[  374.860625][   T10] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  374.890499][   T10] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  374.979963][ T3966] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  375.008596][   T10] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  375.069436][   T10] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  375.102431][ T3966] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  375.146521][  T995] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  375.199416][  T995] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  375.250749][ T4039] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  396.119457][ T4047] Bluetooth: hci1: command 0x0406 tx timeout
Warning: Permanently added '10.128.10.47' (ECDSA) to the list of known hosts.
[  433.679555][   T10] device hsr_slave_0 left promiscuous mode
[  433.698982][   T10] device hsr_slave_1 left promiscuous mode
[  433.721407][   T10] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  433.728891][   T10] batman_adv: batadv0: Removing interface: batadv_slave_0
[  433.878674][   T10] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  433.926474][   T10] batman_adv: batadv0: Removing interface: batadv_slave_1
[  433.991477][   T10] device bridge_slave_1 left promiscuous mode
[  433.997674][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  434.192453][   T10] device bridge_slave_0 left promiscuous mode
[  434.198821][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  434.316117][   T10] device veth1_macvtap left promiscuous mode
[  434.339378][   T10] device veth0_macvtap left promiscuous mode
[  434.345492][   T10] device veth1_vlan left promiscuous mode
[  434.419554][   T10] device veth0_vlan left promiscuous mode
[  435.002273][ T1231] ieee802154 phy0 wpan0: encryption failed: -22
[  435.008787][ T1231] ieee802154 phy1 wpan1: encryption failed: -22
[  436.221337][   T10] team0 (unregistering): Port device team_slave_1 removed
[  436.390897][   T10] team0 (unregistering): Port device team_slave_0 removed
[  436.549701][   T10] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  436.722002][   T10] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  437.200325][   T10] bond0 (unregistering): Released all slaves
[  447.371100][   T10] device hsr_slave_0 left promiscuous mode
[  447.389953][   T10] device hsr_slave_1 left promiscuous mode
[  447.480913][   T10] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  447.488412][   T10] batman_adv: batadv0: Removing interface: batadv_slave_0
[  447.571955][   T10] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  447.579825][   T10] batman_adv: batadv0: Removing interface: batadv_slave_1
[  447.638977][   T10] device bridge_slave_1 left promiscuous mode
[  447.679710][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  447.751637][   T10] device bridge_slave_0 left promiscuous mode
[  447.758235][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  447.862693][   T10] device hsr_slave_0 left promiscuous mode
[  447.921490][   T10] device hsr_slave_1 left promiscuous mode
[  447.999493][   T10] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  448.006966][   T10] batman_adv: batadv0: Removing interface: batadv_slave_0
[  448.132469][   T10] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  448.159385][   T10] batman_adv: batadv0: Removing interface: batadv_slave_1
[  448.201585][   T10] device bridge_slave_1 left promiscuous mode
[  448.207837][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  448.280862][   T10] device bridge_slave_0 left promiscuous mode
[  448.287091][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  448.577370][   T10] device veth1_macvtap left promiscuous mode
[  448.589719][   T10] device veth0_macvtap left promiscuous mode
[  448.595894][   T10] device veth1_vlan left promiscuous mode
[  448.669661][   T10] device veth0_vlan left promiscuous mode
[  448.726509][   T10] device veth1_macvtap left promiscuous mode
[  448.739668][   T10] device veth0_macvtap left promiscuous mode
[  448.745803][   T10] device veth1_vlan left promiscuous mode
[  448.799406][   T10] device veth0_vlan left promiscuous mode
