Bluetooth: hci5: command 0x0406 tx timeout
Bluetooth: hci3: command 0x0406 tx timeout
Bluetooth: hci4: command 0x0406 tx timeout
ieee802154 phy0 wpan0: encryption failed: -22
ieee802154 phy1 wpan1: encryption failed: -22
INFO: task syz-executor.0:8141 blocked for more than 140 seconds.
      Not tainted 4.19.178-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.0  D23912  8141      1 0x00000004
Call Trace:
 context_switch kernel/sched/core.c:2828 [inline]
 __schedule+0x887/0x2040 kernel/sched/core.c:3517
 schedule+0x8d/0x1b0 kernel/sched/core.c:3561
 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619
 __mutex_lock_common kernel/locking/mutex.c:1002 [inline]
 __mutex_lock+0x647/0x1260 kernel/locking/mutex.c:1072
 xt_find_table_lock+0x3d/0x430 net/netfilter/x_tables.c:1211
 xt_request_find_table_lock+0x27/0xd0 net/netfilter/x_tables.c:1258
 get_info+0x12f/0x4e0 net/ipv6/netfilter/ip6_tables.c:984
 do_ipt_get_ctl+0x14e/0x8d0 net/ipv4/netfilter/ip_tables.c:1699
 nf_sockopt net/netfilter/nf_sockopt.c:104 [inline]
 nf_getsockopt+0x72/0xd0 net/netfilter/nf_sockopt.c:122
 ip_getsockopt net/ipv4/ip_sockglue.c:1574 [inline]
 ip_getsockopt+0x167/0x1c0 net/ipv4/ip_sockglue.c:1554
 tcp_getsockopt+0x86/0xd0 net/ipv4/tcp.c:3618
 __sys_getsockopt+0x135/0x210 net/socket.c:1938
 __do_sys_getsockopt net/socket.c:1949 [inline]
 __se_sys_getsockopt net/socket.c:1946 [inline]
 __x64_sys_getsockopt+0xba/0x150 net/socket.c:1946
 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x46757a
Code: 00 00 00 48 8b 48 30 48 8b 89 d0 00 00 00 ff 41 14 c6 80 b7 00 00 00 00 48 8b 6c 24 20 48 83 c4 28 c3 48 89 c1 eb b5 80 3d 32 <97> 3c 01 00 66 90 74 37 48 8b 44 24 10 48 8b 48 30 48 8b 91 d0 00
RSP: 002b:00007ffeda5e6b38 EFLAGS: 00000202 ORIG_RAX: 0000000000000037
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000046757a
RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003
RBP: 00007ffeda5e6b60 R08: 00007ffeda5e6b5c R09: 00007ffeda5e6bf0
R10: 00007ffeda5e6b60 R11: 0000000000000202 R12: 0000000000000032
R13: 0000000000000003 R14: 00007ffeda5e6b5c R15: 0000000000543d00
INFO: task syz-executor.1:8143 blocked for more than 140 seconds.
