129 [inline]
 inet_rtm_newaddr+0x47e/0x1bc0 net/ipv4/devinet.c:987
 rtnetlink_rcv_msg+0x793/0xcf0 net/core/rtnetlink.c:6912
 netlink_rcv_skb+0x208/0x480 net/netlink/af_netlink.c:2533
 netlink_unicast_kernel net/netlink/af_netlink.c:1312 [inline]
 netlink_unicast+0x7f8/0x990 net/netlink/af_netlink.c:1338
 netlink_sendmsg+0x8de/0xcb0 net/netlink/af_netlink.c:1882
 sock_sendmsg_nosec net/socket.c:718 [inline]
 __sock_sendmsg+0x223/0x270 net/socket.c:733
 __sys_sendto+0x363/0x4c0 net/socket.c:2187
 __do_sys_sendto net/socket.c:2194 [inline]
 __se_sys_sendto net/socket.c:2190 [inline]
 __x64_sys_sendto+0xde/0x100 net/socket.c:2190
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f1ef858effc
RSP: 002b:00007ffe85826cd0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 00007f1ef92d4620 RCX: 00007f1ef858effc
RDX: 0000000000000028 RSI: 00007f1ef92d4670 RDI: 0000000000000003
RBP: 0000000000000000 R08: 00007ffe85826d24 R09: 000000000000000c
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
R13: 0000000000000000 R14: 00007f1ef92d4670 R15: 0000000000000000
 </TASK>
INFO: task syz-executor:10811 blocked for more than 147 seconds.
      Not tainted 6.14.0-rc7-syzkaller-00196-g88d324e69ea9 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor    state:D stack:25952 pid:10811 tgid:10811 ppid:1      task_flags:0x400140 flags:0x00000004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5378 [inline]
 __schedule+0x190e/0x4c90 kernel/sched/core.c:6765
 __schedule_loop kernel/sched/core.c:6842 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6857
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6914
 __mutex_lock_common kernel/locking/mutex.c:662 [inline]
 __mutex_lock+0x817/0x1010 kernel/locking/mutex.c:730
 rtnl_net_lock include/linux/rtnetlink.h:129 [inline]
 inet_rtm_newaddr+0x47e/0x1bc0 net/ipv4/devinet.c:987
 rtnetlink_rcv_msg+0x793/0xcf0 net/core/rtnetlink.c:6912
 netlink_rcv_skb+0x208/0x480 net/netlink/af_netlink.c:2533
 netlink_unicast_kernel net/netlink/af_netlink.c:1312 [inline]
 netlink_unicast+0x7f8/0x990 net/netlink/af_netlink.c:1338
 netlink_sendmsg+0x8de/0xcb0 net/netlink/af_netlink.c:1882
 sock_sendmsg_nosec net/socket.c:718 [inline]
 __sock_sendmsg+0x223/0x270 net/socket.c:733
 __sys_sendto+0x363/0x4c0 net/socket.c:2187
 __do_sys_sendto net/socket.c:2194 [inline]
 __se_sys_sendto net/socket.c:2190 [inline]
 __x64_sys_sendto+0xde/0x100 net/socket.c:2190
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fb7edb8effc
RSP: 002b:00007fffe474e540 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 00007fb7ee8d4620 RCX: 00007fb7edb8effc
RDX: 0000000000000028 RSI: 00007fb7ee8d4670 RDI: 0000000000000003
RBP: 0000000000000000 R08: 00007fffe474e594 R09: 000000000000000c
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
R13: 0000000000000000 R14: 00007fb7ee8d4670 R15: 0000000000000000
 </TASK>

Showing all locks held in the system:
1 lock held by pool_workqueue_/3:
 #0: ffffffff8eb3e8b8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock kernel/rcu/tree_exp.h:334 [inline]
 #0: ffffffff8eb3e8b8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x451/0x820 kernel/rcu/tree_exp.h:996
1 lock held by kworker/0:0/9:
 #0: ffffffff8e9e46e8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x31/0x390 kernel/workqueue.c:2678
3 locks held by kworker/u8:1/13:
 #0: ffff8880305d4148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3213 [inline]
 #0: ffff8880305d4148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x98b/0x18e0 kernel/workqueue.c:3319
 #1: ffffc90000127c60 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3214 [inline]
 #1: ffffc90000127c60 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9c6/0x18e0 kernel/workqueue.c:3319
 #2: ffffffff8fed5f48 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:129 [inline]
