[  442.030984][ T4203] Bluetooth: hci11: command 0x0406 tx timeout
[  445.337693][ T5641] chnl_net:caif_netlink_parms(): no params data found
Warning: Permanently added '10.128.1.159' (ED25519) to the list of known hosts.
[  445.727204][ T5641] bridge0: port 1(bridge_slave_0) entered blocking state
[  445.734452][ T5641] bridge0: port 1(bridge_slave_0) entered disabled state
[  445.777947][ T5641] device bridge_slave_0 entered promiscuous mode
[  445.788127][ T5641] bridge0: port 2(bridge_slave_1) entered blocking state
[  445.798922][ T5641] bridge0: port 2(bridge_slave_1) entered disabled state
[  445.811298][ T5641] device bridge_slave_1 entered promiscuous mode
[  445.915952][ T5641] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  446.143692][ T5641] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
executing program
[  446.570464][ T5641] team0: Port device team_slave_0 added
[  446.696116][ T5641] team0: Port device team_slave_1 added
[  446.738032][ T5257] Bluetooth: hci16: command 0x0409 tx timeout
[  447.047496][ T5641] batman_adv: batadv0: Adding interface: batadv_slave_0
[  447.132827][ T5641] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  447.350692][ T5641] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  447.428091][ T5641] batman_adv: batadv0: Adding interface: batadv_slave_1
[  447.450645][ T5641] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  447.736199][ T5641] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  448.164235][ T5641] device hsr_slave_0 entered promiscuous mode
[  448.178481][ T5641] device hsr_slave_1 entered promiscuous mode
[  448.193862][ T5641] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  448.206319][ T5641] Cannot create hsr debugfs directory
[  448.745507][ T5641] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  448.831091][ T4381] Bluetooth: hci16: command 0x041b tx timeout
[  448.936294][ T5641] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  449.040562][ T5641] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  449.244047][ T5641] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  449.596228][ T5641] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  449.726718][ T5641] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  449.743791][ T5641] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  449.755357][ T5641] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  450.092729][ T5641] 8021q: adding VLAN 0 to HW filter on device bond0
[  450.165531][ T5374] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  450.216032][ T5374] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  450.237032][ T5641] 8021q: adding VLAN 0 to HW filter on device team0
[  450.285772][ T5374] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  450.296900][ T5374] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  450.331614][ T5374] bridge0: port 1(bridge_slave_0) entered blocking state
[  450.338740][ T5374] bridge0: port 1(bridge_slave_0) entered forwarding state
[  450.399547][ T5374] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  450.412937][ T5374] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  450.422655][ T5374] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  450.515186][ T5374] bridge0: port 2(bridge_slave_1) entered blocking state
[  450.522321][ T5374] bridge0: port 2(bridge_slave_1) entered forwarding state
[  450.550678][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  450.587072][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  450.689658][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  450.717494][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  450.780790][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  450.789577][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  450.839085][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  450.850279][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  450.859277][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  450.907588][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  450.916836][ T4381] Bluetooth: hci16: command 0x040f tx timeout
[  450.982006][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  451.046561][ T5641] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  451.788419][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  451.846124][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  451.886283][ T5641] 8021q: adding VLAN 0 to HW filter on device batadv0
[  452.340000][ T5374] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  452.375066][ T5374] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  452.479505][ T5374] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  452.517795][ T5374] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  452.576173][ T5641] device veth0_vlan entered promiscuous mode
[  452.589035][ T5374] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  452.657163][ T5374] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  452.685913][ T5641] device veth1_vlan entered promiscuous mode
[  452.893220][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  452.956463][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  452.977078][ T5641] device veth0_macvtap entered promiscuous mode
[  452.991402][ T4379] Bluetooth: hci16: command 0x0419 tx timeout
[  453.069080][ T5641] device veth1_macvtap entered promiscuous mode
[  453.124674][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  453.154292][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  453.180634][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  453.195260][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  453.273434][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  453.367826][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  453.385717][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  453.411021][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  453.486890][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  453.501984][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  453.521903][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  453.532713][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  453.556548][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  453.574119][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  453.606443][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  453.647078][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  453.663158][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  453.695229][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  453.728977][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  453.771719][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  453.805844][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  453.832445][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  453.843511][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  453.861619][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  453.894441][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  453.925305][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  453.941944][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  453.965462][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  453.983227][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  454.009910][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  454.025563][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  454.059196][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  454.134594][ T5641] batman_adv: batadv0: Interface activated: batadv_slave_0
[  454.147749][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  454.173192][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  454.189564][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  454.285370][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  454.318401][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  454.335204][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  454.354467][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  454.439495][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  454.504517][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  454.515990][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  454.534298][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  454.549246][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  454.594575][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  454.612484][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  454.715067][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  454.773238][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  454.835395][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  454.848790][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  454.863101][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  454.898453][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  454.933441][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  454.947175][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  454.962806][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  454.976149][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  455.002759][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  455.020236][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  455.033271][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  455.050066][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  455.105973][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  455.134442][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  455.156018][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  455.175042][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  455.273171][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  455.291564][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  455.309851][ T5641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  455.333001][ T5641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  455.346664][ T5641] batman_adv: batadv0: Interface activated: batadv_slave_1
[  455.362488][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  455.385547][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  455.428021][ T5641] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  455.498921][ T5641] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  455.615206][ T5641] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  455.654788][ T5641] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  456.098342][ T5548] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  456.142802][ T5548] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  456.150588][ T5548] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  456.263987][ T5548] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  456.322364][ T5548] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  456.332042][ T5548] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  456.601688][   T27] INFO: task syz.0.26:5518 blocked for more than 143 seconds.