      Not tainted 4.19.178-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.1  D24368  8143      1 0x00000004
Call Trace:
 context_switch kernel/sched/core.c:2828 [inline]
 __schedule+0x887/0x2040 kernel/sched/core.c:3517
 schedule+0x8d/0x1b0 kernel/sched/core.c:3561
 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619
 __mutex_lock_common kernel/locking/mutex.c:1002 [inline]
 __mutex_lock+0x647/0x1260 kernel/locking/mutex.c:1072
 xt_find_table_lock+0x3d/0x430 net/netfilter/x_tables.c:1211
 xt_request_find_table_lock+0x27/0xd0 net/netfilter/x_tables.c:1258
 get_info+0x12f/0x4e0 net/ipv6/netfilter/ip6_tables.c:984
 do_ipt_get_ctl+0x14e/0x8d0 net/ipv4/netfilter/ip_tables.c:1699
 nf_sockopt net/netfilter/nf_sockopt.c:104 [inline]
 nf_getsockopt+0x72/0xd0 net/netfilter/nf_sockopt.c:122
 ip_getsockopt net/ipv4/ip_sockglue.c:1574 [inline]
 ip_getsockopt+0x167/0x1c0 net/ipv4/ip_sockglue.c:1554
 tcp_getsockopt+0x86/0xd0 net/ipv4/tcp.c:3618
 __sys_getsockopt+0x135/0x210 net/socket.c:1938
 __do_sys_getsockopt net/socket.c:1949 [inline]
 __se_sys_getsockopt net/socket.c:1946 [inline]
 __x64_sys_getsockopt+0xba/0x150 net/socket.c:1946
 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x46757a
Code: 00 00 00 48 8b 48 30 48 8b 89 d0 00 00 00 ff 41 14 c6 80 b7 00 00 00 00 48 8b 6c 24 20 48 83 c4 28 c3 48 89 c1 eb b5 80 3d 32 <97> 3c 01 00 66 90 74 37 48 8b 44 24 10 48 8b 48 30 48 8b 91 d0 00
RSP: 002b:00007ffe3f9b05b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000046757a
RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003
RBP: 00007ffe3f9b05e0 R08: 00007ffe3f9b05dc R09: 00007ffe3f9b0670
R10: 00007ffe3f9b05e0 R11: 0000000000000246 R12: 00007ffe3f9b0640
R13: 0000000000000003 R14: 00007ffe3f9b05dc R15: 0000000000545140
INFO: task syz-executor.2:8145 blocked for more than 140 seconds.
      Not tainted 4.19.178-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.2  D24408  8145      1 0x00000004
Call Trace:
 context_switch kernel/sched/core.c:2828 [inline]
 __schedule+0x887/0x2040 kernel/sched/core.c:3517
 schedule+0x8d/0x1b0 kernel/sched/core.c:3561
 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619
 __mutex_lock_common kernel/locking/mutex.c:1002 [inline]
 __mutex_lock+0x647/0x1260 kernel/locking/mutex.c:1072
 xt_find_table_lock+0x3d/0x430 net/netfilter/x_tables.c:1211
 xt_request_find_table_lock+0x27/0xd0 net/netfilter/x_tables.c:1258
 get_info+0x12f/0x4e0 net/ipv6/netfilter/ip6_tables.c:984
 do_ipt_get_ctl+0x14e/0x8d0 net/ipv4/netfilter/ip_tables.c:1699
 nf_sockopt net/netfilter/nf_sockopt.c:104 [inline]
 nf_getsockopt+0x72/0xd0 net/netfilter/nf_sockopt.c:122
 ip_getsockopt net/ipv4/ip_sockglue.c:1574 [inline]
 ip_getsockopt+0x167/0x1c0 net/ipv4/ip_sockglue.c:1554
 tcp_getsockopt+0x86/0xd0 net/ipv4/tcp.c:3618
 __sys_getsockopt+0x135/0x210 net/socket.c:1938
 __do_sys_getsockopt net/socket.c:1949 [inline]
 __se_sys_getsockopt net/socket.c:1946 [inline]
 __x64_sys_getsockopt+0xba/0x150 net/socket.c:1946
 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x46757a
Code: 00 00 00 48 8b 48 30 48 8b 89 d0 00 00 00 ff 41 14 c6 80 b7 00 00 00 00 48 8b 6c 24 20 48 83 c4 28 c3 48 89 c1 eb b5 80 3d 32 <97> 3c 01 00 66 90 74 37 48 8b 44 24 10 48 8b 48 30 48 8b 91 d0 00
RSP: 002b:00007ffdc1363288 EFLAGS: 00000202 ORIG_RAX: 0000000000000037
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000046757a
RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003
RBP: 00007ffdc13632b0 R08: 00007ffdc13632ac R09: 00007ffdc1363340
R10: 00007ffdc13632b0 R11: 0000000000000202 R12: 0000000000000032
R13: 0000000000000003 R14: 00007ffdc13632ac R15: 0000000000543d00
INFO: task syz-executor.3:8147 blocked for more than 140 seconds.