 #2: ffffffff8fed5f48 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30 net/ipv6/addrconf.c:4730
1 lock held by khungtaskd/31:
 #0: ffffffff8eb393e0 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline]
 #0: ffffffff8eb393e0 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:849 [inline]
 #0: ffffffff8eb393e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0 kernel/locking/lockdep.c:6746
3 locks held by kworker/u8:3/53:
 #0: ffff88801b081148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3213 [inline]
 #0: ffff88801b081148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x98b/0x18e0 kernel/workqueue.c:3319
 #1: ffffc90000be7c60 ((work_completion)(&pool->idle_cull_work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3214 [inline]
 #1: ffffc90000be7c60 ((work_completion)(&pool->idle_cull_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9c6/0x18e0 kernel/workqueue.c:3319
 #2: ffffffff8e9e46e8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: idle_cull_fn+0xd5/0x760 kernel/workqueue.c:2960
3 locks held by kworker/u9:0/55:
 #0: ffff888031e11148 ((wq_completion)hci12#3){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3213 [inline]
 #0: ffff888031e11148 ((wq_completion)hci12#3){+.+.}-{0:0}, at: process_scheduled_works+0x98b/0x18e0 kernel/workqueue.c:3319
 #1: ffffc9000120fc60 ((work_completion)(&hdev->power_on)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3214 [inline]
 #1: ffffc9000120fc60 ((work_completion)(&hdev->power_on)){+.+.}-{0:0}, at: process_scheduled_works+0x9c6/0x18e0 kernel/workqueue.c:3319
 #2: ffff88805b488d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_open net/bluetooth/hci_core.c:410 [inline]
 #2: ffff88805b488d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_power_on+0x1bf/0x6b0 net/bluetooth/hci_core.c:941
1 lock held by kworker/u8:4/63:
 #0: ffffffff8e9e46e8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x31/0x390 kernel/workqueue.c:2678
1 lock held by kworker/R-krxrp/3374:
 #0: ffffffff8e9e46e8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x31/0x390 kernel/workqueue.c:2678
3 locks held by kworker/u8:6/3558:
 #0: ffff88801b081148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3213 [inline]
 #0: ffff88801b081148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x98b/0x18e0 kernel/workqueue.c:3319
 #1: ffffc9000cfc7c60 ((work_completion)(&pool->idle_cull_work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3214 [inline]
 #1: ffffc9000cfc7c60 ((work_completion)(&pool->idle_cull_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9c6/0x18e0 kernel/workqueue.c:3319
 #2: ffffffff8e9e46e8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: idle_cull_fn+0xd5/0x760 kernel/workqueue.c:2960
3 locks held by kworker/u8:7/4354:
 #0: ffff88801b081148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3213 [inline]
 #0: ffff88801b081148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x98b/0x18e0 kernel/workqueue.c:3319
 #1: ffffc9000ea57c60 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3214 [inline]
 #1: ffffc9000ea57c60 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9c6/0x18e0 kernel/workqueue.c:3319
 #2: ffffffff8fed5f48 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60 net/core/link_watch.c:285
2 locks held by getty/5579:
 #0: ffff8880312fa0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243
 #1: ffffc90002fde2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x616/0x1770 drivers/tty/n_tty.c:2211
3 locks held by syz-executor/5814:
 #0: ffff88803221edf0 (&vma->vm_lock->lock){++++}-{4:4}, at: vma_start_read include/linux/mm.h:717 [inline]
 #0: ffff88803221edf0 (&vma->vm_lock->lock){++++}-{4:4}, at: lock_vma_under_rcu+0x34b/0x790 mm/memory.c:6366
 #1: ffff888035220518 (sb_pagefaults){.+.+}-{0:0}, at: __sb_start_write include/linux/fs.h:1785 [inline]
