[   84.507230][ T7007] kmalloc-64              4219KB       4764KB
[   84.516527][ T7007] kmalloc-32               443KB        580KB
[   84.528282][ T7007] kmalloc-16               260KB        300KB
[   84.538723][ T7007] kmalloc-8                488KB        502KB
[   84.547948][ T7007] kmem_cache_node          198KB        200KB
[   84.557096][ T7007] kmem_cache               165KB        165KB
[   84.566192][ T7007] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0-1,global_oom,task_memcg=/,task=syz-execprog,pid=7007,uid=0
[   84.587396][ T7007] Out of memory (oom_kill_allocating_task): Killed process 6993 (syz-execprog) total-vm:847828kB, anon-rss:16128kB, file-rss:0kB, shmem-rss:0kB, UID:0 pgtables:188kB oom_score_adj:0
[   84.646426][   T28] oom_reaper: reaped process 6993 (syz-execprog), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB
[   91.406825][ T9184] sshd (9184) used greatest stack depth: 23128 bytes left
Warning: Permanently added '10.128.0.190' (ECDSA) to the list of known hosts.
[  126.869880][ T1362] ieee802154 phy0 wpan0: encryption failed: -22
[  126.876505][ T1362] ieee802154 phy1 wpan1: encryption failed: -22
[  188.310448][ T1362] ieee802154 phy0 wpan0: encryption failed: -22
[  188.316805][ T1362] ieee802154 phy1 wpan1: encryption failed: -22
[  243.349027][   T27] INFO: task kworker/u4:5:7575 blocked for more than 143 seconds.
[  243.357096][   T27]       Not tainted 5.15.0-rc3-syzkaller #0
[  243.378963][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  243.388064][   T27] task:kworker/u4:5    state:D stack:24872 pid: 7575 ppid:     2 flags:0x00004000
[  243.418930][   T27] Workqueue: events_unbound fsnotify_mark_destroy_workfn
[  243.426129][   T27] Call Trace:
[  243.438938][   T27]  __schedule+0x90d/0x26c0
[  243.443348][   T27]  ? io_schedule_timeout+0x140/0x140
[  243.458939][   T27]  ? lock_chain_count+0x20/0x20
[  243.464224][   T27]  schedule+0xd3/0x270
[  243.468289][   T27]  schedule_timeout+0x19d/0x250
[  243.488989][   T27]  ? usleep_range+0x150/0x150
[  243.493834][   T27]  ? wait_for_completion+0x16e/0x280
[  243.508934][   T27]  ? mark_held_locks+0x9f/0xe0
[  243.513679][   T27]  ? rwlock_bug.part.0+0x90/0x90
[  243.518594][   T27]  ? lockdep_hardirqs_on_prepare+0x17b/0x400
[  243.554624][   T27]  ? _raw_spin_unlock_irq+0x1f/0x40
[  243.560066][   T27]  wait_for_completion+0x176/0x280
[  243.565157][   T27]  ? bit_wait_io_timeout+0x160/0x160
[  243.614641][   T27]  ? srcu_gp_start_if_needed+0x1dc/0xbc0
[  243.620794][   T27]  __synchronize_srcu+0x1f4/0x290
[  243.625788][   T27]  ? call_srcu+0xc0/0xc0
[  243.655862][   T27]  ? rcu_tasks_pregp_step+0x10/0x10
[  243.661283][   T27]  ? _raw_spin_unlock_irqrestore+0x50/0x70
[  243.667155][   T27]  ? lockdep_hardirqs_on+0x79/0x100
[  243.688929][   T27]  ? _raw_spin_unlock_irqrestore+0x3d/0x70
[  243.694814][   T27]  fsnotify_mark_destroy_workfn+0xeb/0x330
[  243.718928][   T27]  ? lock_downgrade+0x6e0/0x6e0
[  243.723850][   T27]  ? fsnotify_put_mark_wake.part.0+0xb0/0xb0
[  243.738937][   T27]  process_one_work+0x87f/0x1450
[  243.743949][   T27]  ? lock_release+0x720/0x720
[  243.748603][   T27]  ? pwq_dec_nr_in_flight+0x230/0x230
[  243.774631][   T27]  ? rwlock_bug.part.0+0x90/0x90
[  243.779708][   T27]  ? _raw_spin_lock_irq+0x41/0x50
[  243.784720][   T27]  worker_thread+0x598/0x1040
[  243.809057][   T27]  ? process_one_work+0x1450/0x1450
[  243.814445][   T27]  kthread+0x38b/0x460
[  243.818489][   T27]  ? _raw_spin_unlock_irq+0x1f/0x40
[  243.854642][   T27]  ? set_kthread_struct+0x100/0x100
[  243.861792][   T27]  ret_from_fork+0x1f/0x30
[  243.869396][   T27] 
[  243.869396][   T27] Showing all locks held in the system:
[  243.877094][   T27] 1 lock held by khungtaskd/27:
[  243.899410][   T27]  #0: ffffffff8ab76840 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260
[  243.918939][   T27] 1 lock held by khugepaged/33:
[  243.923860][   T27]  #0: ffffffff8ac536a8 (lock#5){+.+.}-{3:3}, at: __lru_add_drain_all+0x5a/0x6e0
[  243.949006][   T27] 2 locks held by kworker/1:3/2968:
[  243.954277][   T27] 1 lock held by in:imklog/6206:
[  243.968931][   T27]  #0: ffff8880194f5770 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x9c/0xb0
[  243.978043][   T27] 3 locks held by kworker/0:5/6865:
[  244.008952][   T27] 4 locks held by syz-executor.2/7015:
[  244.014396][   T27]  #0: ffff88807e498ff0 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0xa8/0xef0
[  244.054607][   T27]  #1: ffff88807e498078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_do_close+0x215/0xef0
[  244.089018][   T27]  #2: ffffffff8c420008 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xb9/0x210
[  244.124640][   T27]  #3: ffffffff8ab7fba8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x2d5/0x620
[  244.135969][   T27] 3 locks held by syz-executor.0/7017:
[  244.148955][   T27]  #0: ffff88807d21cff0 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0xa8/0xef0
[  244.158587][   T27]  #1: ffff88807d21c078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_do_close+0x215/0xef0
[  244.188932][   T27]  #2: ffffffff8c420008 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xb9/0x210
[  244.224743][   T27] 3 locks held by syz-executor.3/7019:
[  244.232180][   T27]  #0: ffff88807bd14ff0 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0xa8/0xef0
[  244.266358][   T27]  #1: ffff88807bd14078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_do_close+0x215/0xef0
[  244.294658][   T27]  #2: ffffffff8c420008 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xb9/0x210
[  244.311555][   T27] 3 locks held by syz-executor.4/7022:
[  244.317513][   T27]  #0: ffff88807bd10ff0 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0xa8/0xef0
[  244.348929][   T27]  #1: ffff88807bd10078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_do_close+0x215/0xef0
[  244.358489][   T27]  #2: ffffffff8c420008 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xb9/0x210
[  244.398962][   T27] 3 locks held by syz-executor.5/7023:
[  244.404425][   T27]  #0: ffff88807dfe0ff0 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0xa8/0xef0
[  244.428928][   T27]  #1: ffff88807dfe0078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_do_close+0x215/0xef0
[  244.438473][   T27]  #2: ffffffff8c420008 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xb9/0x210
[  244.468994][   T27] 3 locks held by syz-executor.1/7024:
[  244.474808][   T27]  #0: ffff88807d594ff0 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0xa8/0xef0
[  244.514807][   T27]  #1: ffff88807d594078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_do_close+0x215/0xef0
[  244.544918][   T27]  #2: ffffffff8c420008 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xb9/0x210
[  244.576019][   T27] 2 locks held by kworker/u4:5/7575:
[  244.581719][   T27]  #0: ffff88800fc69138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7a4/0x1450
[  244.608926][   T27]  #1: ffffc9000433fdb8 ((reaper_work).work){+.+.}-{0:0}, at: process_one_work+0x7d1/0x1450
[  244.638968][   T27] 1 lock held by syz-executor615/9214:
[  244.644593][   T27]  #0: ffffffff8ac92be8 (pcpu_drain_mutex){+.+.}-{3:3}, at: __drain_all_pages+0x4f/0x6c0
[  244.668969][   T27] 
[  244.671370][   T27] =============================================
[  244.671370][   T27] 
[  244.688944][   T27] NMI backtrace for cpu 1
[  244.693338][   T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 5.15.0-rc3-syzkaller #0
[  244.701455][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  244.711477][   T27] Call Trace:
[  244.714732][   T27]  dump_stack_lvl+0x57/0x7d
[  244.719220][   T27]  nmi_cpu_backtrace.cold+0x30/0xc0
[  244.724471][   T27]  ? lapic_can_unplug_cpu+0x80/0x80
[  244.729636][   T27]  nmi_trigger_cpumask_backtrace+0x11a/0x160
[  244.735582][   T27]  watchdog+0x88c/0xbf0
[  244.739798][   T27]  ? reset_hung_task_detector+0x20/0x20
[  244.745309][   T27]  kthread+0x38b/0x460
[  244.749345][   T27]  ? _raw_spin_unlock_irq+0x1f/0x40
[  244.754508][   T27]  ? set_kthread_struct+0x100/0x100
[  244.759671][   T27]  ret_from_fork+0x1f/0x30
[  244.764176][   T27] Sending NMI from CPU 1 to CPUs 0:
[  244.769385][    C0] NMI backtrace for cpu 0
[  244.769389][    C0] CPU: 0 PID: 8798 Comm: kworker/u4:6 Not tainted 5.15.0-rc3-syzkaller #0
[  244.769393][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  244.769396][    C0] Workqueue: bat_events batadv_nc_worker
[  244.769402][    C0] RIP: 0010:lock_release+0x250/0x720
[  244.769408][    C0] Code: 0f 85 94 04 00 00 8b 73 24 85 f6 0f 85 28 04 00 00 48 8d 7b 22 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 0f b6 14 02 <48> 89 f8 83 e0 07 83 c0 01 38 d0 7c 08 84 d2 0f 85 47 04 00 00 66
[  244.769411][    C0] RSP: 0018:ffffc9000cb1fbc0 EFLAGS: 00000012
[  244.769415][    C0] RAX: dffffc0000000000 RBX: ffff888061105f08 RCX: ffffc9000cb1fc10
[  244.769417][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888061105f2a
[  244.769419][    C0] RBP: 1ffff92001963f7a R08: 0000000000000000 R09: 0000000000000000
[  244.769421][    C0] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff8ab76840
[  244.769423][    C0] R13: 0000000000000003 R14: ffff888061105eb0 R15: ffff8880611054c0
[  244.769428][    C0] FS:  0000000000000000(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000
[  244.769432][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  244.769434][    C0] CR2: 00007f095cc96000 CR3: 000000001b945000 CR4: 0000000000350ef0
[  244.769437][    C0] Call Trace:
[  244.769439][    C0]  ? batadv_nc_worker+0x650/0xd70
[  244.769442][    C0]  ? lock_downgrade+0x6e0/0x6e0
[  244.769448][    C0]  batadv_nc_worker+0x668/0xd70
[  244.769453][    C0]  process_one_work+0x87f/0x1450
[  244.769459][    C0]  ? lock_release+0x720/0x720
[  244.769463][    C0]  ? pwq_dec_nr_in_flight+0x230/0x230
[  244.769468][    C0]  ? rwlock_bug.part.0+0x90/0x90
[  244.769471][    C0]  ? _raw_spin_lock_irq+0x41/0x50
[  244.769476][    C0]  worker_thread+0x598/0x1040
[  244.769482][    C0]  ? process_one_work+0x1450/0x1450
[  244.769487][    C0]  kthread+0x38b/0x460
[  244.769490][    C0]  ? _raw_spin_unlock_irq+0x1f/0x40
[  244.769493][    C0]  ? set_kthread_struct+0x100/0x100
[  244.769497][    C0]  ret_from_fork+0x1f/0x30
[  244.858934][   T27] Kernel panic - not syncing: hung_task: blocked tasks
[  244.980856][   T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 5.15.0-rc3-syzkaller #0
[  244.988978][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  244.999007][   T27] Call Trace:
[  245.002526][   T27]  dump_stack_lvl+0x57/0x7d
[  245.007007][   T27]  panic+0x214/0x49f
[  245.010877][   T27]  ? __warn_printk+0xee/0xee
[  245.015438][   T27]  ? lapic_can_unplug_cpu+0x80/0x80
[  245.020607][   T27]  ? preempt_schedule_thunk+0x16/0x18
[  245.025960][   T27]  watchdog.cold+0x111/0x157
[  245.030524][   T27]  ? reset_hung_task_detector+0x20/0x20
[  245.036045][   T27]  kthread+0x38b/0x460
[  245.040086][   T27]  ? _raw_spin_unlock_irq+0x1f/0x40
[  245.045256][   T27]  ? set_kthread_struct+0x100/0x100
[  245.050426][   T27]  ret_from_fork+0x1f/0x30
[  245.055938][   T27] Kernel Offset: disabled
[  245.060244][   T27] Rebooting in 86400 seconds..