      Not tainted 4.19.178-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.3  D24216  8147      1 0x00000004
Call Trace:
 context_switch kernel/sched/core.c:2828 [inline]
 __schedule+0x887/0x2040 kernel/sched/core.c:3517
 schedule+0x8d/0x1b0 kernel/sched/core.c:3561
 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619
 __mutex_lock_common kernel/locking/mutex.c:1002 [inline]
 __mutex_lock+0x647/0x1260 kernel/locking/mutex.c:1072
 xt_find_table_lock+0x3d/0x430 net/netfilter/x_tables.c:1211
 xt_request_find_table_lock+0x27/0xd0 net/netfilter/x_tables.c:1258
 get_info+0x12f/0x4e0 net/ipv6/netfilter/ip6_tables.c:984
 do_ipt_get_ctl+0x14e/0x8d0 net/ipv4/netfilter/ip_tables.c:1699
 nf_sockopt net/netfilter/nf_sockopt.c:104 [inline]
 nf_getsockopt+0x72/0xd0 net/netfilter/nf_sockopt.c:122
 ip_getsockopt net/ipv4/ip_sockglue.c:1574 [inline]
 ip_getsockopt+0x167/0x1c0 net/ipv4/ip_sockglue.c:1554
 tcp_getsockopt+0x86/0xd0 net/ipv4/tcp.c:3618
 __sys_getsockopt+0x135/0x210 net/socket.c:1938
 __do_sys_getsockopt net/socket.c:1949 [inline]
 __se_sys_getsockopt net/socket.c:1946 [inline]
 __x64_sys_getsockopt+0xba/0x150 net/socket.c:1946
 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x46757a
Code: 00 00 00 48 8b 48 30 48 8b 89 d0 00 00 00 ff 41 14 c6 80 b7 00 00 00 00 48 8b 6c 24 20 48 83 c4 28 c3 48 89 c1 eb b5 80 3d 32 <97> 3c 01 00 66 90 74 37 48 8b 44 24 10 48 8b 48 30 48 8b 91 d0 00
RSP: 002b:00007fff06243c88 EFLAGS: 00000202 ORIG_RAX: 0000000000000037
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000046757a
RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003
RBP: 00007fff06243cb0 R08: 00007fff06243cac R09: 00007fff06243d40
R10: 00007fff06243cb0 R11: 0000000000000202 R12: 0000000000000032
R13: 0000000000000003 R14: 00007fff06243cac R15: 0000000000543d00
INFO: task syz-executor.4:8149 blocked for more than 140 seconds.
      Not tainted 4.19.178-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.4  D24216  8149      1 0x00000004
Call Trace:
 context_switch kernel/sched/core.c:2828 [inline]
 __schedule+0x887/0x2040 kernel/sched/core.c:3517
 schedule+0x8d/0x1b0 kernel/sched/core.c:3561
 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619
 __mutex_lock_common kernel/locking/mutex.c:1002 [inline]
 __mutex_lock+0x647/0x1260 kernel/locking/mutex.c:1072
 xt_find_table_lock+0x3d/0x430 net/netfilter/x_tables.c:1211
 xt_request_find_table_lock+0x27/0xd0 net/netfilter/x_tables.c:1258
 get_info+0x12f/0x4e0 net/ipv6/netfilter/ip6_tables.c:984
 do_ipt_get_ctl+0x14e/0x8d0 net/ipv4/netfilter/ip_tables.c:1699
 nf_sockopt net/netfilter/nf_sockopt.c:104 [inline]
 nf_getsockopt+0x72/0xd0 net/netfilter/nf_sockopt.c:122
 ip_getsockopt net/ipv4/ip_sockglue.c:1574 [inline]
 ip_getsockopt+0x167/0x1c0 net/ipv4/ip_sockglue.c:1554
 tcp_getsockopt+0x86/0xd0 net/ipv4/tcp.c:3618
 __sys_getsockopt+0x135/0x210 net/socket.c:1938
 __do_sys_getsockopt net/socket.c:1949 [inline]
 __se_sys_getsockopt net/socket.c:1946 [inline]
 __x64_sys_getsockopt+0xba/0x150 net/socket.c:1946
 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x46757a
Code: 00 00 00 48 8b 48 30 48 8b 89 d0 00 00 00 ff 41 14 c6 80 b7 00 00 00 00 48 8b 6c 24 20 48 83 c4 28 c3 48 89 c1 eb b5 80 3d 32 <97> 3c 01 00 66 90 74 37 48 8b 44 24 10 48 8b 48 30 48 8b 91 d0 00
RSP: 002b:00007ffd44903d28 EFLAGS: 00000202 ORIG_RAX: 0000000000000037
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000046757a
RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003
RBP: 00007ffd44903d50 R08: 00007ffd44903d4c R09: 00007ffd44903de0
R10: 00007ffd44903d50 R11: 0000000000000202 R12: 0000000000000032
R13: 0000000000000003 R14: 00007ffd44903d4c R15: 0000000000543d00
INFO: task syz-executor.5:8151 blocked for more than 140 seconds.