[  456.609612][   T27]       Not tainted syzkaller #0
[  456.689649][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  456.765525][   T27] task:syz.0.26        state:D stack:26064 pid: 5518 ppid:  5502 flags:0x00004004
[  456.834671][   T27] Call Trace:
[  456.838003][   T27]  <TASK>
[  456.906652][   T27]  __schedule+0x11ef/0x43c0
[  456.938856][   T27]  ? release_firmware_map_entry+0x190/0x190
[  456.968960][   T27]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  457.027438][   T27]  ? lock_chain_count+0x20/0x20
[  457.074179][   T27]  ? _raw_spin_lock_irq+0xb7/0xf0
[  457.095529][   T27]  ? _raw_spin_lock_irqsave+0x100/0x100
[  457.134657][   T27]  schedule+0x11b/0x1e0
[  457.138867][   T27]  schedule_preempt_disabled+0xf/0x20
[  457.205076][   T27]  rwsem_down_read_slowpath+0x548/0x9d0
[  457.230768][   T27]  ? down_write_killable_nested+0x90/0x90
[  457.236730][   T27]  ? read_lock_is_recursive+0x10/0x10
[  457.266659][   T27]  ? __lock_acquire+0x7d10/0x7d10
[  457.429757][   T27]  ? __rwlock_init+0x140/0x140
[  457.525258][   T27]  down_read+0x96/0x2e0
[  457.534284][   T27]  user_get_super+0x118/0x240
[  457.606829][   T27]  __se_sys_quotactl+0x46f/0x6f0
[  457.642964][   T27]  ? __x64_sys_quotactl+0xa0/0xa0
[  457.682563][   T27]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  457.688606][   T27]  ? lock_chain_count+0x20/0x20
[  457.814601][   T27]  ? vtime_user_exit+0x2c8/0x3e0
[  457.874652][   T27]  ? lockdep_hardirqs_on+0x94/0x140
[  457.912159][   T27]  do_syscall_64+0x4c/0xa0
[  457.916629][   T27]  ? clear_bhb_loop+0x30/0x80
[  457.987288][   T27]  ? clear_bhb_loop+0x30/0x80
[  458.001094][   T27]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  458.025238][   T27] RIP: 0033:0x7fc7ef09e0b9
[  458.053465][   T27] RSP: 002b:00007fc7ee303028 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[  458.116969][   T27] RAX: ffffffffffffffda RBX: 00007fc7ef2cafa0 RCX: 00007fc7ef09e0b9
[  458.193064][   T27] RDX: 0000000000000000 RSI: 0000200000000140 RDI: ffffffff80000800
[  458.247441][   T27] RBP: 00007fc7ef1309c4 R08: 0000000000000000 R09: 0000000000000000
[  458.320532][   T27] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  458.374316][   T27] R13: 0000000000000000 R14: 00007fc7ef2cafa0 R15: 00007ffdd6425bd8
[  458.419525][   T27]  </TASK>
[  458.423789][   T27] 
[  458.423789][   T27] Showing all locks held in the system:
[  458.457329][   T27] 1 lock held by khungtaskd/27:
[  458.494411][   T27]  #0: ffffffff8c31eaa0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x0/0x30
[  458.576986][   T27] 2 locks held by kworker/u4:5/3078:
[  458.644395][   T27]  #0: ffff8880b903a358 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x26/0x140
[  458.721426][   T27]  #1: ffffc9000d1dfd00 ((work_completion)(&(&bat_priv->nc.work)->work)){+.+.}-{0:0}, at: process_one_work+0x79f/0x1010
[  458.806455][   T27] 2 locks held by getty/3946:
[  458.845653][   T27]  #0: ffff88802c512098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70