 #1: ffff888035220518 (sb_pagefaults){.+.+}-{0:0}, at: sb_start_pagefault include/linux/fs.h:1950 [inline]
 #1: ffff888035220518 (sb_pagefaults){.+.+}-{0:0}, at: ext4_page_mkwrite+0x1fc/0x1100 fs/ext4/inode.c:6159
 #2: ffff888035224950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x1e94/0x2110 fs/jbd2/transaction.c:448
2 locks held by syz-executor/5826:
 #0: ffffffff8fed5f48 (rtnl_mutex){+.+.}-{4:4}, at: tun_detach drivers/net/tun.c:698 [inline]
 #0: ffffffff8fed5f48 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3b/0x1b0 drivers/net/tun.c:3517
 #1: ffffffff8eb3e8b8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock kernel/rcu/tree_exp.h:334 [inline]
 #1: ffffffff8eb3e8b8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x451/0x820 kernel/rcu/tree_exp.h:996
3 locks held by kworker/u9:2/5833:
 #0: ffff888044b9f148 ((wq_completion)hci4#2){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3213 [inline]
 #0: ffff888044b9f148 ((wq_completion)hci4#2){+.+.}-{0:0}, at: process_scheduled_works+0x98b/0x18e0 kernel/workqueue.c:3319
 #1: ffffc900035e7c60 ((work_completion)(&hdev->power_on)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3214 [inline]
 #1: ffffc900035e7c60 ((work_completion)(&hdev->power_on)){+.+.}-{0:0}, at: process_scheduled_works+0x9c6/0x18e0 kernel/workqueue.c:3319
 #2: ffff888021b44d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_open net/bluetooth/hci_core.c:410 [inline]
 #2: ffff888021b44d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_power_on+0x1bf/0x6b0 net/bluetooth/hci_core.c:941
3 locks held by kworker/u9:3/5837:
 #0: ffff88805c400948 ((wq_completion)hci1#5){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3213 [inline]
 #0: ffff88805c400948 ((wq_completion)hci1#5){+.+.}-{0:0}, at: process_scheduled_works+0x98b/0x18e0 kernel/workqueue.c:3319
 #1: ffffc900037a7c60 ((work_completion)(&hdev->power_on)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3214 [inline]
 #1: ffffc900037a7c60 ((work_completion)(&hdev->power_on)){+.+.}-{0:0}, at: process_scheduled_works+0x9c6/0x18e0 kernel/workqueue.c:3319
 #2: ffff888033884d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_open net/bluetooth/hci_core.c:410 [inline]
 #2: ffff888033884d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_power_on+0x1bf/0x6b0 net/bluetooth/hci_core.c:941
4 locks held by kworker/u9:4/5839:
 #0: ffff88802fe0f148 ((wq_completion)hci6){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3213 [inline]
 #0: ffff88802fe0f148 ((wq_completion)hci6){+.+.}-{0:0}, at: process_scheduled_works+0x98b/0x18e0 kernel/workqueue.c:3319
 #1: ffffc900037c7c60 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3214 [inline]
 #1: ffffc900037c7c60 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9c6/0x18e0 kernel/workqueue.c:3319
 #2: ffff88805ef58d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1ec/0x400 net/bluetooth/hci_sync.c:331
 #3: ffff88805ef58078 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1f2/0xeb0 net/bluetooth/hci_sync.c:5569
3 locks held by kworker/u9:7/5844:
 #0: ffff88804572c148 ((wq_completion)hci2#3){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3213 [inline]
 #0: ffff88804572c148 ((wq_completion)hci2#3){+.+.}-{0:0}, at: process_scheduled_works+0x98b/0x18e0 kernel/workqueue.c:3319
 #1: ffffc90003b37c60 ((work_completion)(&hdev->power_on)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3214 [inline]
 #1: ffffc90003b37c60 ((work_completion)(&hdev->power_on)){+.+.}-{0:0}, at: process_scheduled_works+0x9c6/0x18e0 kernel/workqueue.c:3319
 #2: ffff88805bbb0d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_open net/bluetooth/hci_core.c:410 [inline]
 #2: ffff88805bbb0d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_power_on+0x1bf/0x6b0 net/bluetooth/hci_core.c:941
1 lock held by kworker/u9:9/5848:
 #0: ffffffff8e9e46e8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x31/0x390 kernel/workqueue.c:2678
1 lock held by kworker/R-wg-cr/5879:
 #0: ffffffff8e9e46e8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x31/0x390 kernel/workqueue.c:2678
1 lock held by kworker/R-wg-cr/5880:
 #0: ffffffff8e9e46e8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_detach_from_pool kernel/workqueue.c:2736 [inline]
 #0: ffffffff8e9e46e8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: rescuer_thread+0xa21/0xf90 kernel/workqueue.c:3529
1 lock held by kworker/R-wg-cr/5886:
1 lock held by kworker/R-wg-cr/5888:
 #0: ffffffff8e9e46e8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x31/0x390 kernel/workqueue.c:2678
9 locks held by kworker/1:6/5928:
1 lock held by kworker/1:8/5952:
 #0: ffffffff8e9e46e8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x31/0x390 kernel/workqueue.c:2678
1 lock held by syz.2.321/6917:
 #0: ffffffff8fed5f48 (rtnl_mutex){+.+.}-{4:4}, at: tun_detach drivers/net/tun.c:698 [inline]
 #0: ffffffff8fed5f48 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3b/0x1b0 drivers/net/tun.c:3517
1 lock held by syz-executor/7349:
 #0: ffffffff8fed5f48 (rtnl_mutex){+.+.}-{4:4}, at: tun_detach drivers/net/tun.c:698 [inline]
 #0: ffffffff8fed5f48 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3b/0x1b0 drivers/net/tun.c:3517
1 lock held by kworker/R-wg-cr/7435:
 #0: ffffffff8e9e46e8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x31/0x390 kernel/workqueue.c:2678
1 lock held by syz-executor/8031:
 #0: ffffffff8eb3e780 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x530 kernel/rcu/tree.c:3741
1 lock held by syz-executor/8712:
 #0: ffffffff8fed5f48 (rtnl_mutex){+.+.}-{4:4}, at: tun_detach drivers/net/tun.c:698 [inline]
 #0: ffffffff8fed5f48 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3b/0x1b0 drivers/net/tun.c:3517
1 lock held by kworker/R-wg-cr/8782:
 #0: ffffffff8e9e46e8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_detach_from_pool kernel/workqueue.c:2736 [inline]
 #0: ffffffff8e9e46e8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: rescuer_thread+0xa21/0xf90 kernel/workqueue.c:3529
1 lock held by kworker/R-wg-cr/8784:
 #0: ffffffff8e9e46e8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x31/0x390 kernel/workqueue.c:2678
2 locks held by syz.1.1773/10705:
2 locks held by syz-executor/10793:
 #0: ffffffff8f676e00 (&ops->srcu#2){.+.+}-{0:0}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline]
 #0: ffffffff8f676e00 (&ops->srcu#2){.+.+}-{0:0}, at: rcu_read_lock include/linux/rcupdate.h:849 [inline]
 #0: ffffffff8f676e00 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x22/0x250 net/core/rtnetlink.c:564
 #1: ffffffff8fed5f48 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock net/core/rtnetlink.c:79 [inline]
 #1: ffffffff8fed5f48 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_nets_lock net/core/rtnetlink.c:335 [inline]
 #1: ffffffff8fed5f48 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0xc55/0x1d30 net/core/rtnetlink.c:4021
6 locks held by syz-executor/10796:
 #0: ffffffff8fec9710 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x328/0x570 net/core/net_namespace.c:512
 #1: ffffffff8fc4cb50 (devices_rwsem){++++}-{4:4}, at: rdma_dev_init_net+0x198/0x280 drivers/infiniband/core/device.c:1169
 #2: ffffffff8fc4cd10 (rdma_nets_rwsem){++++}-{4:4}, at: rdma_dev_init_net+0x1e6/0x280 drivers/infiniband/core/device.c:1174
 #3: ffff888043888f48 (&device->compat_devs_mutex){+.+.}-{4:4}, at: add_one_compat_dev+0x10d/0x710 drivers/infiniband/core/device.c:933
 #4: ffff888043889240 (&rxe->usdev_lock){+.+.}-{4:4}, at: rxe_query_port+0x7e/0x3b0 drivers/infiniband/sw/rxe/rxe_verbs.c:61
 #5: ffffffff8fed5f48 (rtnl_mutex){+.+.}-{4:4}, at: ib_get_eth_speed+0x153/0x800 drivers/infiniband/core/verbs.c:1995
1 lock held by syz-executor/10802:
 #0: ffffffff8fed5f48 (rtnl_mutex){+.+.}-{4:4}, at: __tun_chr_ioctl+0x47a/0x2310 drivers/net/tun.c:3121
4 locks held by syz-executor/10804:
 #0: ffffffff8fec9710 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x328/0x570 net/core/net_namespace.c:512
 #1: ffffffff8fc4cb50 (devices_rwsem){++++}-{4:4}, at: rdma_dev_init_net+0x198/0x280 drivers/infiniband/core/device.c:1169
 #2: ffffffff8fc4cd10 (rdma_nets_rwsem){++++}-{4:4}, at: rdma_dev_init_net+0x1e6/0x280 drivers/infiniband/core/device.c:1174
 #3: ffff888043888f48 (&device->compat_devs_mutex){+.+.}-{4:4}, at: add_one_compat_dev+0x10d/0x710 drivers/infiniband/core/device.c:933
1 lock held by syz-executor/10805:
 #0: ffffffff8fed5f48 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:129 [inline]
 #0: ffffffff8fed5f48 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bc0 net/ipv4/devinet.c:987
1 lock held by syz-executor/10811:
 #0: ffffffff8fed5f48 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:129 [inline]
 #0: ffffffff8fed5f48 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bc0 net/ipv4/devinet.c:987
1 lock held by syz-executor/10825:
 #0: ffffffff8fed5f48 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:129 [inline]
 #0: ffffffff8fed5f48 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bc0 net/ipv4/devinet.c:987
1 lock held by syz-executor/10835:
 #0: ffff88805dd68d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_open net/bluetooth/hci_core.c:410 [inline]
 #0: ffff88805dd68d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_open+0x1f4/0x300 net/bluetooth/hci_core.c:468
1 lock held by syz-executor/10839:
 #0: ffff88805ab6cd80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_open net/bluetooth/hci_core.c:410 [inline]
 #0: ffff88805ab6cd80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_open+0x1f4/0x300 net/bluetooth/hci_core.c:468
1 lock held by syz-executor/10841:
 #0: ffff88805ef5cd80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_open net/bluetooth/hci_core.c:410 [inline]
 #0: ffff88805ef5cd80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_open+0x1f4/0x300 net/bluetooth/hci_core.c:468
3 locks held by syz-executor/10858:
 #0: ffff888035220420 (sb_writers#4){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 fs/namespace.c:547
 #1: ffff88804532c950 (&type->i_mutex_dir_key#3/1){+.+.}-{4:4}, at: inode_lock_nested include/linux/fs.h:912 [inline]
 #1: ffff88804532c950 (&type->i_mutex_dir_key#3/1){+.+.}-{4:4}, at: filename_create+0x260/0x540 fs/namei.c:4082
 #2: ffff888035224950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x1e94/0x2110 fs/jbd2/transaction.c:448
1 lock held by dhcpcd/10859:
 #0: ffff888021348258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1624 [inline]
 #0: ffff888021348258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcb0 net/packet/af_packet.c:3253
1 lock held by dhcpcd/10860:
 #0: ffff88805b310258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1624 [inline]
 #0: ffff88805b310258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcb0 net/packet/af_packet.c:3253
1 lock held by dhcpcd/10861:
 #0: ffff88805b312258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1624 [inline]
 #0: ffff88805b312258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcb0 net/packet/af_packet.c:3253
1 lock held by dhcpcd/10862:
 #0: ffff88805b314258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1624 [inline]
 #0: ffff88805b314258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcb0 net/packet/af_packet.c:3253
1 lock held by dhcpcd/10863:
 #0: ffff88805b316258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1624 [inline]
 #0: ffff88805b316258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcb0 net/packet/af_packet.c:3253
1 lock held by dhcpcd/10864:
 #0: ffff888089746258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1624 [inline]