[  452.128375][   T10] team0 (unregistering): Port device team_slave_1 removed
[  452.281095][   T10] team0 (unregistering): Port device team_slave_0 removed
[  452.389929][   T10] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  452.564833][   T10] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  453.058363][   T10] bond0 (unregistering): Released all slaves
[  453.947367][   T10] team0 (unregistering): Port device team_slave_1 removed
[  454.071826][   T10] team0 (unregistering): Port device team_slave_0 removed
[  454.195544][   T10] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  454.296180][   T10] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  454.809756][   T10] bond0 (unregistering): Released all slaves
[  477.706864][ T3984] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  477.914618][ T3984] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  478.007812][ T3984] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  478.156150][ T3984] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  479.762387][ T3984] device hsr_slave_0 left promiscuous mode
[  479.784092][ T3984] device hsr_slave_1 left promiscuous mode
[  479.854898][ T3984] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  479.866773][ T3984] batman_adv: batadv0: Removing interface: batadv_slave_0
[  479.935002][ T3984] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  479.949244][ T3984] batman_adv: batadv0: Removing interface: batadv_slave_1
[  480.002701][ T3984] device bridge_slave_1 left promiscuous mode
[  480.008901][ T3984] bridge0: port 2(bridge_slave_1) entered disabled state
[  480.080753][ T3984] device bridge_slave_0 left promiscuous mode
[  480.087023][ T3984] bridge0: port 1(bridge_slave_0) entered disabled state
[  480.234025][ T3984] device veth1_macvtap left promiscuous mode
[  480.249921][ T3984] device veth0_macvtap left promiscuous mode
[  480.256247][ T3984] device veth1_vlan left promiscuous mode
[  480.279351][ T3984] device veth0_vlan left promiscuous mode
[  481.286273][ T3984] team0 (unregistering): Port device team_slave_1 removed
[  481.324414][ T3984] team0 (unregistering): Port device team_slave_0 removed
[  481.422016][ T3984] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  481.516657][ T3984] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  481.720995][ T3984] bond0 (unregistering): Released all slaves
[  483.159315][ T1147] Bluetooth: hci4: command 0x0406 tx timeout
[  496.442577][ T1231] ieee802154 phy0 wpan0: encryption failed: -22
[  496.448945][ T1231] ieee802154 phy1 wpan1: encryption failed: -22
[  506.094358][ T6283] device hsr_slave_0 left promiscuous mode
[  506.127655][ T6283] device hsr_slave_1 left promiscuous mode
[  506.179426][ T6283] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  506.186846][ T6283] batman_adv: batadv0: Removing interface: batadv_slave_0
[  506.241383][ T6283] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  506.248950][ T6283] batman_adv: batadv0: Removing interface: batadv_slave_1
[  506.301979][ T6283] device bridge_slave_1 left promiscuous mode
[  506.308245][ T6283] bridge0: port 2(bridge_slave_1) entered disabled state
[  506.374345][ T6283] device bridge_slave_0 left promiscuous mode
[  506.389424][ T6283] bridge0: port 1(bridge_slave_0) entered disabled state
[  506.406650][ T6283] device veth1_macvtap left promiscuous mode
[  506.439538][ T6283] device veth0_macvtap left promiscuous mode
[  506.445705][ T6283] device veth1_vlan left promiscuous mode
[  506.502036][ T6283] device veth0_vlan left promiscuous mode
[  507.298187][ T6283] team0 (unregistering): Port device team_slave_1 removed
[  507.333049][ T6283] team0 (unregistering): Port device team_slave_0 removed
[  507.424085][ T6283] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  507.492019][ T6283] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  507.792018][ T6283] bond0 (unregistering): Released all slaves
[  514.359260][   T26] INFO: task kworker/u4:3:55 blocked for more than 143 seconds.
[  514.367096][   T26]       Not tainted 5.17.0-rc3-syzkaller #0
[  514.409510][   T26] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  514.418372][   T26] task:kworker/u4:3    state:D stack:27680 pid:   55 ppid:     2 flags:0x00004000
