From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pj1-f72.google.com (mail-pj1-f72.google.com [209.85.216.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3BA123E0C7A for ; Mon, 13 Apr 2026 15:01:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.72 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1776092475; cv=none; b=aIKrvP8V5pkazWpU5gE7NfFCuUnPGiLJ0Abmi5CSey1BJ7ew8l3QyMJtKYVUQQFNmE66Z38w0wOsuzj7xvIxMuaVV+HcB1SWrZO28DU3aFrT3crQ6sMDmYsn9ewIgcFf47tegf4qRQeuHYbCJyXmPiSZ8z1fmIykBXx+I3IVwj0= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1776092475; c=relaxed/simple; bh=U8xAKrmSj+O0xYfqbpjlFvhugckixzVj+Gix8fSfjO0=; h=MIME-Version:Date:In-Reply-To:Message-ID:Subject:From:To:Cc: Content-Type; b=hHWC3IhVRtiXs6zCOfaLHlA2m5DEtmGbHmZmADE6j2QLEIT8Y7gF7UWrd2q7dYrnfFpPz4fQ0nX1D8NeJ5EOXacFj0nHjtQjcFKHPGYmDacL7iruySxDz/ClonDggFwajmbhpdnKNgZt9vs4P9UKODX8q3yihDad39lgRXzGR3A= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=syzkaller.appspotmail.com; spf=pass smtp.mailfrom=M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com; arc=none smtp.client-ip=209.85.216.72 Authentication-Results: smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=syzkaller.appspotmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com Received: by mail-pj1-f72.google.com with SMTP id 98e67ed59e1d1-354c44bf176so4376519a91.0 for ; Mon, 13 Apr 2026 08:01:13 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1776092473; x=1776697273; h=cc:to:from:subject:message-id:in-reply-to:date:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=AlSroUvQLnPQy/vliop0r/9IQklxRKU38FSvvT0IkJU=; b=Yu/KeDI0VE4SQzK0fpT5zj6SnuT15kkU8jUI2kH5ZKjgMBnbOdsSrFLcfTPjdsKNCR mLlDjbimjuaQgC0ucDoXu1PECaOPr0nK/T4oZNGM6qXfeUUevWnUwHZmu2XoEnB7qt5M Brr5BRN4W8lru4KH2f08yCO/Ewn0fdEK5hEGV/DAk367UekeSGoffu35vcMGiIdV1i1R E1jt4ek1lUbEPdefgibI+FCHhCwQSG6TYqNzF6qBPo3wXlCNymSquOphdsMMjNfG6XsS ESAF+G7QiLc6lk/I/nQ9rAXUNh2kf5BG6h7fAfCez0GF3N421p5x9etbz9paQHbZMZ/D mHKw== X-Forwarded-Encrypted: i=1; AFNElJ8Iw2jInpolS9V4S3t6fal5ZhAE6pBlc6DNj/sFxc13/OYTps43l8Ca0k2PFrnnhWPcmDSr3c12KsqXd2c=@vger.kernel.org X-Gm-Message-State: AOJu0YxSy13QZDPhaCfMjuUsxwR0diRs/nFSjQV3T5ihpWD+O1ojB3Ud saUYKJoN1VpYjSf7YuW44ayhIIdEEVSqucD0KdcDmZxAsAHODl7IBUAbDVcRveObRdMLL3Kg4QE GRGhcSqXtjl8Nk4DQJVsPu8J3LDmjdDz2DcR8yjCU1WkhTCWDjM+KS9JMkO0= Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Received: by 2002:a17:90b:28c4:b0:35f:b69d:7292 with SMTP id 98e67ed59e1d1-35fb69d7632mr3809862a91.15.1776092472566; Mon, 13 Apr 2026 08:01:12 -0700 (PDT) Date: Mon, 13 Apr 2026 08:01:12 -0700 In-Reply-To: <20260413150024.1003490-1-shardul.b@mpiricsoftware.com> X-Google-Appengine-App-Id: s~syzkaller X-Google-Appengine-App-Id-Alias: syzkaller Message-ID: <69dd0538.a00a0220.468cb.0049.GAE@google.com> Subject: Re: [PATCH] wireguard: device: use exit_rtnl callback instead of manual rtnl_lock in pre_exit From: syzbot To: shardul.b@mpiricsoftware.com Cc: andrew@lunn.ch, davem@davemloft.net, edumazet@google.com, janak@mpiric.us, jason@zx2c4.com, kalpan.jani@mpiricsoftware.com, kuba@kernel.org, kuniyu@google.com, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, pabeni@redhat.com, shardul.b@mpiricsoftware.com, shardulsb08@gmail.com, wireguard@lists.zx2c4.com Content-Type: text/plain; charset="UTF-8" > wg_netns_pre_exit() manually acquires rtnl_lock() inside the > pernet .pre_exit callback. This causes a hung task when another > thread holds rtnl_mutex - the cleanup_net workqueue (or the > setup_net failure rollback path) blocks indefinitely in > wg_netns_pre_exit() waiting to acquire the lock. > > Convert to .exit_rtnl, introduced in commit 7a60d91c690b ("net: > Add ->exit_rtnl() hook to struct pernet_operations."), where the > framework already holds RTNL and batches all callbacks under a > single rtnl_lock()/rtnl_unlock() pair, eliminating the contention > window. > > The rcu_assign_pointer(wg->creating_net, NULL) is safe to move > from .pre_exit to .exit_rtnl (which runs after synchronize_rcu()) > because all RCU readers of creating_net either use maybe_get_net() > - which returns NULL for a dying namespace with zero refcount - or > access net->user_ns which remains valid throughout the entire > ops_undo_list sequence. > > Reported-by: syzbot+pFBD3bslSSshiJCd3rxy@syzkaller.appspotmail.com > Closes: https://syzkaller.appspot.com/bug?id=cb64c22a492202ca929e18262fdb8cb89e635c70 > Signed-off-by: Shardul Bankar > --- > drivers/net/wireguard/device.c | 6 ++---- > 1 file changed, 2 insertions(+), 4 deletions(-) > > diff --git a/drivers/net/wireguard/device.c b/drivers/net/wireguard/device.c > index 46a71ec36af8..eb854c5294a3 100644 > --- a/drivers/net/wireguard/device.c > +++ b/drivers/net/wireguard/device.c > @@ -411,12 +411,11 @@ static struct rtnl_link_ops link_ops __read_mostly = { > .newlink = wg_newlink, > }; > > -static void wg_netns_pre_exit(struct net *net) > +static void wg_netns_exit_rtnl(struct net *net, struct list_head *dev_kill_list) > { > struct wg_device *wg; > struct wg_peer *peer; > > - rtnl_lock(); > list_for_each_entry(wg, &device_list, device_list) { > if (rcu_access_pointer(wg->creating_net) == net) { > pr_debug("%s: Creating namespace exiting\n", wg->dev->name); > @@ -429,11 +428,10 @@ static void wg_netns_pre_exit(struct net *net) > mutex_unlock(&wg->device_update_lock); > } > } > - rtnl_unlock(); > } > > static struct pernet_operations pernet_ops = { > - .pre_exit = wg_netns_pre_exit > + .exit_rtnl = wg_netns_exit_rtnl > }; > > int __init wg_device_init(void) > -- > 2.34.1 > I see the command but can't find the corresponding bug. The email is sent to syzbot+HASH@syzkaller.appspotmail.com address but the HASH does not correspond to any known bug. Please double check the address.