 #0: ffff888089746258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcb0 net/packet/af_packet.c:3253

=============================================

NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.14.0-rc7-syzkaller-00196-g88d324e69ea9 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:94 [inline]
 dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120
 nmi_cpu_backtrace+0x49c/0x4d0 lib/nmi_backtrace.c:113
 nmi_trigger_cpumask_backtrace+0x198/0x320 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:162 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:236 [inline]
 watchdog+0x1058/0x10a0 kernel/hung_task.c:399
 kthread+0x7ab/0x920 kernel/kthread.c:464
 ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 5928 Comm: kworker/1:6 Not tainted 6.14.0-rc7-syzkaller-00196-g88d324e69ea9 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
Workqueue: wg-crypt-wg0 wg_packet_tx_worker
RIP: 0010:mark_lock+0xa/0x360 kernel/locking/lockdep.c:4712
Code: 6b 0a 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 55 41 57 41 56 41 55 41 54 53 <48> 83 ec 10 49 89 f7 48 89 3c 24 49 bd 00 00 00 00 00 fc ff df 83
RSP: 0018:ffffc90000a27948 EFLAGS: 00000002
RAX: 0000000000042fbe RBX: ffff88802596c830 RCX: ffffffff819d4bca
RDX: 0000000000000002 RSI: ffff88802596c830 RDI: ffff88802596bc00
RBP: ffffc90000a27a28 R08: ffffffff9454d8ef R09: 1ffffffff28a9b1d
R10: dffffc0000000000 R11: fffffbfff28a9b1e R12: ffff88802596c850
R13: 0000000000000008 R14: ffff88802596c6e8 R15: 1ffff11004b2d8dd
FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f3df85f6d00 CR3: 000000005b9c2000 CR4: 0000000000350ef0
Call Trace:
 <NMI>
 </NMI>
 <IRQ>
 mark_held_locks kernel/locking/lockdep.c:4323 [inline]
 __trace_hardirqs_on_caller kernel/locking/lockdep.c:4341 [inline]
 lockdep_hardirqs_on_prepare+0x282/0x780 kernel/locking/lockdep.c:4408
 trace_hardirqs_on+0x28/0x40 kernel/trace/trace_preemptirq.c:78
 get_random_u16+0x4d6/0xa80 drivers/char/random.c:552
 cake_get_flow_quantum+0x191/0x290 net/sched/sch_cake.c:687
 cake_dequeue+0x2b04/0x4be0 net/sched/sch_cake.c:2106
 dequeue_skb net/sched/sch_generic.c:293 [inline]
 qdisc_restart net/sched/sch_generic.c:398 [inline]
 __qdisc_run+0x274/0x2180 net/sched/sch_generic.c:416
 __dev_xmit_skb net/core/dev.c:4111 [inline]
 __dev_queue_xmit+0x10dd/0x3f50 net/core/dev.c:4618
 dev_queue_xmit include/linux/netdevice.h:3313 [inline]
 neigh_hh_output include/net/neighbour.h:523 [inline]
 neigh_output include/net/neighbour.h:537 [inline]
 ip_finish_output2+0xcd3/0x12e0 net/ipv4/ip_output.c:236
 ip_local_out net/ipv4/ip_output.c:130 [inline]
 ip_send_skb net/ipv4/ip_output.c:1502 [inline]
 ip_push_pending_frames+0xbf/0x150 net/ipv4/ip_output.c:1522
 __icmp_send+0x12b2/0x1800 net/ipv4/icmp.c:783
 icmp_send include/net/icmp.h:43 [inline]
 ip_protocol_deliver_rcu+0x41b/0x440 net/ipv4/ip_input.c:216
 ip_local_deliver_finish+0x341/0x5f0 net/ipv4/ip_input.c:233
 NF_HOOK+0x3a6/0x450 include/linux/netfilter.h:314
 NF_HOOK+0x3a6/0x450 include/linux/netfilter.h:314
 __netif_receive_skb_one_core net/core/dev.c:5896 [inline]
 __netif_receive_skb+0x2bf/0x650 net/core/dev.c:6009
 process_backlog+0x662/0x15b0 net/core/dev.c:6357
 __napi_poll+0xcd/0x490 net/core/dev.c:7191
 napi_poll net/core/dev.c:7260 [inline]
 net_rx_action+0x89b/0x1240 net/core/dev.c:7382
 handle_softirqs+0x2d6/0x9b0 kernel/softirq.c:561
 do_softirq+0x11b/0x1e0 kernel/softirq.c:462
 </IRQ>
 <TASK>
 __local_bh_enable_ip+0x1bb/0x200 kernel/softirq.c:389
 wg_socket_send_skb_to_peer+0x176/0x1d0 drivers/net/wireguard/socket.c:184
 wg_packet_create_data_done drivers/net/wireguard/send.c:251 [inline]
 wg_packet_tx_worker+0x1bf/0x810 drivers/net/wireguard/send.c:276
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0xac0/0x18e0 kernel/workqueue.c:3319
 worker_thread+0x870/0xd30 kernel/workqueue.c:3400