[  514.469229][   T26] Workqueue: events_unbound io_ring_exit_work
[  514.475460][   T26] Call Trace:
[  514.478746][   T26]  <TASK>
[  514.524131][   T26]  __schedule+0xa72/0x4d70
[  514.528767][   T26]  ? io_schedule_timeout+0x180/0x180
[  514.551039][   T26]  schedule+0xd2/0x260
[  514.555165][   T26]  schedule_preempt_disabled+0xf/0x20
[  514.580980][   T26]  __mutex_lock+0xa32/0x12f0
[  514.585719][   T26]  ? io_uring_try_cancel_requests+0x107/0x5e0
[  514.599261][   T26]  ? mutex_lock_io_nested+0x1150/0x1150
[  514.604900][   T26]  ? mark_held_locks+0x9f/0xe0
[  514.639263][   T26]  ? rwlock_bug.part.0+0x90/0x90
[  514.644378][   T26]  io_uring_try_cancel_requests+0x107/0x5e0
[  514.669641][   T26]  ? io_iopoll_try_reap_events+0x107/0x107
[  514.689230][   T26]  ? io_req_caches_free+0x1a2/0x1b5
[  514.694509][   T26]  io_ring_exit_work+0xf1/0xa01
[  514.709258][   T26]  ? io_sq_thread_finish+0x1d1/0x1d1
[  514.714650][   T26]  ? lock_acquire+0x1ab/0x510
[  514.739342][   T26]  ? lock_release+0x720/0x720
[  514.744115][   T26]  ? lock_downgrade+0x6e0/0x6e0
[  514.748962][   T26]  ? lockdep_hardirqs_on+0x79/0x100
[  514.772795][   T26]  process_one_work+0x879/0x1410
[  514.777897][   T26]  ? lock_release+0x720/0x720
[  514.809262][   T26]  ? pwq_dec_nr_in_flight+0x230/0x230
[  514.814964][   T26]  ? rwlock_bug.part.0+0x90/0x90
[  514.829313][   T26]  ? _raw_spin_lock_irq+0x41/0x50
[  514.834444][   T26]  worker_thread+0x5a0/0xf60
[  514.839064][   T26]  ? process_one_work+0x1410/0x1410
[  514.869235][   T26]  kthread+0x299/0x340
[  514.873446][   T26]  ? kthread_complete_and_exit+0x20/0x20
[  514.889213][   T26]  ret_from_fork+0x1f/0x30
[  514.893668][   T26]  </TASK>
[  514.919690][   T26] 
[  514.919690][   T26] Showing all locks held in the system:
[  514.927432][   T26] 1 lock held by khungtaskd/26:
[  514.959231][   T26]  #0: ffffffff8ad7a2e0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260
[  514.969141][   T26] 3 locks held by kworker/u4:3/55:
[  514.989301][   T26]  #0: ffff88800fc69138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x79e/0x1410
[  515.012672][   T26]  #1: ffffc90001a3fdc0 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_one_work+0x7cb/0x1410
[  515.046102][   T26]  #2: ffff88807d0430a8 (&ctx->uring_lock){+.+.}-{3:3}, at: io_uring_try_cancel_requests+0x107/0x5e0
[  515.074832][   T26] 2 locks held by getty/3305:
[  515.091726][   T26]  #0: ffff88807ece3098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x1f/0x70
[  515.134282][   T26]  #1: ffffc900027662e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x9dd/0xed0
[  515.168077][   T26] 2 locks held by kworker/1:5/3960:
[  515.174342][   T26]  #0: ffff88800fc66538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x79e/0x1410
[  515.209249][   T26]  #1: ffffc9000281fdc0 ((work_completion)(&rew.rew_work)){+.+.}-{0:0}, at: process_one_work+0x7cb/0x1410
[  515.229250][   T26] 2 locks held by kworker/u4:8/4216:
[  515.234592][   T26] 2 locks held by kworker/u4:11/4355:
[  515.259236][   T26]  #0: ffff88800fc69138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x79e/0x1410
[  515.279281][   T26]  #1: ffffc900032dfdc0 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_one_work+0x7cb/0x1410
[  515.309383][   T26] 2 locks held by kworker/u4:12/4357:
[  515.314956][   T26] 1 lock held by syz-executor.4/5561:
[  515.340891][   T26]  #0: ffffffff8ad83f28 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x4fa/0x620
[  515.379222][   T26] 1 lock held by syz-executor289/6224:
[  515.395194][   T26] 
[  515.415793][   T26] =============================================
[  515.415793][   T26] 
[  515.507086][   T26] NMI backtrace for cpu 1
[  515.511488][   T26] CPU: 1 PID: 26 Comm: khungtaskd Not tainted 5.17.0-rc3-syzkaller #0
[  515.519662][   T26] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  515.529840][   T26] Call Trace:
[  515.533150][   T26]  <TASK>
[  515.536109][   T26]  dump_stack_lvl+0x57/0x7d
[  515.540733][   T26]  nmi_cpu_backtrace.cold+0x30/0xc0
[  515.545931][   T26]  ? lapic_can_unplug_cpu+0x80/0x80
[  515.551332][   T26]  nmi_trigger_cpumask_backtrace+0x11f/0x170
[  515.557642][   T26]  watchdog+0x88c/0xbf0
