watchdog: BUG: soft lockup - CPU#1 stuck for 21s! [kworker/1:2:837] Modules linked in: irq event stamp: 53335 hardirqs last enabled at (53334): [] queue_work_on+0xc4/0xfc kernel/workqueue.c:2436 hardirqs last disabled at (53335): [] __el1_irq arch/arm64/kernel/entry-common.c:493 [inline] hardirqs last disabled at (53335): [] el1_interrupt+0x28/0x60 arch/arm64/kernel/entry-common.c:509 softirqs last enabled at (53326): [] rcu_read_unlock_bh include/linux/rcupdate.h:907 [inline] softirqs last enabled at (53326): [] wg_packet_send_staged_packets+0x208/0xee4 drivers/net/wireguard/send.c:360 softirqs last disabled at (53330): [] wg_packet_create_data drivers/net/wireguard/send.c:313 [inline] softirqs last disabled at (53330): [] wg_packet_send_staged_packets+0x7a8/0xee4 drivers/net/wireguard/send.c:388 CPU: 1 UID: 0 PID: 837 Comm: kworker/1:2 Not tainted syzkaller #0 PREEMPT Hardware name: linux,dummy-virt (DT) Workqueue: wg-kex-wg0 wg_packet_handshake_receive_worker pstate: 10000005 (nzcV daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : queue_work_on+0x64/0xfc kernel/workqueue.c:2438 lr : queue_work_on+0xc4/0xfc kernel/workqueue.c:2436 sp : ffff80008edb77e0 x29: ffff80008edb77e0 x28: 0000000000000000 x27: 0000000000000000 x26: ffff00001837ecb0 x25: 1fffe0000306fd96 x24: 1ffff00011db6f0c x23: ffff000018df0c00 x22: 0000000000000000 x21: 0000000000000000 x20: 0000000000000000 x19: 0000000000000001 x18: 0000000000000000 x17: ffff8000828b4f78 x16: ffff8000828b3d30 x15: ffff80008766f6e8 x14: 1ffff00010ecdedd x13: ffff7fffe29a8000 x12: ffff60000d3f9d51 x11: 1fffe0000d3f9d50 x10: ffff60000d3f9d50 x9 : dfff800000000000 x8 : ffff80008edb7670 x7 : ffff80008edb77f0 x6 : ffff80008edb7790 x5 : ffff80008edb76d0 x4 : 0000000000000003 x3 : 1fffe0000294f731 x2 : 0000000000000001 x1 : 00000000000000c0 x0 : 000000000000d056 Call trace: __daif_local_irq_restore arch/arm64/include/asm/irqflags.h:175 [inline] (P) arch_local_irq_restore arch/arm64/include/asm/irqflags.h:195 [inline] (P) queue_work_on+0x64/0xfc kernel/workqueue.c:2436 (P) wg_queue_enqueue_per_device_and_peer drivers/net/wireguard/queueing.h:171 [inline] wg_packet_create_data drivers/net/wireguard/send.c:320 [inline] wg_packet_send_staged_packets+0xacc/0xee4 drivers/net/wireguard/send.c:388 wg_packet_send_keepalive+0x40/0x2b0 drivers/net/wireguard/send.c:239 wg_receive_handshake_packet+0x2c4/0x81c drivers/net/wireguard/receive.c:186 wg_packet_handshake_receive_worker+0xd8/0x320 drivers/net/wireguard/receive.c:213 process_one_work+0x810/0x1b1c kernel/workqueue.c:3302 process_scheduled_works kernel/workqueue.c:3385 [inline] worker_thread+0x42c/0xc90 kernel/workqueue.c:3466 kthread+0x2f0/0x388 kernel/kthread.c:436 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:858 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 UID: 0 PID: 3594 Comm: syz.0.28 Not tainted syzkaller #0 PREEMPT Hardware name: linux,dummy-virt (DT) pstate: 