      Not tainted 4.19.178-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.5  D24312  8151      1 0x00000004
Call Trace:
 context_switch kernel/sched/core.c:2828 [inline]
 __schedule+0x887/0x2040 kernel/sched/core.c:3517
 schedule+0x8d/0x1b0 kernel/sched/core.c:3561
 exp_funnel_lock kernel/rcu/tree_exp.h:320 [inline]
 _synchronize_rcu_expedited+0x60c/0x6f0 kernel/rcu/tree_exp.h:667
 synchronize_rcu+0xc6/0x160 kernel/rcu/tree_plugin.h:818
 xt_replace_table+0x2ff/0x640 net/netfilter/x_tables.c:1394
 __do_replace+0x1d7/0x860 net/ipv4/netfilter/ip_tables.c:1070
 do_replace net/ipv4/netfilter/ip_tables.c:1143 [inline]
 do_ipt_set_ctl+0x2d2/0x420 net/ipv4/netfilter/ip_tables.c:1675
 nf_sockopt net/netfilter/nf_sockopt.c:106 [inline]
 nf_setsockopt+0x6f/0xc0 net/netfilter/nf_sockopt.c:115
 ip_setsockopt net/ipv4/ip_sockglue.c:1258 [inline]
 ip_setsockopt+0xd8/0xf0 net/ipv4/ip_sockglue.c:1238
 tcp_setsockopt+0x86/0xd0 net/ipv4/tcp.c:3097
 __sys_setsockopt+0x14d/0x240 net/socket.c:1901
 __do_sys_setsockopt net/socket.c:1912 [inline]
 __se_sys_setsockopt net/socket.c:1909 [inline]
 __x64_sys_setsockopt+0xba/0x150 net/socket.c:1909
 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x4675aa
Code: 74 37 48 8b 44 24 10 48 8b 48 30 48 8b 91 d0 00 00 00 48 8b 5c 24 18 66 0f 1f 84 00 00 00 00 00 48 39 d3 0f 84 b1 00 00 00 48 <8d> 05 08 8d 47 00 48 89 04 24 e8 07 31 00 00 48 8b 44 24 10 48 8b
RSP: 002b:00007ffd503d8a38 EFLAGS: 00000202 ORIG_RAX: 0000000000000036
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004675aa
RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003
RBP: 00007ffd503d8a60 R08: 0000000000000408 R09: 00007ffd503d8af0
R10: 0000000000544ae0 R11: 0000000000000202 R12: 00007ffd503d8ac0
R13: 0000000000000003 R14: 00007ffd503d8a5c R15: 0000000000544a80

Showing all locks held in the system:
1 lock held by khungtaskd/1568:
 #0: 000000001d17b09f (rcu_read_lock){....}, at: debug_show_all_locks+0x53/0x265 kernel/locking/lockdep.c:4440
1 lock held by in:imklog/7760:
 #0: 00000000432ca5bc (&f->f_pos_lock){+.+.}, at: __fdget_pos+0x26f/0x310 fs/file.c:767
1 lock held by syz-executor.0/8141:
 #0: 00000000e1340b9f (&xt[i].mutex){+.+.}, at: xt_find_table_lock+0x3d/0x430 net/netfilter/x_tables.c:1211
1 lock held by syz-executor.1/8143:
 #0: 00000000e1340b9f (&xt[i].mutex){+.+.}, at: xt_find_table_lock+0x3d/0x430 net/netfilter/x_tables.c:1211
1 lock held by syz-executor.2/8145:
 #0: 00000000e1340b9f (&xt[i].mutex){+.+.}, at: xt_find_table_lock+0x3d/0x430 net/netfilter/x_tables.c:1211
1 lock held by syz-executor.3/8147:
 #0: 00000000e1340b9f (&xt[i].mutex){+.+.}, at: xt_find_table_lock+0x3d/0x430 net/netfilter/x_tables.c:1211
1 lock held by syz-executor.4/8149:
 #0: 00000000e1340b9f (&xt[i].mutex){+.+.}, at: xt_find_table_lock+0x3d/0x430 net/netfilter/x_tables.c:1211