[  515.562115][   T26]  ? proc_dohung_task_timeout_secs+0x30/0x30
[  515.568320][   T26]  kthread+0x299/0x340
[  515.572447][   T26]  ? kthread_complete_and_exit+0x20/0x20
[  515.578236][   T26]  ret_from_fork+0x1f/0x30
[  515.582747][   T26]  </TASK>
[  515.586247][   T26] Sending NMI from CPU 1 to CPUs 0:
[  515.591658][    C0] NMI backtrace for cpu 0
[  515.591669][    C0] CPU: 0 PID: 4216 Comm: kworker/u4:8 Not tainted 5.17.0-rc3-syzkaller #0
[  515.591678][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  515.591684][    C0] Workqueue: events_unbound io_ring_exit_work
[  515.591706][    C0] RIP: 0010:match_held_lock+0x82/0xc0
[  515.591722][    C0] Code: 0f 94 c0 48 83 c4 08 0f b6 c0 5b c3 31 f6 e8 c5 fe ff ff 48 85 c0 75 b2 31 c0 48 83 c4 08 5b c3 48 83 c4 08 b8 01 00 00 00 5b <c3> e8 58 2f 08 fb 85 c0 74 e4 8b 05 f6 19 25 04 85 c0 75 da 48 c7
[  515.591729][    C0] RSP: 0018:ffffc90002e1f930 EFLAGS: 00000086
[  515.591735][    C0] RAX: 0000000000000001 RBX: 0000000000000003 RCX: ffffc90002e1f9c0
[  515.591739][    C0] RDX: 0000000000000003 RSI: ffffffff8f7d4a90 RDI: ffff88807c0044b0
[  515.591743][    C0] RBP: 1ffff920005c3f30 R08: 0000000000000000 R09: 0000000000000000
[  515.591747][    C0] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88807c0044b0
[  515.591750][    C0] R13: ffffffff8f7d4a90 R14: ffffc90002e1f9c0 R15: 0000000000000002
[  515.591754][    C0] FS:  0000000000000000(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000
[  515.591758][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  515.591762][    C0] CR2: 00007f4170a90160 CR3: 0000000053723000 CR4: 00000000003506f0
[  515.591766][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  515.591769][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  515.591773][    C0] Call Trace:
[  515.591775][    C0]  <TASK>
[  515.591779][    C0]  find_held_lock+0x2d/0x110
[  515.591792][    C0]  lock_release+0x1f2/0x720
[  515.591799][    C0]  ? debug_check_no_obj_freed+0x20c/0x420
[  515.591905][    C0]  ? lock_downgrade+0x6e0/0x6e0
[  515.591912][    C0]  ? _raw_spin_lock_irqsave+0x4e/0x50
[  515.591925][    C0]  _raw_spin_unlock_irqrestore+0x16/0x70
[  515.591933][    C0]  debug_check_no_obj_freed+0x20c/0x420
[  515.591943][    C0]  slab_free_freelist_hook+0xeb/0x1c0
[  515.592006][    C0]  ? __io_remove_buffers.part.0+0x141/0x250
[  515.592060][    C0]  kfree+0xcb/0x280
[  515.592068][    C0]  __io_remove_buffers.part.0+0x141/0x250
[  515.592077][    C0]  io_ring_exit_work+0x655/0xa01
[  515.592085][    C0]  ? io_sq_thread_finish+0x1d1/0x1d1
[  515.592091][    C0]  ? lock_acquire+0x1ab/0x510
[  515.592098][    C0]  ? io_uring_del_tctx_node+0x1df/0x1df
[  515.592110][    C0]  process_one_work+0x879/0x1410
[  515.592121][    C0]  ? lock_release+0x720/0x720
[  515.592127][    C0]  ? pwq_dec_nr_in_flight+0x230/0x230
[  515.592134][    C0]  ? rwlock_bug.part.0+0x90/0x90
[  515.592141][    C0]  ? _raw_spin_lock_irq+0x41/0x50
[  515.592150][    C0]  worker_thread+0x5a0/0xf60
[  515.592158][    C0]  ? process_one_work+0x1410/0x1410
[  515.592164][    C0]  kthread+0x299/0x340
[  515.592171][    C0]  ? kthread_complete_and_exit+0x20/0x20
[  515.592179][    C0]  ret_from_fork+0x1f/0x30
[  515.592193][    C0]  </TASK>
[  516.122465][   T26] Kernel panic - not syncing: hung_task: blocked tasks
[  516.129345][   T26] CPU: 1 PID: 26 Comm: khungtaskd Not tainted 5.17.0-rc3-syzkaller #0
[  516.137482][   T26] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  516.147530][   T26] Call Trace:
[  516.150930][   T26]  <TASK>
[  516.153877][   T26]  dump_stack_lvl+0x57/0x7d
[  516.158374][   T26]  panic+0x214/0x49f
[  516.162301][   T26]  ? __warn_printk+0xee/0xee
[  516.166901][   T26]  ? lapic_can_unplug_cpu+0x80/0x80
[  516.172119][   T26]  ? preempt_schedule_thunk+0x16/0x18
[  516.177524][   T26]  watchdog.cold+0x111/0x157
[  516.182328][   T26]  ? proc_dohung_task_timeout_secs+0x30/0x30
[  516.188317][   T26]  kthread+0x299/0x340
[  516.192494][   T26]  ? kthread_complete_and_exit+0x20/0x20
[  516.198346][   T26]  ret_from_fork+0x1f/0x30
[  516.202780][   T26]  </TASK>
[  516.206309][   T26] Kernel Offset: disabled
[  516.210635][   T26] Rebooting in 86400 seconds..