80000005 (Nzcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : bytes_is_nonzero mm/kasan/generic.c:100 [inline] pc : memory_is_nonzero mm/kasan/generic.c:115 [inline] pc : memory_is_poisoned_n mm/kasan/generic.c:140 [inline] pc : memory_is_poisoned mm/kasan/generic.c:172 [inline] pc : check_region_inline mm/kasan/generic.c:191 [inline] pc : kasan_check_range+0x11c/0x1b4 mm/kasan/generic.c:200 lr : __kasan_check_read+0x20/0x2c mm/kasan/shadow.c:31 sp : ffff8000a24675b0 x29: ffff8000a24675b0 x28: ffffffffffffffff x27: 0000000000000000 x26: ffff000069ff54c0 x25: ffff80008766f6f0 x24: 0000000000000001 x23: dfff800000000000 x22: ffff000069fd0500 x21: ffff80008766f6e8 x20: 1ffff0001448cece x19: ffff000069ff9ac8 x18: 1ffff00011ff1610 x17: 1ffff0001448cf24 x16: 0000000000000000 x15: 1ffff00011ff1610 x14: 1ffff00011ff1610 x13: ffff800089e2cb80 x12: ffff60000d3ff35a x11: 1fffe0000d3ff359 x10: ffff60000d3ff359 x9 : dfff800000000000 x8 : ffff000069ff9acb x7 : 0000000000000001 x6 : ffff60000d3ff359 x5 : ffff000069ff9ac8 x4 : ffff60000d3ff359 x3 : ffff8000804fe350 x2 : 0000000000000000 x1 : 0000000000000004 x0 : 0000000000000000 Call trace: bytes_is_nonzero mm/kasan/generic.c:97 [inline] (P) memory_is_nonzero mm/kasan/generic.c:115 [inline] (P) memory_is_poisoned_n mm/kasan/generic.c:140 [inline] (P) memory_is_poisoned mm/kasan/generic.c:172 [inline] (P) check_region_inline mm/kasan/generic.c:191 [inline] (P) kasan_check_range+0x11c/0x1b4 mm/kasan/generic.c:200 (P) csd_lock_wait kernel/smp.c:342 [inline] smp_call_function_many_cond+0x428/0x1998 kernel/smp.c:892 smp_call_function_many kernel/smp.c:915 [inline] smp_call_function kernel/smp.c:935 [inline] kick_all_cpus_sync+0x3c/0xa0 kernel/smp.c:1081 flush_icache_range arch/arm64/include/asm/cacheflush.h:105 [inline] __text_poke+0xc0/0xe0 arch/arm64/kernel/patching.c:130 aarch64_insn_copy+0x2c/0x40 arch/arm64/kernel/patching.c:161 bpf_arch_text_copy+0x18/0x34 arch/arm64/net/bpf_jit_comp.c:2234 bpf_jit_binary_pack_finalize+0x4c/0xd4 kernel/bpf/core.c:1179 bpf_int_jit_compile+0x904/0x1490 arch/arm64/net/bpf_jit_comp.c:2164 bpf_prog_jit_compile kernel/bpf/core.c:2550 [inline] __bpf_prog_select_runtime+0x5f8/0x948 kernel/bpf/core.c:2619 bpf_prog_select_runtime+0x1c/0x30 kernel/bpf/core.c:2659 bpf_migrate_filter net/core/filter.c:1318 [inline] bpf_prepare_filter+0x80c/0x1214 net/core/filter.c:1366 bpf_prog_create_from_user+0x158/0x244 net/core/filter.c:1460 seccomp_prepare_filter kernel/seccomp.c:701 [inline] seccomp_prepare_user_filter kernel/seccomp.c:738 [inline] seccomp_set_mode_filter kernel/seccomp.c:1990 [inline] do_seccomp+0x4e0/0x1b6c kernel/seccomp.c:2110 __do_sys_seccomp kernel/seccomp.c:2129 [inline] __se_sys_seccomp kernel/seccomp.c:2126 [inline] __arm64_sys_seccomp+0x6c/0xa0 kernel/seccomp.c:2126 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x74/0x240 arch/arm64/kernel/syscall.c:49 el0_svc_common.constprop.0+0xac/0x230 