[  458.931142][   T27]  #1: ffffc90002cf62e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x5df/0x1a70
[  458.993899][   T27] 3 locks held by syz.0.16/5280:
[  458.998877][   T27]  #0: ffff8880784ba0e0 (&type->s_umount_key#25/1){+.+.}-{3:3}, at: alloc_super+0x201/0x950
[  459.057465][   T27]  #1: ffffc900031910f0 (&journal->j_mutex){+.+.}-{3:3}, at: do_journal_end+0x304/0x42d0
[  459.142636][   T27]  #2: ffffc90003191180 (&journal->j_flush_mutex){+.+.}-{3:3}, at: flush_journal_list+0x180/0x1ba0
[  459.238440][   T27] 3 locks held by syz.1.17/5300:
[  459.245053][   T27]  #0: ffff8880197da0e0 (&type->s_umount_key#25/1){+.+.}-{3:3}, at: alloc_super+0x201/0x950
[  459.276149][   T27]  #1: ffffc900032510f0 (&journal->j_mutex){+.+.}-{3:3}, at: do_journal_end+0x304/0x42d0
[  459.380184][   T27]  #2: ffffc90003251180 (&journal->j_flush_mutex){+.+.}-{3:3}, at: flush_journal_list+0x180/0x1ba0
[  459.398281][   T27] 4 locks held by syz.2.18/5317:
[  459.408961][   T27] 3 locks held by syz.3.19/5334:
[  459.421419][   T27]  #0: ffff88805c7420e0 (&type->s_umount_key#25/1){+.+.}-{3:3}, at: alloc_super+0x201/0x950
[  459.500002][   T27]  #1: ffffc900033f10f0 (&journal->j_mutex){+.+.}-{3:3}, at: do_journal_end+0x304/0x42d0
[  459.526653][   T27]  #2: ffffc900033f1180 (&journal->j_flush_mutex){+.+.}-{3:3}, at: flush_journal_list+0x180/0x1ba0
[  459.616833][   T27] 4 locks held by syz.4.20/5363:
[  459.626571][   T27]  #0: ffff8880248920e0 (&type->s_umount_key#25/1){+.+.}-{3:3}, at: alloc_super+0x201/0x950
[  459.704752][   T27]  #1: ffffc900035110f0 (&journal->j_mutex){+.+.}-{3:3}, at: do_journal_end+0x304/0x42d0
[  459.719510][   T27]  #2: ffffc90003511180 (&journal->j_flush_mutex){+.+.}-{3:3}, at: flush_journal_list+0x180/0x1ba0
[  459.734510][   T27]  #3: ffff8880b913a358 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x26/0x140
[  459.746736][   T27] 3 locks held by syz.5.21/5387:
[  459.754425][   T27]  #0: ffff88805a9d00e0 (&type->s_umount_key#25/1){+.+.}-{3:3}, at: alloc_super+0x201/0x950
[  459.774693][   T27]  #1: ffffc900035d10f0 (&journal->j_mutex){+.+.}-{3:3}, at: do_journal_end+0x304/0x42d0
[  459.821187][   T27]  #2: ffffc900035d1180 (&journal->j_flush_mutex){+.+.}-{3:3}, at: flush_journal_list+0x180/0x1ba0
[  459.930948][   T27] 3 locks held by syz.6.22/5413:
[  459.937895][   T27]  #0: ffff88802562c0e0 (&type->s_umount_key#25/1){+.+.}-{3:3}, at: alloc_super+0x201/0x950
[  460.053799][   T27]  #1: ffffc900036d10f0 (&journal->j_mutex){+.+.}-{3:3}, at: do_journal_end+0x304/0x42d0
[  460.128681][   T27]  #2: ffffc900036d1180 (&journal->j_flush_mutex){+.+.}-{3:3}, at: flush_journal_list+0x180/0x1ba0
[  460.144271][   T27] 4 locks held by syz.7.23/5443:
[  460.170570][   T27]  #0: ffff888017d940e0 (&type->s_umount_key#25/1){+.+.}-{3:3}, at: alloc_super+0x201/0x950
[  460.193566][   T27]  #1: ffffc900039d10f0 (&journal->j_mutex){+.+.}-{3:3}, at: do_journal_end+0x304/0x42d0
