INFO: task syz.2.1022:10671 blocked for more than 144 seconds.
Tainted: G L syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.2.1022 state:D stack:29000 pid:10671 tgid:10664 ppid:5823 task_flags:0x400040 flags:0x00080002
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5295 [inline]
__schedule+0xfee/0x60e0 kernel/sched/core.c:6907
__schedule_loop kernel/sched/core.c:6989 [inline]
schedule+0xdd/0x390 kernel/sched/core.c:7004
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7061
__mutex_lock_common kernel/locking/mutex.c:692 [inline]
__mutex_lock+0xc9a/0x1b90 kernel/locking/mutex.c:776
genl_lock net/netlink/genetlink.c:35 [inline]
genl_op_lock net/netlink/genetlink.c:60 [inline]
genl_op_lock net/netlink/genetlink.c:57 [inline]
genl_dumpit+0x1a8/0x230 net/netlink/genetlink.c:1025
netlink_dump+0x539/0xd30 net/netlink/af_netlink.c:2325
netlink_recvmsg+0x7dc/0xa90 net/netlink/af_netlink.c:1976
sock_recvmsg_nosec net/socket.c:1078 [inline]
sock_recvmsg+0x1f9/0x250 net/socket.c:1100
sock_read_iter+0x2c6/0x3c0 net/socket.c:1170
new_sync_read fs/read_write.c:493 [inline]
vfs_read+0x957/0xb30 fs/read_write.c:574
ksys_read+0x1f8/0x250 fs/read_write.c:717
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x106/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f2ff119c799
RSP: 002b:00007f2ff1f8b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
RAX: ffffffffffffffda RBX: 00007f2ff1416180 RCX: 00007f2ff119c799
RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000003
RBP: 00007f2ff1232bd9 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f2ff1416218 R14: 00007f2ff1416180 R15: 00007ffe70335868
</TASK>
INFO: task syz.0.1023:10676 blocked for more than 145 seconds.
Tainted: G L syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.0.1023 state:D stack:27016 pid:10676 tgid:10675 ppid:5817 task_flags:0x400140 flags:0x00080002
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5295 [inline]
__schedule+0xfee/0x60e0 kernel/sched/core.c:6907
__schedule_loop kernel/sched/core.c:6989 [inline]
schedule+0xdd/0x390 kernel/sched/core.c:7004
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7061
__mutex_lock_common kernel/locking/mutex.c:692 [inline]
__mutex_lock+0xc9a/0x1b90 kernel/locking/mutex.c:776
genl_lock net/netlink/genetlink.c:35 [inline]
genl_op_lock net/netlink/genetlink.c:60 [inline]
genl_op_lock net/netlink/genetlink.c:57 [inline]
genl_rcv_msg+0x57b/0x800 net/netlink/genetlink.c:1208
netlink_rcv_skb+0x159/0x420 net/netlink/af_netlink.c:2550
genl_rcv+0x28/0x40 net/netlink/genetlink.c:1218
netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
netlink_unicast+0x5aa/0x870 net/netlink/af_netlink.c:1344
netlink_sendmsg+0x8b0/0xda0 net/netlink/af_netlink.c:1894
sock_sendmsg_nosec net/socket.c:727 [inline]
__sock_sendmsg net/socket.c:742 [inline]
__sys_sendto+0x4aa/0x520 net/socket.c:2206
__do_sys_sendto net/socket.c:2213 [inline]
__se_sys_sendto net/socket.c:2209 [inline]
__x64_sys_sendto+0xe0/0x1c0 net/socket.c:2209
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x106/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fe276d5cfce
RSP: 002b:00007fe274ff4e88 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 00007fe274ff66c0 RCX: 00007fe276d5cfce
RDX: 0000000000000028 RSI: 00007fe274ff5000 RDI: 0000000000000007
RBP: 0000000000000000 R08: 00007fe274ff4f04 R09: 000000000000000c
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007
R13: 00007fe274ff4f58 R14: 00007fe274ff5000 R15: 0000000000000000
</TASK>
Showing all locks held in the system:
2 locks held by kworker/0:0/9:
2 locks held by kworker/0:1/10:
4 locks held by kworker/1:0/24:
#0: ffff8880726a1548 ((wq_completion)wg-kex-wg1#8){+.+.}-{0:0}, at: process_one_work+0x1287/0x1920 kernel/workqueue.c:3250
#1: ffffc900001e7d08 ((work_completion)(&({ do { const void __seg_gs *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __asm__ ("" : "=r"(__ptr) : "0"((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_one_work+0x93c/0x1920 kernel/workqueue.c:3251
#2: ffff88807e11d348 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x1c2/0x860 drivers/net/wireguard/noise.c:598
#3: ffff888012840d20 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x5ac/0x860 drivers/net/wireguard/noise.c:632
1 lock held by khungtaskd/31:
#0: ffffffff8e7e9220 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:312 [inline]
#0: ffffffff8e7e9220 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:850 [inline]
#0: ffffffff8e7e9220 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3d/0x184 kernel/locking/lockdep.c:6775
2 locks held by kworker/0:2/796:
4 locks held by kworker/R-bat_e/3405:
1 lock held by klogd/5178:
2 locks held by udevd/5189:
2 locks held by kworker/0:3/5822:
1 lock held by kworker/R-wg-cr/5841:
1 lock held by kworker/R-wg-cr/5842:
#0: ffffffff8e696b88 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_detach_from_pool kernel/workqueue.c:2749 [inline]
#0: ffffffff8e696b88 (wq_pool_attach_mutex){+.+.}-{4:4}, at: rescuer_thread+0xb78/0x1490 kernel/workqueue.c:3610
1 lock held by kworker/R-wg-cr/5849:
1 lock held by kworker/R-wg-cr/5852:
#0: ffffffff8e696b88 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x27/0x420 kernel/workqueue.c:2691
2 locks held by kworker/0:4/5858:
3 locks held by kworker/1:3/5872:
#0: ffff88813fe62148 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_one_work+0x1287/0x1920 kernel/workqueue.c:3250
#1: ffffc900043cfd08 ((reg_check_chans).work){+.+.}-{0:0}, at: process_one_work+0x93c/0x1920 kernel/workqueue.c:3251
#2: ffffffff90613928 (rtnl_mutex){+.+.}-{4:4}, at: reg_check_chans_work+0x91/0x11d0 net/wireless/reg.c:2462
4 locks held by kworker/0:5/5879:
#0: ffff88805f2a4548 ((wq_completion)wg-kex-wg0#8){+.+.}-{0:0}, at: process_one_work+0x1287/0x1920 kernel/workqueue.c:3250
#1: ffffc9000442fd08 ((work_completion)(&({ do { const void __seg_gs *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __asm__ ("" : "=r"(__ptr) : "0"((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_one_work+0x93c/0x1920 kernel/workqueue.c:3251
#2: ffff88802a4c5348 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_response+0x22b/0x950 drivers/net/wireguard/noise.c:742
#3: ffff888012841708 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_response+0x2f8/0x950 drivers/net/wireguard/noise.c:753
2 locks held by kworker/0:6/5880:
3 locks held by kworker/1:6/5922:
#0: ffff88813fe63548 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x1287/0x1920 kernel/workqueue.c:3250
#1: ffffc900045cfd08 (deferred_process_work){+.+.}-{0:0}, at: process_one_work+0x93c/0x1920 kernel/workqueue.c:3251
#2: ffffffff90613928 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20 net/switchdev/switchdev.c:104
1 lock held by syz.3.535/8425:
#0: ffffffff90613928 (rtnl_mutex){+.+.}-{4:4}, at: tun_detach drivers/net/tun.c:634 [inline]
#0: ffffffff90613928 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x220 drivers/net/tun.c:3436
4 locks held by kworker/u11:0/8822:
2 locks held by kworker/u11:1/8824:
#0: ffff88813fea4948 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x1287/0x1920 kernel/workqueue.c:3250
#1: ffffc90006917d08 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x93c/0x1920 kernel/workqueue.c:3251
1 lock held by kworker/u11:2/8825:
4 locks held by kworker/u11:3/8830:
4 locks held by kworker/u11:4/8840:
3 locks held by kworker/u11:5/8868:
4 locks held by kworker/u11:6/9052:
4 locks held by kworker/u11:7/10090:
2 locks held by getty/10138:
#0: ffff8880336100a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 drivers/tty/tty_ldisc.c:243
#1: ffffc90003a512f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x419/0x1500 drivers/tty/n_tty.c:2211
3 locks held by kworker/u11:8/10195:
#0: ffff888032e81948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x1287/0x1920 kernel/workqueue.c:3250
#1: ffffc900036b7d08 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_one_work+0x93c/0x1920 kernel/workqueue.c:3251
#2: ffffffff90613928 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#2: ffffffff90613928 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x12/0x30 net/ipv6/addrconf.c:4738
2 locks held by kworker/u11:9/10196:
2 locks held by kworker/u11:10/10197:
4 locks held by kworker/u11:11/10198:
3 locks held by kworker/u11:12/10199:
3 locks held by kworker/u11:13/10200:
2 locks held by kworker/u11:14/10201:
#0: ffff88813fea4948 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x1287/0x1920 kernel/workqueue.c:3250
#1: ffffc90003627d08 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x93c/0x1920 kernel/workqueue.c:3251
6 locks held by kworker/u11:15/10202:
4 locks held by kworker/u11:16/10329:
4 locks held by kworker/u11:17/10330:
2 locks held by kworker/u11:18/10331:
4 locks held by kworker/u11:19/10332:
3 locks held by kworker/u11:20/10333:
4 locks held by kworker/u11:21/10334:
#0: ffff88801c6ae948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x1287/0x1920 kernel/workqueue.c:3250
#1: ffffc900033d7d08 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x93c/0x1920 kernel/workqueue.c:3251
#2: ffffffff905faff0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xb8/0x920 net/core/net_namespace.c:675
#3: ffffffff90613928 (rtnl_mutex){+.+.}-{4:4}, at: cangw_pernet_exit_batch+0x15/0xa0 net/can/gw.c:1294
3 locks held by kworker/u11:22/10335:
2 locks held by syz.3.1017/10633:
#0: ffffffff905faff0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x451/0x7c0 net/core/net_namespace.c:577
#1: ffffffff90613928 (rtnl_mutex){+.+.}-{4:4}, at: ip_tunnel_init_net+0x21e/0x780 net/ipv4/ip_tunnel.c:1146
2 locks held by syz.2.1022/10665:
#0: ffffffff905faff0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x451/0x7c0 net/core/net_namespace.c:577
#1: ffffffff90613928 (rtnl_mutex){+.+.}-{4:4}, at: ip_tunnel_init_net+0x21e/0x780 net/ipv4/ip_tunnel.c:1146
4 locks held by syz.2.1022/10668:
#0: ffffffff906bfab0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1217
#1: ffffffff906bfb68 (genl_mutex){+.+.}-{4:4}, at: genl_lock net/netlink/genetlink.c:35 [inline]
#1: ffffffff906bfb68 (genl_mutex){+.+.}-{4:4}, at: genl_op_lock net/netlink/genetlink.c:60 [inline]
#1: ffffffff906bfb68 (genl_mutex){+.+.}-{4:4}, at: genl_op_lock net/netlink/genetlink.c:57 [inline]
#1: ffffffff906bfb68 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x57b/0x800 net/netlink/genetlink.c:1208
#2: ffffffff90613928 (rtnl_mutex){+.+.}-{4:4}, at: wiphy_register+0x1e3d/0x2d30 net/wireless/core.c:1030
#3: ffff888058638788 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: class_wiphy_constructor include/net/cfg80211.h:6441 [inline]