1 lock held by syz-executor.5/8151:
 #0: 00000000e1340b9f (&xt[i].mutex){+.+.}, at: xt_find_table_lock+0x3d/0x430 net/netfilter/x_tables.c:1211

=============================================

NMI backtrace for cpu 1
CPU: 1 PID: 1568 Comm: khungtaskd Not tainted 4.19.178-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
 nmi_cpu_backtrace.cold+0x63/0xa2 lib/nmi_backtrace.c:101
 nmi_trigger_cpumask_backtrace+0x1a6/0x1f0 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:203 [inline]
 watchdog+0x991/0xe60 kernel/hung_task.c:287
 kthread+0x33f/0x460 kernel/kthread.c:259
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 4694 Comm: systemd-journal Not tainted 4.19.178-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:orc_find arch/x86/kernel/unwind_orc.c:152 [inline]
RIP: 0010:unwind_next_frame+0x31b/0x1c60 arch/x86/kernel/unwind_orc.c:422
Code: 8d 04 7f 4f 8d 8c 00 4c 8f 8c 8b 83 c2 01 49 81 f9 c8 24 17 8c 0f 83 cd 0d 00 00 41 89 d0 4f 8d 04 40 4f 8d 84 00 4c 8f 8c 8b <49> 81 f8 c8 24 17 8c 0f 87 b1 0d 00 00 48 8d 3c bd a4 2b 30 8b 44
RSP: 0018:ffff8880a091f7f0 EFLAGS: 00000083
RAX: 0000000000000000 RBX: 1ffff11014123f06 RCX: ffffffff81a67e89
RDX: 0000000000025f4b RSI: 000000000000a67e RDI: 0000000000025f48
RBP: 0000000000000001 R08: ffffffff8b9acb0e R09: ffffffff8b9acafc
R10: 0000000000074071 R11: 0000000000025f48 R12: ffff8880a091f920
R13: ffff8880a091f90d R14: ffff8880a091f910 R15: ffff8880a091f8d8
FS:  00007f4df16628c0(0000) GS:ffff8880ba000000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f4deeaa6000 CR3: 00000000a09a8000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 __save_stack_trace+0x9f/0x190 arch/x86/kernel/stacktrace.c:44
 save_stack mm/kasan/kasan.c:448 [inline]
 set_track mm/kasan/kasan.c:460 [inline]
 __kasan_slab_free+0x126/0x1f0 mm/kasan/kasan.c:521
 __cache_free mm/slab.c:3503 [inline]
 kmem_cache_free+0x7f/0x260 mm/slab.c:3765
 putname+0xe1/0x120 fs/namei.c:261
 filename_parentat+0x4da/0x590 fs/namei.c:2399
 filename_create+0x9e/0x490 fs/namei.c:3621
 user_path_create fs/namei.c:3696 [inline]
 do_mkdirat+0xa0/0x2d0 fs/namei.c:3834
 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f4df091e687
Code: 00 b8 ff ff ff ff c3 0f 1f 40 00 48 8b 05 09 d8 2b 00 64 c7 00 5f 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d e1 d7 2b 00 f7 d8 64 89 01 48
RSP: 002b:00007fffffdebfb8 EFLAGS: 00000293 ORIG_RAX: 0000000000000053
RAX: ffffffffffffffda RBX: 00007fffffdef020 RCX: 00007f4df091e687
RDX: 0000000000000000 RSI: 00000000000001ed RDI: 000055f63c86b8a0
RBP: 00007fffffdebff0 R08: 000055f63c1853e5 R09: 0000000000000018
R10: 0000000000000069 R11: 0000000000000293 R12: 0000000000000000
R13: 0000000000000001 R14: 000055f63c86b8a0 R15: 00007fffffdec630