forked to background, child pid 3174
no interfaces have a carrier
[   25.821197][ T3175] 8021q: adding VLAN 0 to HW filter on device bond0
[   25.831249][ T3175] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK

syzkaller
syzkaller login: [   76.203251][  T144] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.1.87' (ECDSA) to the list of known hosts.
[  488.687275][ T3633] chnl_net:caif_netlink_parms(): no params data found
[  488.727633][ T3633] bridge0: port 1(bridge_slave_0) entered blocking state
[  488.735222][ T3633] bridge0: port 1(bridge_slave_0) entered disabled state
[  488.743773][ T3633] device bridge_slave_0 entered promiscuous mode
[  488.752174][ T3633] bridge0: port 2(bridge_slave_1) entered blocking state
[  488.759335][ T3633] bridge0: port 2(bridge_slave_1) entered disabled state
[  488.767681][ T3633] device bridge_slave_1 entered promiscuous mode
[  488.793001][ T3633] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  488.803616][ T3633] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  488.824844][ T3633] team0: Port device team_slave_0 added
[  488.831996][ T3633] team0: Port device team_slave_1 added
[  488.849326][ T3633] batman_adv: batadv0: Adding interface: batadv_slave_0
[  488.856297][ T3633] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  488.882574][ T3633] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  488.894971][ T3633] batman_adv: batadv0: Adding interface: batadv_slave_1
[  488.902056][ T3633] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  488.928021][ T3633] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  488.953161][ T3633] device hsr_slave_0 entered promiscuous mode
[  488.959767][ T3633] device hsr_slave_1 entered promiscuous mode
[  489.038078][ T3633] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  489.048830][ T3633] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  489.057506][ T3633] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  489.066720][ T3633] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  489.086586][ T3633] bridge0: port 2(bridge_slave_1) entered blocking state
[  489.093773][ T3633] bridge0: port 2(bridge_slave_1) entered forwarding state
[  489.101250][ T3633] bridge0: port 1(bridge_slave_0) entered blocking state
[  489.108363][ T3633] bridge0: port 1(bridge_slave_0) entered forwarding state
[  489.148315][ T3633] 8021q: adding VLAN 0 to HW filter on device bond0
[  489.160259][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  489.169522][ T3642] bridge0: port 1(bridge_slave_0) entered disabled state
[  489.178463][ T3642] bridge0: port 2(bridge_slave_1) entered disabled state
[  489.186173][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  489.198217][ T3633] 8021q: adding VLAN 0 to HW filter on device team0
[  489.210127][  T142] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  489.218662][  T142] bridge0: port 1(bridge_slave_0) entered blocking state
[  489.225732][  T142] bridge0: port 1(bridge_slave_0) entered forwarding state
[  489.242180][  T142] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  489.250843][  T142] bridge0: port 2(bridge_slave_1) entered blocking state
[  489.257952][  T142] bridge0: port 2(bridge_slave_1) entered forwarding state
[  489.269317][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  489.278326][ T3642] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  489.290282][ T3643] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  489.305145][  T142] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  489.313547][  T142] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  489.324440][ T3633] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  489.340482][ T3645] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  489.347980][ T3645] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  489.359931][ T3633] 8021q: adding VLAN 0 to HW filter on device batadv0
[  489.469617][ T3633] device veth0_vlan entered promiscuous mode
[  489.478047][ T3639] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  489.487316][ T3639] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  489.495782][ T3639] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  489.503562][ T3639] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  489.516620][ T3633] device veth1_vlan entered promiscuous mode
[  489.533873][ T3643] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  489.541974][ T3643] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  489.550050][ T3643] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  489.564000][ T3633] device veth0_macvtap entered promiscuous mode
[  489.573288][ T3633] device veth1_macvtap entered promiscuous mode
[  489.589143][ T3633] batman_adv: batadv0: Interface activated: batadv_slave_0
[  489.597175][ T3643] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  489.606619][ T3643] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
executing program
[  489.618326][ T3633] batman_adv: batadv0: Interface activated: batadv_slave_1
[  489.626214][ T3643] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  489.636831][ T3633] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  489.646085][ T3633] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  489.655143][ T3633] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  489.663896][ T3633] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  716.201821][   T28] INFO: task syz-executor253:3652 blocked for more than 143 seconds.
[  716.210012][   T28]       Not tainted 5.18.0-rc3-syzkaller-00016-gb253435746d9 #0
[  716.222265][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  716.230945][   T28] task:syz-executor253 state:D stack:24832 pid: 3652 ppid:  3633 flags:0x00004004
[  716.240288][   T28] Call Trace:
[  716.243640][   T28]  <TASK>
[  716.246578][   T28]  __schedule+0x939/0xea0
[  716.251014][   T28]  ? release_firmware_map_entry+0x186/0x186
[  716.257393][   T28]  schedule+0xeb/0x1b0
[  716.261570][   T28]  schedule_timeout+0xac/0x300
[  716.266549][   T28]  ? console_conditional_schedule+0x40/0x40
[  716.272509][   T28]  ? lockdep_hardirqs_on_prepare+0x448/0x7b0
[  716.278510][   T28]  ? do_raw_spin_unlock+0x134/0x8a0
[  716.283753][   T28]  ? _raw_spin_unlock_irq+0x1f/0x40
[  716.289019][   T28]  ? lockdep_hardirqs_on+0x95/0x140
[  716.294316][   T28]  do_wait_for_common+0x3ea/0x560
[  716.299340][   T28]  ? console_conditional_schedule+0x40/0x40
[  716.305279][   T28]  ? bit_wait_io_timeout+0x110/0x110
[  716.310583][   T28]  ? _raw_spin_lock_irq+0xdb/0x110
[  716.315834][   T28]  ? start_flush_work+0x7a2/0x850
[  716.320926][   T28]  wait_for_completion+0x46/0x60
[  716.325918][   T28]  __cancel_work_timer+0x585/0x740
[  716.331028][   T28]  ? __kernel_text_address+0x9/0x40
[  716.336369][   T28]  ? cancel_work_sync+0x20/0x20
[  716.341221][   T28]  ? mark_lock+0x98/0x350
[  716.345617][   T28]  ? start_flush_work+0x850/0x850
[  716.350663][   T28]  ? read_lock_is_recursive+0x10/0x10
[  716.356124][   T28]  tls_sk_proto_close+0x120/0x970
[  716.361234][   T28]  ? tls_getsockopt+0xf30/0xf30
[  716.366135][   T28]  ? down_write+0x10d/0x170
[  716.370641][   T28]  ? ip_mc_drop_socket+0x251/0x260
[  716.375873][   T28]  inet_release+0x184/0x1e0
[  716.380386][   T28]  sock_close+0xd7/0x260
[  716.384766][   T28]  ? __fput+0x3ac/0x820
[  716.388962][   T28]  ? sock_mmap+0x90/0x90
[  716.393285][   T28]  __fput+0x3b9/0x820
[  716.397276][   T28]  task_work_run+0x146/0x1c0
[  716.401917][   T28]  exit_to_user_mode_loop+0x134/0x160
[  716.407338][   T28]  exit_to_user_mode_prepare+0xad/0x110
[  716.412968][   T28]  syscall_exit_to_user_mode+0x2e/0x70
[  716.418430][   T28]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  716.424365][   T28] RIP: 0033:0x7f6bda683753
[  716.428779][   T28] RSP: 002b:00007fff98f72d98 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  716.437268][   T28] RAX: 0000000000000000 RBX: 0000000000000006 RCX: 00007f6bda683753
[  716.450029][   T28] RDX: fffffffffffffe60 RSI: 00000000200005c0 RDI: 0000000000000005
[  716.458129][   T28] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffffffffffe60
[  716.466143][   T28] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff98f72db0
[  716.474322][   T28] R13: 00000000000f4240 R14: 0000000000000000 R15: 0000000000000000
[  716.482388][   T28]  </TASK>
[  716.485441][   T28] 
[  716.485441][   T28] Showing all locks held in the system:
[  716.493228][   T28] 1 lock held by khungtaskd/28:
[  716.498072][   T28]  #0: ffffffff8cb1ae60 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x0/0x30
[  716.507515][   T28] 2 locks held by getty/3280:
[  716.512233][   T28]  #0: ffff88801e241098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70
[  716.522244][   T28]  #1: ffffc90002b832e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6ad/0x1c90
[  716.532406][   T28] 1 lock held by kworker/u4:2/3640:
[  716.537596][   T28]  #0: ffff8880b9a39c18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x25/0x110
[  716.547684][   T28] 3 locks held by kworker/0:4/3643:
[  716.552903][   T28]  #0: ffff888011464d38 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x796/0xd10
[  716.563221][   T28]  #1: ffffc9000309fd00 ((work_completion)(&(&sw_ctx_tx->tx_work.work)->work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0xd10
[  716.576210][   T28]  #2: ffff88801daa70d8 (&ctx->tx_lock){+.+.}-{3:3}, at: tx_work_handler+0x111/0x150
[  716.585732][   T28] 1 lock held by syz-executor253/3652:
[  716.591181][   T28]  #0: ffff888071a0be10 (&sb->s_type->i_mutex_key#9){+.+.}-{3:3}, at: sock_close+0x93/0x260
[  716.601315][   T28] 
[  716.603667][   T28] =============================================
[  716.603667][   T28] 
[  716.612095][   T28] NMI backtrace for cpu 1
[  716.616411][   T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 5.18.0-rc3-syzkaller-00016-gb253435746d9 #0
[  716.626280][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  716.636314][   T28] Call Trace:
[  716.639577][   T28]  <TASK>
[  716.642491][   T28]  dump_stack_lvl+0x1e3/0x2cb
[  716.647204][   T28]  ? bfq_pos_tree_add_move+0x436/0x436
[  716.652649][   T28]  ? panic+0x76e/0x76e
[  716.656701][   T28]  ? nmi_cpu_backtrace+0x248/0x4a0
[  716.661847][   T28]  nmi_cpu_backtrace+0x473/0x4a0
[  716.666764][   T28]  ? vprintk_emit+0x104/0x1e0
[  716.671433][   T28]  ? nmi_trigger_cpumask_backtrace+0x280/0x280
[  716.677572][   T28]  ? _printk+0xcf/0x10f
[  716.681717][   T28]  ? panic+0x76e/0x76e
[  716.685770][   T28]  ? wake_up_klogd+0xb2/0xf0
[  716.690349][   T28]  ? panic+0x76e/0x76e
[  716.694408][   T28]  ? __rcu_read_unlock+0x8f/0x100
[  716.699474][   T28]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  716.705554][   T28]  nmi_trigger_cpumask_backtrace+0x168/0x280
[  716.711523][   T28]  watchdog+0xcf9/0xd40
[  716.715685][   T28]  kthread+0x266/0x300
[  716.719740][   T28]  ? hungtask_pm_notify+0x50/0x50
[  716.724746][   T28]  ? kthread_blkcg+0xd0/0xd0
[  716.729325][   T28]  ret_from_fork+0x1f/0x30
[  716.733780][   T28]  </TASK>
[  716.736964][   T28] Sending NMI from CPU 1 to CPUs 0:
[  716.742202][    C0] NMI backtrace for cpu 0
[  716.742211][    C0] CPU: 0 PID: 3667 Comm: kworker/u4:3 Not tainted 5.18.0-rc3-syzkaller-00016-gb253435746d9 #0
[  716.742225][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  716.742233][    C0] Workqueue: events_unbound toggle_allocation_gate
[  716.742296][    C0] RIP: 0010:lockdep_hardirqs_on_prepare+0x3b0/0x7b0
[  716.742312][    C0] Code: c0 75 53 8b 43 20 a9 00 00 04 00 74 2b 25 00 00 03 00 83 f8 01 ba 07 00 00 00 83 da 00 48 8b 7c 24 10 48 89 de e8 90 9e 00 00 <48> ba 00 00 00 00 00 fc ff df 85 c0 74 7e 49 ff c5 41 0f b6 04 17
[  716.742322][    C0] RSP: 0018:ffffc900031ef6e0 EFLAGS: 00000082
[  716.742333][    C0] RAX: 0000000000000001 RBX: ffff88807838e228 RCX: ffffffff81674358
[  716.742342][    C0] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff8fb0efd0
[  716.742351][    C0] RBP: ffffc900031ef7a0 R08: dffffc0000000000 R09: fffffbfff1f61dfb
[  716.742360][    C0] R10: fffffbfff1f61dfb R11: 1ffffffff1f61dfa R12: ffff88807838e248
[  716.742369][    C0] R13: 0000000000000005 R14: ffff88807838e158 R15: 1ffff1100f071c2b
[  716.742378][    C0] FS:  0000000000000000(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000
[  716.742389][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  716.742399][    C0] CR2: 00007ffec7ad0438 CR3: 000000000c88e000 CR4: 00000000003506f0
[  716.742411][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  716.742418][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  716.742426][    C0] Call Trace:
[  716.742430][    C0]  <TASK>
[  716.742437][    C0]  ? print_irqtrace_events+0x220/0x220
[  716.742450][    C0]  ? flush_tlb_multi+0x50/0x50
[  716.742477][    C0]  ? __text_poke+0x5ea/0x9a0
[  716.742509][    C0]  ? kasan_check_range+0x2a7/0x2e0
[  716.742520][    C0]  ? __text_poke+0x5ea/0x9a0
[  716.742532][    C0]  ? __text_poke+0x799/0x9a0
[  716.742545][    C0]  ? kmem_cache_alloc_node_trace+0xe6/0x360
[  716.742575][    C0]  trace_hardirqs_on+0x6f/0x80
[  716.742604][    C0]  __text_poke+0x799/0x9a0
[  716.742618][    C0]  ? kmem_cache_alloc_node_trace+0xe6/0x360
[  716.742633][    C0]  ? text_poke+0x80/0x80
[  716.742644][    C0]  ? preempt_schedule_common+0xb7/0xe0
[  716.742659][    C0]  ? preempt_schedule+0xd9/0xe0
[  716.742671][    C0]  ? schedule_preempt_disabled+0x20/0x20
[  716.742686][    C0]  ? perf_event_bpf_output+0x240/0x240
[  716.742715][    C0]  ? preempt_schedule_thunk+0x16/0x18
[  716.742734][    C0]  text_poke_bp_batch+0x6a5/0x960
[  716.742750][    C0]  ? __kmalloc_node_track_caller+0xff/0x3f0
[  716.742764][    C0]  ? text_poke_loc_init+0x510/0x510
[  716.742780][    C0]  ? __jump_label_update+0x38e/0x3b0
[  716.742811][    C0]  text_poke_finish+0x16/0x30
[  716.742824][    C0]  arch_jump_label_transform_apply+0x13/0x20
[  716.742837][    C0]  static_key_enable_cpuslocked+0x129/0x250
[  716.742852][    C0]  static_key_enable+0x16/0x20
[  716.742865][    C0]  toggle_allocation_gate+0xbf/0x470
[  716.742878][    C0]  ? show_object+0xa0/0xa0
[  716.742891][    C0]  ? rcu_read_lock_sched_held+0x89/0x130
[  716.742904][    C0]  ? __bpf_trace_rcu_stall_warning+0x10/0x10
[  716.742916][    C0]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  716.742933][    C0]  ? _raw_spin_unlock_irq+0x1f/0x40
[  716.742949][    C0]  process_one_work+0x81c/0xd10
[  716.742968][    C0]  ? worker_detach_from_pool+0x260/0x260
[  716.742982][    C0]  ? _raw_spin_lock_irqsave+0x120/0x120
[  716.742996][    C0]  ? kthread_data+0x4d/0xc0
[  716.743009][    C0]  ? wq_worker_running+0x95/0x190
[  716.743021][    C0]  worker_thread+0xb14/0x1330
[  716.743038][    C0]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  716.743062][    C0]  kthread+0x266/0x300
[  716.743073][    C0]  ? rcu_lock_release+0x20/0x20
[  716.743085][    C0]  ? kthread_blkcg+0xd0/0xd0
[  716.743097][    C0]  ret_from_fork+0x1f/0x30
[  716.743115][    C0]  </TASK>
[  716.746483][   T28] Kernel panic - not syncing: hung_task: blocked tasks
[  717.113812][   T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 5.18.0-rc3-syzkaller-00016-gb253435746d9 #0
[  717.123693][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  717.134047][   T28] Call Trace:
[  717.137325][   T28]  <TASK>
[  717.140246][   T28]  dump_stack_lvl+0x1e3/0x2cb
[  717.144922][   T28]  ? bfq_pos_tree_add_move+0x436/0x436
[  717.150378][   T28]  ? panic+0x76e/0x76e
[  717.154451][   T28]  ? wake_up_klogd+0xbb/0xf0
[  717.159036][   T28]  ? vscnprintf+0x59/0x80
[  717.163362][   T28]  panic+0x312/0x76e
[  717.167248][   T28]  ? schedule_preempt_disabled+0x20/0x20
[  717.172878][   T28]  ? nmi_trigger_cpumask_backtrace+0x205/0x280
[  717.179035][   T28]  ? fb_is_primary_device+0xcc/0xcc
[  717.184232][   T28]  ? tick_nohz_tick_stopped+0x76/0xb0
[  717.189675][   T28]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  717.195747][   T28]  ? nmi_trigger_cpumask_backtrace+0x205/0x280
[  717.201899][   T28]  ? nmi_trigger_cpumask_backtrace+0x265/0x280
[  717.208048][   T28]  watchdog+0xd39/0xd40
[  717.212202][   T28]  kthread+0x266/0x300
[  717.216263][   T28]  ? hungtask_pm_notify+0x50/0x50
[  717.221283][   T28]  ? kthread_blkcg+0xd0/0xd0
[  717.225870][   T28]  ret_from_fork+0x1f/0x30
[  717.230290][   T28]  </TASK>
[  717.233597][   T28] Kernel Offset: disabled
[  717.237930][   T28] Rebooting in 86400 seconds..