DUID 00:04:8a:84:28:17:ce:93:6d:14:d5:a0:40:fa:67:36:71:42
forked to background, child pid 3173
[   27.333984][ T3174] 8021q: adding VLAN 0 to HW filter on device bond0
[   27.346546][ T3174] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK

syzkaller
syzkaller login: [   76.209910][   T14] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.1.125' (ECDSA) to the list of known hosts.
[  493.143415][ T3625] chnl_net:caif_netlink_parms(): no params data found
[  493.186560][ T3625] bridge0: port 1(bridge_slave_0) entered blocking state
[  493.195075][ T3625] bridge0: port 1(bridge_slave_0) entered disabled state
[  493.203616][ T3625] device bridge_slave_0 entered promiscuous mode
[  493.212286][ T3625] bridge0: port 2(bridge_slave_1) entered blocking state
[  493.219554][ T3625] bridge0: port 2(bridge_slave_1) entered disabled state
[  493.227529][ T3625] device bridge_slave_1 entered promiscuous mode
[  493.246667][ T3625] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  493.257887][ T3625] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  493.281223][ T3625] team0: Port device team_slave_0 added
[  493.289163][ T3625] team0: Port device team_slave_1 added
[  493.305802][ T3625] batman_adv: batadv0: Adding interface: batadv_slave_0
[  493.312928][ T3625] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  493.338939][ T3625] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  493.351407][ T3625] batman_adv: batadv0: Adding interface: batadv_slave_1
[  493.358495][ T3625] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  493.384524][ T3625] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  493.412847][ T3625] device hsr_slave_0 entered promiscuous mode
[  493.419941][ T3625] device hsr_slave_1 entered promiscuous mode
[  493.506615][ T3625] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  493.518873][ T3625] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  493.527843][ T3625] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  493.537400][ T3625] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  493.558829][ T3625] bridge0: port 2(bridge_slave_1) entered blocking state
[  493.565976][ T3625] bridge0: port 2(bridge_slave_1) entered forwarding state
[  493.573695][ T3625] bridge0: port 1(bridge_slave_0) entered blocking state
[  493.580788][ T3625] bridge0: port 1(bridge_slave_0) entered forwarding state
[  493.626062][ T3625] 8021q: adding VLAN 0 to HW filter on device bond0
[  493.638434][ T3630] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  493.648907][ T3630] bridge0: port 1(bridge_slave_0) entered disabled state
[  493.658539][ T3630] bridge0: port 2(bridge_slave_1) entered disabled state
[  493.666358][ T3630] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  493.680257][ T3625] 8021q: adding VLAN 0 to HW filter on device team0
[  493.691031][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  493.700179][   T22] bridge0: port 1(bridge_slave_0) entered blocking state
[  493.707269][   T22] bridge0: port 1(bridge_slave_0) entered forwarding state
[  493.729503][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  493.738146][   T22] bridge0: port 2(bridge_slave_1) entered blocking state
[  493.745260][   T22] bridge0: port 2(bridge_slave_1) entered forwarding state
[  493.753660][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  493.762449][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  493.773172][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  493.784225][ T3630] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  493.797911][ T3625] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  493.810324][ T3625] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  493.820435][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  493.838218][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  493.845789][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  493.858325][ T3625] 8021q: adding VLAN 0 to HW filter on device batadv0
[  493.969591][ T3636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  493.978851][ T3636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  493.987211][ T3636] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  493.994915][ T3636] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  494.005681][ T3625] device veth0_vlan entered promiscuous mode
[  494.016389][ T3625] device veth1_vlan entered promiscuous mode
[  494.035432][ T3636] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  494.043593][ T3636] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  494.052194][ T3636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  494.062961][ T3625] device veth0_macvtap entered promiscuous mode
[  494.072734][ T3625] device veth1_macvtap entered promiscuous mode
[  494.089015][ T3625] batman_adv: batadv0: Interface activated: batadv_slave_0
[  494.096759][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  494.106556][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  494.118693][ T3625] batman_adv: batadv0: Interface activated: batadv_slave_1
[  494.126176][ T3636] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  494.139153][ T3625] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  494.148115][ T3625] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  494.156833][ T3625] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
executing program
[  494.166389][ T3625] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  716.207283][   T28] INFO: task syz-executor339:3644 blocked for more than 143 seconds.
[  716.215592][   T28]       Not tainted 5.18.0-rc2-syzkaller-01079-g9c8774e629a1 #0
[  716.223312][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  716.232037][   T28] task:syz-executor339 state:D stack:25552 pid: 3644 ppid:  3625 flags:0x00000004
[  716.241335][   T28] Call Trace:
[  716.244621][   T28]  <TASK>
[  716.247843][   T28]  __schedule+0xa9a/0x4cc0
[  716.252384][   T28]  ? update_load_avg+0x1361/0x1c80
[  716.257621][   T28]  ? io_schedule_timeout+0x140/0x140
[  716.262925][   T28]  schedule+0xd2/0x1f0
[  716.267112][   T28]  schedule_timeout+0x1db/0x2a0
[  716.272026][   T28]  ? usleep_range_state+0x1b0/0x1b0
[  716.277281][   T28]  ? __wait_for_common+0x36a/0x530
[  716.282405][   T28]  ? mark_held_locks+0x9f/0xe0
[  716.287371][   T28]  ? rwlock_bug.part.0+0x90/0x90
[  716.292331][   T28]  ? _raw_spin_unlock_irq+0x1f/0x40
[  716.297602][   T28]  __wait_for_common+0x373/0x530
[  716.302554][   T28]  ? usleep_range_state+0x1b0/0x1b0
[  716.307815][   T28]  ? out_of_line_wait_on_bit_timeout+0x170/0x170
[  716.314161][   T28]  ? _raw_spin_unlock_irq+0x1f/0x40
[  716.319426][   T28]  __flush_work+0x56c/0xb10
[  716.323995][   T28]  ? queue_delayed_work_on+0x120/0x120
[  716.329498][   T28]  ? kernel_text_address+0x39/0x80
[  716.334756][   T28]  ? flush_workqueue_prep_pwqs+0x4f0/0x4f0
[  716.340638][   T28]  ? mark_held_locks+0x9f/0xe0
[  716.345419][   T28]  __cancel_work_timer+0x3f9/0x570
[  716.350575][   T28]  ? try_to_grab_pending+0xd0/0xd0
[  716.355705][   T28]  ? lock_release+0x720/0x720
[  716.360456][   T28]  tls_sk_proto_close+0x4a7/0xaf0
[  716.365606][   T28]  ? wait_on_pending_writer+0x430/0x430
[  716.371264][   T28]  ? ip_mc_drop_socket+0x16/0x260
[  716.376336][   T28]  inet_release+0x12e/0x280
[  716.380917][   T28]  inet6_release+0x4c/0x70
[  716.385407][   T28]  __sock_release+0xcd/0x280
[  716.390142][   T28]  sock_close+0x18/0x20
[  716.394303][   T28]  __fput+0x277/0x9d0
[  716.398394][   T28]  ? __sock_release+0x280/0x280
[  716.403258][   T28]  task_work_run+0xdd/0x1a0
[  716.407829][   T28]  exit_to_user_mode_prepare+0x23c/0x250
[  716.413518][   T28]  syscall_exit_to_user_mode+0x19/0x60
[  716.419035][   T28]  do_syscall_64+0x42/0xb0
[  716.423488][   T28]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  716.429437][   T28] RIP: 0033:0x7fafc7d92743
[  716.433861][   T28] RSP: 002b:00007ffdcf3dca18 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  716.442533][   T28] RAX: 0000000000000000 RBX: 0000000000000006 RCX: 00007fafc7d92743
[  716.450589][   T28] RDX: fffffffffffffe60 RSI: 00000000200005c0 RDI: 0000000000000005
[  716.458629][   T28] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffffffffffe60
[  716.466592][   T28] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdcf3dca30
[  716.474604][   T28] R13: 00000000000f4240 R14: 0000000000000000 R15: 0000000000000000
[  716.482639][   T28]  </TASK>
[  716.485691][   T28] 
[  716.485691][   T28] Showing all locks held in the system:
[  716.493456][   T28] 1 lock held by khungtaskd/28:
[  716.498418][   T28]  #0: ffffffff8bd81de0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260
[  716.508385][   T28] 2 locks held by getty/3277:
[  716.513056][   T28]  #0: ffff88814cb58098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x22/0x80
[  716.522947][   T28]  #1: ffffc90002e732e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xcea/0x1230
[  716.533106][   T28] 3 locks held by kworker/0:0/3630:
[  716.538361][   T28]  #0: ffff888010c64d38 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x87a/0x1610
[  716.548759][   T28]  #1: ffffc90003abfda8 ((work_completion)(&(&sw_ctx_tx->tx_work.work)->work)){+.+.}-{0:0}, at: process_one_work+0x8ae/0x1610
[  716.561869][   T28]  #2: ffff88801ce614d8 (&ctx->tx_lock){+.+.}-{3:3}, at: tx_work_handler+0x127/0x190
[  716.571448][   T28] 1 lock held by syz-executor339/3644:
[  716.576901][   T28]  #0: ffff888073283e10 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: __sock_release+0x86/0x280
[  716.587505][   T28] 
[  716.589829][   T28] =============================================
[  716.589829][   T28] 
[  716.598286][   T28] NMI backtrace for cpu 1
[  716.602606][   T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 5.18.0-rc2-syzkaller-01079-g9c8774e629a1 #0
[  716.612486][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  716.622531][   T28] Call Trace:
[  716.625801][   T28]  <TASK>
[  716.628727][   T28]  dump_stack_lvl+0xcd/0x134
[  716.633399][   T28]  nmi_cpu_backtrace.cold+0x47/0x144
[  716.638684][   T28]  ? lapic_can_unplug_cpu+0x80/0x80
[  716.643912][   T28]  nmi_trigger_cpumask_backtrace+0x1e6/0x230
[  716.649937][   T28]  watchdog+0xc1d/0xf50
[  716.654136][   T28]  ? proc_dohung_task_timeout_secs+0x80/0x80
[  716.660112][   T28]  kthread+0x2e9/0x3a0
[  716.664172][   T28]  ? kthread_complete_and_exit+0x40/0x40
[  716.669798][   T28]  ret_from_fork+0x1f/0x30
[  716.674263][   T28]  </TASK>
[  716.677420][   T28] Sending NMI from CPU 1 to CPUs 0:
[  716.682675][    C0] NMI backtrace for cpu 0 skipped: idling at acpi_idle_do_entry+0x1c6/0x250
[  716.683699][   T28] Kernel panic - not syncing: hung_task: blocked tasks
[  716.683710][   T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 5.18.0-rc2-syzkaller-01079-g9c8774e629a1 #0
[  716.683733][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  716.683745][   T28] Call Trace:
[  716.683751][   T28]  <TASK>
[  716.683759][   T28]  dump_stack_lvl+0xcd/0x134
[  716.683790][   T28]  panic+0x2d7/0x636
[  716.683887][   T28]  ? panic_print_sys_info.part.0+0x10b/0x10b
[  716.683918][   T28]  ? lapic_can_unplug_cpu+0x80/0x80
[  716.683942][   T28]  ? preempt_schedule_thunk+0x16/0x18
[  716.683967][   T28]  ? nmi_trigger_cpumask_backtrace+0x1c9/0x230
[  716.683999][   T28]  ? watchdog.cold+0x130/0x158
[  716.684033][   T28]  watchdog.cold+0x141/0x158
[  716.684058][   T28]  ? proc_dohung_task_timeout_secs+0x80/0x80
[  716.684085][   T28]  kthread+0x2e9/0x3a0
[  716.684103][   T28]  ? kthread_complete_and_exit+0x40/0x40
[  716.684126][   T28]  ret_from_fork+0x1f/0x30
[  716.684163][   T28]  </TASK>
[  716.691579][   T28] Kernel Offset: disabled
[  716.792326][   T28] Rebooting in 86400 seconds..