[  421.877508][ T4070] CPU: 0 PID: 4070 Comm: syz-executor.0 Tainted: G        W          5.19.0-syzkaller-12716-g4e23eeebb2e5-dirty #0
[  421.889585][ T4070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
[  421.899652][ T4070] RIP: 0010:__flush_work.isra.0+0xa2/0xb0
[  421.905358][ T4070] Code: 48 83 c4 50 44 89 e0 5d 41 5c c3 e8 78 13 10 00 48 8d 7c 24 20 e8 8e 36 37 03 eb cf e8 67 13 10 00 0f 0b eb c6 e8 5e 13 10 00 <0f> 0b 45 31 e4 eb ba e8 32 44 36 03 66 90 41 54 55 48 89 fd e8 45
[  421.924973][ T4070] RSP: 0018:ffffc90002c87b88 EFLAGS: 00010293
[  421.931045][ T4070] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000
[  421.939129][ T4070] RDX: ffff888114d80c00 RSI: ffffffff8127a312 RDI: 0000000000000001
[  421.947099][ T4070] RBP: ffff88810a465390 R08: 0000000000000001 R09: 0000000000000000
[  421.955096][ T4070] R10: 0000000000000001 R11: fffffffffff2da25 R12: 0000000000000001
[  421.963074][ T4070] R13: 0000000000000001 R14: ffff888140ce1460 R15: ffff88810522ae40
[  421.971128][ T4070] FS:  0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[  421.980075][ T4070] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  421.986649][ T4070] CR2: 00007f5572cfe210 CR3: 0000000005a29000 CR4: 00000000003506f0
[  421.994647][ T4070] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  422.002615][ T4070] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  422.010587][ T4070] Call Trace:
[  422.013859][ T4070]  <TASK>
[  422.016769][ T4070]  ? del_timer+0x64/0x90
[  422.021029][ T4070]  ? try_to_grab_pending+0x53/0x290
[  422.026237][ T4070]  __cancel_work_timer+0x1bb/0x270
[  422.031354][ T4070]  ? mgmt_send_event+0xae/0xd0
[  422.036207][ T4070]  mgmt_index_removed+0xe9/0x190
[  422.041150][ T4070]  hci_unregister_dev+0x1c3/0x1e0
[  422.046180][ T4070]  vhci_release+0x3e/0x70
[  422.050517][ T4070]  ? vhci_close_dev+0x20/0x20
[  422.055187][ T4070]  __fput+0x105/0x430
[  422.059220][ T4070]  task_work_run+0x73/0xb0
[  422.063638][ T4070]  do_exit+0x46c/0x10d0
[  422.067866][ T4070]  ? _raw_spin_unlock_irqrestore+0x23/0x40
[  422.073705][ T4070]  ? prepare_to_wait_event+0x5c/0x180
[  422.079095][ T4070]  do_group_exit+0x4b/0xf0
[  422.083499][ T4070]  get_signal+0x1012/0x1020
[  422.088104][ T4070]  ? new_sync_read+0xee/0x160
[  422.092790][ T4070]  arch_do_signal_or_restart+0x2b/0x7b0
[  422.098349][ T4070]  ? vfs_read+0x13e/0x2a0
[  422.102672][ T4070]  exit_to_user_mode_prepare+0xa7/0x160
[  422.108235][ T4070]  syscall_exit_to_user_mode+0x1d/0x40
[  422.113688][ T4070]  do_syscall_64+0x42/0xb0
[  422.118101][ T4070]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  422.124265][ T4070] RIP: 0033:0x7fbcf423be2c
[  422.128767][ T4070] Code: Unable to access opcode bytes at RIP 0x7fbcf423be02.
[  422.136128][ T4070] RSP: 002b:00007ffffb9c1ee0 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  422.144551][ T4070] RAX: fffffffffffffe00 RBX: 00007ffffb9c1f90 RCX: 00007fbcf423be2c
[  422.152527][ T4070] RDX: 0000000000000040 RSI: 00007fbcf4398020 RDI: 00000000000000f9
[  422.160588][ T4070] RBP: 0000000000000003 R08: 0000000000000000 R09: ff00000000000000
[  422.168565][ T4070] R10: 0000000000000010 R11: 0000000000000246 R12: 0000000000000032
[  422.176612][ T4070] R13: 000000000006577d R14: 0000000000000002 R15: 00007ffffb9c1fd0
[  422.184603][ T4070]  </TASK>
[  422.187701][ T4070] ---[ end trace 0000000000000000 ]---
[  422.820769][  T966] device hsr_slave_0 left promiscuous mode
[  422.826893][  T966] device hsr_slave_1 left promiscuous mode
[  422.833992][  T966] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  422.841400][  T966] batman_adv: batadv0: Removing interface: batadv_slave_0
[  422.848750][  T966] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  422.856128][  T966] batman_adv: batadv0: Removing interface: batadv_slave_1
[  422.863455][  T966] device bridge_slave_1 left promiscuous mode
[  422.869842][  T966] bridge0: port 2(bridge_slave_1) entered disabled state
[  422.877187][  T966] device bridge_slave_0 left promiscuous mode
[  422.883505][  T966] bridge0: port 1(bridge_slave_0) entered disabled state
[  422.891464][  T966] device veth1_macvtap left promiscuous mode
[  422.897450][  T966] device veth0_macvtap left promiscuous mode
[  422.903649][  T966] device veth1_vlan left promiscuous mode
[  422.909422][  T966] device veth0_vlan left promiscuous mode
[  422.932895][  T966] team0 (unregistering): Port device team_slave_1 removed
[  422.940757][  T966] team0 (unregistering): Port device team_slave_0 removed
[  422.948686][  T966] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  422.957953][  T966] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  422.972146][  T966] bond0 (unregistering): Released all slaves
Warning: Permanently added '10.128.0.243' (ECDSA) to the list of known hosts.
[  434.125478][ T4496] chnl_net:caif_netlink_parms(): no params data found
[  434.142028][ T4496] bridge0: port 1(bridge_slave_0) entered blocking state
[  434.149234][ T4496] bridge0: port 1(bridge_slave_0) entered disabled state
[  434.156496][ T4496] device bridge_slave_0 entered promiscuous mode
[  434.163534][ T4496] bridge0: port 2(bridge_slave_1) entered blocking state
[  434.170783][ T4496] bridge0: port 2(bridge_slave_1) entered disabled state
[  434.178212][ T4496] device bridge_slave_1 entered promiscuous mode
[  434.189003][ T4496] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  434.198795][ T4496] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  434.211517][ T4496] team0: Port device team_slave_0 added
[  434.217567][ T4496] team0: Port device team_slave_1 added
[  434.226749][ T4496] batman_adv: batadv0: Adding interface: batadv_slave_0
[  434.233760][ T4496] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  434.259857][ T4496] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  434.270874][ T4496] batman_adv: batadv0: Adding interface: batadv_slave_1
[  434.277789][ T4496] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  434.303854][ T4496] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  434.319195][ T4496] device hsr_slave_0 entered promiscuous mode
[  434.325422][ T4496] device hsr_slave_1 entered promiscuous mode
[  434.349102][ T4496] bridge0: port 2(bridge_slave_1) entered blocking state
[  434.356149][ T4496] bridge0: port 2(bridge_slave_1) entered forwarding state
[  434.363390][ T4496] bridge0: port 1(bridge_slave_0) entered blocking state
[  434.370424][ T4496] bridge0: port 1(bridge_slave_0) entered forwarding state
[  434.386988][ T4496] 8021q: adding VLAN 0 to HW filter on device bond0
[  434.395250][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  434.403067][   T25] bridge0: port 1(bridge_slave_0) entered disabled state
[  434.410750][   T25] bridge0: port 2(bridge_slave_1) entered disabled state
[  434.418983][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  434.427666][ T4496] 8021q: adding VLAN 0 to HW filter on device team0
[  434.436019][ T3358] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  434.444400][ T3358] bridge0: port 1(bridge_slave_0) entered blocking state
[  434.451446][ T3358] bridge0: port 1(bridge_slave_0) entered forwarding state
[  434.465167][ T4496] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  434.475557][ T4496] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  434.486563][ T3358] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  434.494845][ T3358] bridge0: port 2(bridge_slave_1) entered blocking state
[  434.501882][ T3358] bridge0: port 2(bridge_slave_1) entered forwarding state
[  434.509826][ T3358] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  434.517925][ T3358] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  434.526126][ T3358] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  434.534194][ T3358] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  434.542579][ T3358] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  434.549983][ T3358] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  434.560873][ T4496] 8021q: adding VLAN 0 to HW filter on device batadv0
[  434.567964][ T3358] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  434.575521][ T3358] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  434.623306][ T4496] device veth0_vlan entered promiscuous mode
[  434.629594][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  434.637963][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  434.646249][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  434.654495][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  434.663383][ T4496] device veth1_vlan entered promiscuous mode
[  434.672617][ T4501] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  434.680509][ T4501] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  434.688398][ T4501] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  434.697219][ T4496] device veth0_macvtap entered promiscuous mode
[  434.704420][ T4496] device veth1_macvtap entered promiscuous mode
[  434.713447][ T4496] batman_adv: batadv0: Interface activated: batadv_slave_0
[  434.720719][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  434.729427][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  434.738143][ T4496] batman_adv: batadv0: Interface activated: batadv_slave_1
[  434.748291][ T4501] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  438.578621][ T1233] ieee802154 phy0 wpan0: encryption failed: -22
[  438.584931][ T1233] ieee802154 phy1 wpan1: encryption failed: -22
[  500.018745][ T1233] ieee802154 phy0 wpan0: encryption failed: -22
[  500.025052][ T1233] ieee802154 phy1 wpan1: encryption failed: -22
[  561.458734][ T1233] ieee802154 phy0 wpan0: encryption failed: -22
[  561.465038][ T1233] ieee802154 phy1 wpan1: encryption failed: -22