arch/arm64/kernel/syscall.c:121 do_el0_svc_compat+0x40/0x58 arch/arm64/kernel/syscall.c:146 el0_svc_compat+0x54/0x270 arch/arm64/kernel/entry-common.c:874 el0t_32_sync_handler+0x88/0xac arch/arm64/kernel/entry-common.c:892 el0t_32_sync+0x19c/0x1a0 arch/arm64/kernel/entry.S:599 watchdog: BUG: soft lockup - CPU#0 stuck for 23s! [syz.0.28:3594] Modules linked in: irq event stamp: 32586 hardirqs last enabled at (32585): [] irqentry_exit_to_kernel_mode_after_preempt include/linux/irq-entry-common.h:515 [inline] hardirqs last enabled at (32585): [] arm64_exit_to_kernel_mode+0x50/0xc0 arch/arm64/kernel/entry-common.c:62 hardirqs last disabled at (32586): [] __el1_irq arch/arm64/kernel/entry-common.c:493 [inline] hardirqs last disabled at (32586): [] el1_interrupt+0x28/0x60 arch/arm64/kernel/entry-common.c:509 softirqs last enabled at (32584): [] softirq_handle_end kernel/softirq.c:468 [inline] softirqs last enabled at (32584): [] handle_softirqs+0xa9c/0x1050 kernel/softirq.c:650 softirqs last disabled at (32563): [] __do_softirq+0x14/0x20 kernel/softirq.c:656 CPU: 0 UID: 0 PID: 3594 Comm: syz.0.28 Tainted: G L syzkaller #0 PREEMPT Tainted: [L]=SOFTLOCKUP Hardware name: linux,dummy-virt (DT) pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __kasan_check_read+0x20/0x2c mm/kasan/shadow.c:32 lr : __kasan_check_read+0x20/0x2c mm/kasan/shadow.c:31 sp : ffff8000a24675b0 x29: ffff8000a24675b0 x28: ffffffffffffffff x27: 0000000000000000 x26: ffff000069ff54c0 x25: ffff80008766f6f0 x24: 0000000000000001 x23: dfff800000000000 x22: ffff000069fd0500 x21: ffff80008766f6e8 x20: 1ffff0001448cece x19: ffff000069ff9ac8 x18: 1ffff00011ff1610 x17: 1ffff0001448cf24 x16: 0000000000000000 x15: 1ffff00011ff1610 x14: 1ffff00011ff1610 x13: ffff800089e2cb80 x12: ffff60000d3ff35a x11: 1fffe0000d3ff359 x10: ffff60000d3ff359 x9 : dfff800000000000 x8 : ffff000069ff9acb x7 : 0000000000000001 x6 : ffff60000d3ff359 x5 : ffff000069ff9ac8 x4 : ffff60000d3ff35a x3 : ffff8000804fe350 x2 : 0000000000000000 x1 : 0000000000000004 x0 : 0000000000000001 Call trace: __kasan_check_read+0x20/0x2c mm/kasan/shadow.c:31 (P) csd_lock_wait kernel/smp.c:342 [inline] smp_call_function_many_cond+0x428/0x1998 kernel/smp.c:892 smp_call_function_many kernel/smp.c:915 [inline] smp_call_function kernel/smp.c:935 [inline] kick_all_cpus_sync+0x3c/0xa0 kernel/smp.c:1081 flush_icache_range arch/arm64/include/asm/cacheflush.h:105 [inline] __text_poke+0xc0/0xe0 arch/arm64/kernel/patching.c:130 aarch64_insn_copy+0x2c/0x40 arch/arm64/kernel/patching.c:161 bpf_arch_text_copy+0x18/0x34 arch/arm64/net/bpf_jit_comp.c:2234 bpf_jit_binary_pack_finalize+0x4c/0xd4 kernel/bpf/core.c:1179 bpf_int_jit_compile+0x904/0x1490 arch/arm64/net/bpf_jit_comp.c:2164 bpf_prog_jit_compile kernel/bpf/core.c:2550 [inline] __bpf_prog_select_runtime+0x5f8/0x948 kernel/bpf/core.c:2619 bpf_prog_select_runtime+0x1c/0x30 kernel/bpf/core.c:2659 bpf_migrate_filter net/core/filter.c:1318 [inline] bpf_prepare_filter+0x80c/0x1214 net/core/filter.c:1366 bpf_prog_create_from_user+0x158/0x244 net/core/filter.c:1460 seccomp_prepare_filter kernel/seccomp.c:701 [inline] seccomp_prepare_user_filter kernel/seccomp.c:738 [inline] seccomp_set_mode_filter kernel/seccomp.c:1990 [inline] do_seccomp+0x4e0/0x1b6c kernel/seccomp.c:2110 __do_sys_seccomp kernel/seccomp.c:2129 [inline] __se_sys_seccomp kernel/seccomp.c:2126 [inline] __arm64_sys_seccomp+0x6c/0xa0 kernel/seccomp.c:2126 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x74/0x240 arch/arm64/kernel/syscall.c:49 el0_svc_common.constprop.0+0xac/0x230 arch/arm64/kernel/syscall.c:121 do_el0_svc_compat+0x40/0x58 arch/arm64/kernel/syscall.c:146 el0_svc_compat+0x54/0x270 arch/arm64/kernel/entry-common.c:874 el0t_32_sync_handler+0x88/0xac arch/arm64/kernel/entry-common.c:892 el0t_32_sync+0x19c/0x1a0 arch/arm64/kernel/entry.S:599 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 UID: 0 PID: 837 Comm: kworker/1:2 Tainted: G L syzkaller #0 PREEMPT Tainted: [L]=SOFTLOCKUP Hardware name: linux,dummy-virt (DT) Workqueue: wg-kex-wg0 wg_packet_handshake_receive_worker pstate: 10000005 (nzcV daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : queue_work_on+0x64/0xfc kernel/workqueue.c:2438 lr : queue_work_on+0xc4/0xfc kernel/workqueue.c:2436 sp : ffff80008edb77e0 x29: ffff80008edb77e0 x28: 0000000000000000 x27: 0000000000000000 x26: ffff00001837ecb0 x25: 1fffe0000306fd96 x24: 1ffff00011db6f0c x23: ffff000018df0c00 x22: 0000000000000000 x21: 0000000000000000 x20: 0000000000000000 x19: 0000000000000001 x18: 0000000000000000 x17: ffff8000828b4f78 x16: ffff8000828b3d30 x15: ffff80008766f6e8 x14: 1ffff00010ecdedd x13: ffff7fffe29a8000 x12: ffff60000d3f9d51 x11: 1fffe0000d3f9d50 x10: ffff60000d3f9d50 x9 : dfff800000000000 x8 : ffff80008edb7670 x7 : ffff80008edb77f0 x6 : ffff80008edb7790 x5 : ffff80008edb76d0 x4 : 0000000000000003 x3 : 1fffe0000294f731 x2 : 0000000000000001 x1 : 00000000000000c0 x0 : 000000000000d056 Call trace: __daif_local_irq_restore arch/arm64/include/asm/irqflags.h:175 [inline] (P) arch_local_irq_restore arch/arm64/include/asm/irqflags.h:195 [inline] (P) queue_work_on+0x64/0xfc kernel/workqueue.c:2436 (P) wg_queue_enqueue_per_device_and_peer drivers/net/wireguard/queueing.h:171 [inline] wg_packet_create_data drivers/net/wireguard/send.c:320 [inline] wg_packet_send_staged_packets+0xacc/0xee4 drivers/net/wireguard/send.c:388 wg_packet_send_keepalive+0x40/0x2b0 drivers/net/wireguard/send.c:239 wg_receive_handshake_packet+0x2c4/0x81c drivers/net/wireguard/receive.c:186 wg_packet_handshake_receive_worker+0xd8/0x320 drivers/net/wireguard/receive.c:213 process_one_work+0x810/0x1b1c kernel/workqueue.c:3302 process_scheduled_works kernel/workqueue.c:3385 [inline] worker_thread+0x42c/0xc90 kernel/workqueue.c:3466 kthread+0x2f0/0x388 kernel/kthread.c:436 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:858