#3: ffff888058638788 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: reg_process_self_managed_hints+0x9e/0x1b0 net/wireless/reg.c:3188
2 locks held by syz.2.1022/10671:
#0: ffff88802abd76f0 (nlk_cb_mutex-GENERIC){+.+.}-{4:4}, at: netlink_dump+0xa26/0xd30 net/netlink/af_netlink.c:2267
#1: ffffffff906bfb68 (genl_mutex){+.+.}-{4:4}, at: genl_lock net/netlink/genetlink.c:35 [inline]
#1: ffffffff906bfb68 (genl_mutex){+.+.}-{4:4}, at: genl_op_lock net/netlink/genetlink.c:60 [inline]
#1: ffffffff906bfb68 (genl_mutex){+.+.}-{4:4}, at: genl_op_lock net/netlink/genetlink.c:57 [inline]
#1: ffffffff906bfb68 (genl_mutex){+.+.}-{4:4}, at: genl_dumpit+0x1a8/0x230 net/netlink/genetlink.c:1025
2 locks held by syz.0.1023/10676:
#0: ffffffff906bfab0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1217
#1: ffffffff906bfb68 (genl_mutex){+.+.}-{4:4}, at: genl_lock net/netlink/genetlink.c:35 [inline]
#1: ffffffff906bfb68 (genl_mutex){+.+.}-{4:4}, at: genl_op_lock net/netlink/genetlink.c:60 [inline]
#1: ffffffff906bfb68 (genl_mutex){+.+.}-{4:4}, at: genl_op_lock net/netlink/genetlink.c:57 [inline]
#1: ffffffff906bfb68 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x57b/0x800 net/netlink/genetlink.c:1208
2 locks held by syz.0.1023/10678:
#0: ffffffff905faff0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x451/0x7c0 net/core/net_namespace.c:577
#1: ffffffff90613928 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#1: ffffffff90613928 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x23/0xb0 net/core/dev.c:2102
1 lock held by syz.1.1024/10682:
#0: ffffffff90613928 (rtnl_mutex){+.+.}-{4:4}, at: tun_detach drivers/net/tun.c:634 [inline]
#0: ffffffff90613928 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x220 drivers/net/tun.c:3436
1 lock held by syz-executor/10689:
2 locks held by modprobe/10696:
3 locks held by kworker/u11:1/10697:
1 lock held by dhcpcd/10705:
#0: ffff888058fd3008 (&sb->s_type->i_mutex_key#14){+.+.}-{4:4}, at: inode_lock include/linux/fs.h:1028 [inline]
#0: ffff888058fd3008 (&sb->s_type->i_mutex_key#14){+.+.}-{4:4}, at: __sock_release+0x86/0x260 net/socket.c:661
1 lock held by dhcpcd/10706:
#0: ffff88807f538208 (&sb->s_type->i_mutex_key#14){+.+.}-{4:4}, at: inode_lock include/linux/fs.h:1028 [inline]
#0: ffff88807f538208 (&sb->s_type->i_mutex_key#14){+.+.}-{4:4}, at: __sock_release+0x86/0x260 net/socket.c:661
1 lock held by dhcpcd/10707:
#0: ffff88807f53c148 (&sb->s_type->i_mutex_key#14){+.+.}-{4:4}, at: inode_lock include/linux/fs.h:1028 [inline]
#0: ffff88807f53c148 (&sb->s_type->i_mutex_key#14){+.+.}-{4:4}, at: __sock_release+0x86/0x260 net/socket.c:661
2 locks held by dhcpcd/10708:
#0: ffff88807f53fac8 (&sb->s_type->i_mutex_key#14){+.+.}-{4:4}, at: inode_lock include/linux/fs.h:1028 [inline]
#0: ffff88807f53fac8 (&sb->s_type->i_mutex_key#14){+.+.}-{4:4}, at: __sock_release+0x86/0x260 net/socket.c:661
#1: ffffffff8e7f4e38 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x19e/0x3c0 kernel/rcu/tree_exp.h:343
1 lock held by dhcpcd/10709:
#0: ffff88807f53bb88 (&sb->s_type->i_mutex_key#14){+.+.}-{4:4}, at: inode_lock include/linux/fs.h:1028 [inline]
#0: ffff88807f53bb88 (&sb->s_type->i_mutex_key#14){+.+.}-{4:4}, at: __sock_release+0x86/0x260 net/socket.c:661
2 locks held by kworker/u12:5/10710:
1 lock held by syz-executor/10727:
4 locks held by kworker/0:7/10721:
3 locks held by kworker/0:8/10722:
2 locks held by kworker/0:9/10724:
1 lock held by syz-executor/10728: