DUID 00:04:06:88:74:a7:04:75:62:cb:55:93:34:09:94:90:e1:fe
forked to background, child pid 3170
[   27.975847][ T3171] 8021q: adding VLAN 0 to HW filter on device bond0
[   27.986124][ T3171] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK

syzkaller
syzkaller login: [   76.155301][  T142] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.1.64' (ECDSA) to the list of known hosts.
[  492.995967][ T3622] chnl_net:caif_netlink_parms(): no params data found
[  493.037524][ T3622] bridge0: port 1(bridge_slave_0) entered blocking state
[  493.045228][ T3622] bridge0: port 1(bridge_slave_0) entered disabled state
[  493.053102][ T3622] device bridge_slave_0 entered promiscuous mode
[  493.061831][ T3622] bridge0: port 2(bridge_slave_1) entered blocking state
[  493.069576][ T3622] bridge0: port 2(bridge_slave_1) entered disabled state
[  493.077668][ T3622] device bridge_slave_1 entered promiscuous mode
[  493.100625][ T3622] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  493.111608][ T3622] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  493.134305][ T3622] team0: Port device team_slave_0 added
[  493.142132][ T3622] team0: Port device team_slave_1 added
[  493.159332][ T3622] batman_adv: batadv0: Adding interface: batadv_slave_0
[  493.167039][ T3622] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  493.193357][ T3622] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  493.206072][ T3622] batman_adv: batadv0: Adding interface: batadv_slave_1
[  493.213006][ T3622] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  493.239319][ T3622] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  493.265200][ T3622] device hsr_slave_0 entered promiscuous mode
[  493.272359][ T3622] device hsr_slave_1 entered promiscuous mode
[  493.356496][ T3622] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  493.367908][ T3622] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  493.376554][ T3622] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  493.386522][ T3622] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  493.407441][ T3622] bridge0: port 2(bridge_slave_1) entered blocking state
[  493.414626][ T3622] bridge0: port 2(bridge_slave_1) entered forwarding state
[  493.422272][ T3622] bridge0: port 1(bridge_slave_0) entered blocking state
[  493.429414][ T3622] bridge0: port 1(bridge_slave_0) entered forwarding state
[  493.471309][ T3622] 8021q: adding VLAN 0 to HW filter on device bond0
[  493.482266][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  493.492661][  T144] bridge0: port 1(bridge_slave_0) entered disabled state
[  493.501311][  T144] bridge0: port 2(bridge_slave_1) entered disabled state
[  493.509809][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  493.521982][ T3622] 8021q: adding VLAN 0 to HW filter on device team0
[  493.533371][ T3630] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  493.541808][ T3630] bridge0: port 1(bridge_slave_0) entered blocking state
[  493.548931][ T3630] bridge0: port 1(bridge_slave_0) entered forwarding state
[  493.559816][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  493.568427][  T144] bridge0: port 2(bridge_slave_1) entered blocking state
[  493.575646][  T144] bridge0: port 2(bridge_slave_1) entered forwarding state
[  493.594203][ T3630] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  493.604279][ T3630] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  493.614701][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  493.631213][ T3622] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  493.641835][ T3622] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  493.654249][ T3630] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  493.663132][ T3630] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  493.672378][ T3630] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  493.691302][ T3622] 8021q: adding VLAN 0 to HW filter on device batadv0
[  493.699052][ T3628] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  493.706789][ T3628] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  493.815704][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  493.828449][ T3628] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  493.838399][ T3628] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  493.846455][ T3628] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  493.855091][ T3622] device veth0_vlan entered promiscuous mode
[  493.867069][ T3622] device veth1_vlan entered promiscuous mode
[  493.887314][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  493.896397][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  493.905795][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  493.917027][ T3622] device veth0_macvtap entered promiscuous mode
[  493.926750][ T3622] device veth1_macvtap entered promiscuous mode
[  493.943167][ T3622] batman_adv: batadv0: Interface activated: batadv_slave_0
[  493.950856][ T3628] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  493.959899][ T3628] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  493.971337][ T3622] batman_adv: batadv0: Interface activated: batadv_slave_1
[  493.979317][ T3628] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  493.990748][ T3622] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  493.999958][ T3622] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  494.009624][ T3622] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
executing program
[  494.018720][ T3622] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  716.153608][   T28] INFO: task syz-executor277:3640 can't die for more than 143 seconds.
[  716.162011][   T28] task:syz-executor277 state:D stack:25352 pid: 3640 ppid:  3622 flags:0x00000004
[  716.171317][   T28] Call Trace:
[  716.175952][   T28]  <TASK>
[  716.178901][   T28]  __schedule+0xa9a/0x4cc0
[  716.183487][   T28]  ? update_load_avg+0x1bd/0x1c80
[  716.188635][   T28]  ? io_schedule_timeout+0x140/0x140
[  716.195987][   T28]  schedule+0xd2/0x1f0
[  716.200093][   T28]  schedule_timeout+0x1db/0x2a0
[  716.205030][   T28]  ? usleep_range_state+0x1b0/0x1b0
[  716.210239][   T28]  ? __wait_for_common+0x36f/0x530
[  716.215507][   T28]  ? mark_held_locks+0x9f/0xe0
[  716.220349][   T28]  ? rwlock_bug.part.0+0x90/0x90
[  716.225317][   T28]  ? _raw_spin_unlock_irq+0x1f/0x40
[  716.230529][   T28]  __wait_for_common+0x378/0x530
[  716.235563][   T28]  ? usleep_range_state+0x1b0/0x1b0
[  716.240774][   T28]  ? out_of_line_wait_on_bit_timeout+0x170/0x170
[  716.247157][   T28]  ? _raw_spin_unlock_irq+0x1f/0x40
[  716.252366][   T28]  __flush_work+0x56c/0xb10
[  716.257024][   T28]  ? queue_delayed_work_on+0x120/0x120
[  716.262498][   T28]  ? kernel_text_address+0x39/0x80
[  716.267837][   T28]  ? flush_workqueue_prep_pwqs+0x4f0/0x4f0
[  716.273796][   T28]  ? mark_held_locks+0x9f/0xe0
[  716.278593][   T28]  __cancel_work_timer+0x3f9/0x570
[  716.283755][   T28]  ? try_to_grab_pending+0xd0/0xd0
[  716.288897][   T28]  ? lock_release+0x780/0x780
[  716.293713][   T28]  tls_sk_proto_close+0x4a7/0xaf0
[  716.298882][   T28]  ? wait_on_pending_writer+0x430/0x430
[  716.305012][   T28]  ? ip_mc_drop_socket+0x16/0x260
[  716.310092][   T28]  inet_release+0x12e/0x280
[  716.316033][   T28]  inet6_release+0x4c/0x70
[  716.320559][   T28]  __sock_release+0xcd/0x280
[  716.325490][   T28]  sock_close+0x18/0x20
[  716.329648][   T28]  __fput+0x277/0x9d0
[  716.334627][   T28]  ? __sock_release+0x280/0x280
[  716.339480][   T28]  task_work_run+0xdd/0x1a0
[  716.344221][   T28]  exit_to_user_mode_prepare+0x23c/0x250
[  716.350026][   T28]  syscall_exit_to_user_mode+0x19/0x50
[  716.356419][   T28]  do_syscall_64+0x42/0xb0
[  716.360862][   T28]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  716.366975][   T28] RIP: 0033:0x7f3eeedfb743
[  716.371381][   T28] RSP: 002b:00007ffc3bf152d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  716.380703][   T28] RAX: 0000000000000000 RBX: 0000000000000006 RCX: 00007f3eeedfb743
[  716.388824][   T28] RDX: fffffffffffffe60 RSI: 00000000200005c0 RDI: 0000000000000005
[  716.397634][   T28] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffffffffffe60
[  716.405784][   T28] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc3bf152f0
[  716.414162][   T28] R13: 00000000000f4240 R14: 0000000000000000 R15: 0000000000000000
[  716.422162][   T28]  </TASK>
[  716.425959][   T28] INFO: task syz-executor277:3640 blocked for more than 143 seconds.
[  716.434071][   T28]       Not tainted 5.18.0-rc3-next-20220420-syzkaller #0
[  716.441195][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  716.449977][   T28] task:syz-executor277 state:D stack:25352 pid: 3640 ppid:  3622 flags:0x00000004
[  716.459214][   T28] Call Trace:
[  716.462478][   T28]  <TASK>
[  716.465512][   T28]  __schedule+0xa9a/0x4cc0
[  716.469961][   T28]  ? update_load_avg+0x1bd/0x1c80
[  716.475063][   T28]  ? io_schedule_timeout+0x140/0x140
[  716.480376][   T28]  schedule+0xd2/0x1f0
[  716.484566][   T28]  schedule_timeout+0x1db/0x2a0
[  716.489426][   T28]  ? usleep_range_state+0x1b0/0x1b0
[  716.494663][   T28]  ? __wait_for_common+0x36f/0x530
[  716.499893][   T28]  ? mark_held_locks+0x9f/0xe0
[  716.504763][   T28]  ? rwlock_bug.part.0+0x90/0x90
[  716.509715][   T28]  ? _raw_spin_unlock_irq+0x1f/0x40
[  716.514969][   T28]  __wait_for_common+0x378/0x530
[  716.519923][   T28]  ? usleep_range_state+0x1b0/0x1b0
[  716.525220][   T28]  ? out_of_line_wait_on_bit_timeout+0x170/0x170
[  716.531574][   T28]  ? _raw_spin_unlock_irq+0x1f/0x40
[  716.537500][   T28]  __flush_work+0x56c/0xb10
[  716.542027][   T28]  ? queue_delayed_work_on+0x120/0x120
[  716.547582][   T28]  ? kernel_text_address+0x39/0x80
[  716.552717][   T28]  ? flush_workqueue_prep_pwqs+0x4f0/0x4f0
[  716.558687][   T28]  ? mark_held_locks+0x9f/0xe0
[  716.563541][   T28]  __cancel_work_timer+0x3f9/0x570
[  716.568674][   T28]  ? try_to_grab_pending+0xd0/0xd0
[  716.573838][   T28]  ? lock_release+0x780/0x780
[  716.578536][   T28]  tls_sk_proto_close+0x4a7/0xaf0
[  716.583667][   T28]  ? wait_on_pending_writer+0x430/0x430
[  716.589236][   T28]  ? ip_mc_drop_socket+0x16/0x260
[  716.594301][   T28]  inet_release+0x12e/0x280
[  716.598822][   T28]  inet6_release+0x4c/0x70
[  716.603234][   T28]  __sock_release+0xcd/0x280
[  716.607923][   T28]  sock_close+0x18/0x20
[  716.612087][   T28]  __fput+0x277/0x9d0
[  716.616106][   T28]  ? __sock_release+0x280/0x280
[  716.620972][   T28]  task_work_run+0xdd/0x1a0
[  716.625598][   T28]  exit_to_user_mode_prepare+0x23c/0x250
[  716.631254][   T28]  syscall_exit_to_user_mode+0x19/0x50
[  716.637010][   T28]  do_syscall_64+0x42/0xb0
[  716.641452][   T28]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  716.648057][   T28] RIP: 0033:0x7f3eeedfb743
[  716.652486][   T28] RSP: 002b:00007ffc3bf152d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  716.661776][   T28] RAX: 0000000000000000 RBX: 0000000000000006 RCX: 00007f3eeedfb743
[  716.669897][   T28] RDX: fffffffffffffe60 RSI: 00000000200005c0 RDI: 0000000000000005
[  716.678705][   T28] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffffffffffe60
[  716.686817][   T28] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc3bf152f0
[  716.695637][   T28] R13: 00000000000f4240 R14: 0000000000000000 R15: 0000000000000000
[  716.703758][   T28]  </TASK>
[  716.706785][   T28] 
[  716.706785][   T28] Showing all locks held in the system:
[  716.714639][   T28] 1 lock held by khungtaskd/28:
[  716.719502][   T28]  #0: ffffffff8bd84f60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260
[  716.729467][   T28] 1 lock held by klogd/2949:
[  716.734098][   T28]  #0: ffff8880b9d3a018 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2b/0x120
[  716.744159][   T28] 2 locks held by getty/3275:
[  716.748845][   T28]  #0: ffff8881448d1098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x22/0x80
[  716.759382][   T28]  #1: ffffc90002b832e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xe50/0x13c0
[  716.769581][   T28] 3 locks held by kworker/0:3/3630:
[  716.774888][   T28]  #0: ffff888010c64d38 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x87a/0x1610
[  716.785373][   T28]  #1: ffffc90002fcfda8 ((work_completion)(&(&sw_ctx_tx->tx_work.work)->work)){+.+.}-{0:0}, at: process_one_work+0x8ae/0x1610
[  716.798481][   T28]  #2: ffff88801a2100d8 (&ctx->tx_lock){+.+.}-{3:3}, at: tx_work_handler+0x127/0x190
[  716.808079][   T28] 1 lock held by syz-executor277/3640:
[  716.813564][   T28]  #0: ffff888071d78810 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: __sock_release+0x86/0x280
[  716.824222][   T28] 
[  716.826544][   T28] =============================================
[  716.826544][   T28] 
[  716.834972][   T28] NMI backtrace for cpu 0
[  716.839294][   T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 5.18.0-rc3-next-20220420-syzkaller #0
[  716.848649][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  716.858687][   T28] Call Trace:
[  716.861949][   T28]  <TASK>
[  716.864867][   T28]  dump_stack_lvl+0xcd/0x134
[  716.869510][   T28]  nmi_cpu_backtrace.cold+0x47/0x144
[  716.874799][   T28]  ? lapic_can_unplug_cpu+0x80/0x80
[  716.880018][   T28]  nmi_trigger_cpumask_backtrace+0x1e6/0x230
[  716.886017][   T28]  watchdog+0xcb7/0xed0
[  716.890180][   T28]  ? trace_sched_process_hang+0x280/0x280
[  716.895889][   T28]  kthread+0x2e9/0x3a0
[  716.899948][   T28]  ? kthread_complete_and_exit+0x40/0x40
[  716.905565][   T28]  ret_from_fork+0x1f/0x30
[  716.909992][   T28]  </TASK>
[  716.913145][   T28] Sending NMI from CPU 0 to CPUs 1:
[  716.918404][    C1] NMI backtrace for cpu 1 skipped: idling at acpi_idle_do_entry+0x1c6/0x250
[  716.919732][   T28] Kernel panic - not syncing: hung_task: blocked tasks
[  716.935199][   T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 5.18.0-rc3-next-20220420-syzkaller #0
[  716.944556][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  716.954597][   T28] Call Trace:
[  716.957864][   T28]  <TASK>
[  716.960784][   T28]  dump_stack_lvl+0xcd/0x134
[  716.965385][   T28]  panic+0x2d7/0x636
[  716.969318][   T28]  ? panic_print_sys_info.part.0+0x10b/0x10b
[  716.975308][   T28]  ? lapic_can_unplug_cpu+0x80/0x80
[  716.980505][   T28]  ? preempt_schedule_thunk+0x16/0x18
[  716.985881][   T28]  ? nmi_trigger_cpumask_backtrace+0x1c9/0x230
[  716.992037][   T28]  ? watchdog.cold+0x1b9/0x1de
[  716.996820][   T28]  watchdog.cold+0x1ca/0x1de
[  717.001423][   T28]  ? trace_sched_process_hang+0x280/0x280
[  717.007148][   T28]  kthread+0x2e9/0x3a0
[  717.011218][   T28]  ? kthread_complete_and_exit+0x40/0x40
[  717.016850][   T28]  ret_from_fork+0x1f/0x30
[  717.021281][   T28]  </TASK>
[  717.024622][   T28] Kernel Offset: disabled
[  717.028981][   T28] Rebooting in 86400 seconds..