[  460.236650][   T27]  #2: ffffc900039d1180 (&journal->j_flush_mutex){+.+.}-{3:3}, at: flush_journal_list+0x180/0x1ba0
[  460.260055][   T27]  #3: ffff88805e009c90 (&jl->j_commit_mutex){+.+.}-{3:3}, at: flush_commit_list+0x6de/0x1d70
[  460.291105][   T27] 4 locks held by syz.8.24/5468:
[  460.296085][   T27] 4 locks held by syz.9.25/5493:
[  460.339913][   T27] 1 lock held by syz.0.26/5518:
[  460.357845][   T27]  #0: ffff8880784ba0e0 (&type->s_umount_key#53){.+.+}-{3:3}, at: user_get_super+0x118/0x240
[  460.411938][   T27] 1 lock held by syz.1.27/5535:
[  460.417429][   T27]  #0: ffff8880197da0e0 (&type->s_umount_key#53){.+.+}-{3:3}, at: user_get_super+0x118/0x240
[  460.539710][   T27] 3 locks held by kworker/u4:10/5548:
[  460.605918][   T27]  #0: ffff8880b903a358 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x26/0x140
[  460.663847][   T27]  #1: ffff8880b9127888 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x4fe/0x7d0
[  460.737000][   T27]  #2: ffffffff8c31eaa0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30
[  460.769489][   T27] 1 lock held by syz.2.28/5561:
[  460.828862][   T27]  #0: ffff88801eacc0e0 (&type->s_umount_key#53){.+.+}-{3:3}, at: user_get_super+0x118/0x240
[  460.848898][   T27] 1 lock held by syz.3.29/5579:
[  460.890081][   T27]  #0: ffff88805c7420e0 (&type->s_umount_key#53){.+.+}-{3:3}, at: user_get_super+0x118/0x240
[  460.938547][   T27] 1 lock held by syz.4.30/5603:
[  460.956747][   T27]  #0: ffff8880248920e0 (&type->s_umount_key#53){.+.+}-{3:3}, at: user_get_super+0x118/0x240
[  461.015608][   T27] 1 lock held by syz.5.31/5634:
[  461.050400][   T27]  #0: ffff88805a9d00e0 (&type->s_umount_key#53){.+.+}-{3:3}, at: user_get_super+0x118/0x240
[  461.133474][   T27] 1 lock held by syz-executor241/5656:
[  461.147278][   T27]  #0: ffff8880784ba0e0 (&type->s_umount_key#53){.+.+}-{3:3}, at: user_get_super+0x118/0x240
[  461.164184][   T27] 1 lock held by syz.6.32/5669:
[  461.178908][   T27]  #0: ffff88802562c0e0 (&type->s_umount_key#53){.+.+}-{3:3}, at: user_get_super+0x118/0x240
[  461.212640][   T27] 
[  461.215078][   T27] =============================================
[  461.215078][   T27] 
[  461.265647][   T27] NMI backtrace for cpu 1
[  461.270026][   T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted syzkaller #0
[  461.277328][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  461.287565][   T27] Call Trace:
[  461.290857][   T27]  <TASK>
[  461.293800][   T27]  dump_stack_lvl+0x188/0x250
[  461.298496][   T27]  ? show_regs_print_info+0x20/0x20
[  461.303981][   T27]  ? load_image+0x400/0x400
[  461.308583][   T27]  ? tick_nohz_tick_stopped+0x7b/0xb0
[  461.313975][   T27]  ? nmi_cpu_backtrace+0x1b2/0x3d0
[  461.319109][   T27]  nmi_cpu_backtrace+0x3a2/0x3d0
[  461.324063][   T27]  ? nmi_trigger_cpumask_backtrace+0x280/0x280
[  461.330229][   T27]  ? _printk+0xda/0x130
[  461.334396][   T27]  ? load_image+0x400/0x400
[  461.339082][   T27]  ? load_image+0x400/0x400
[  461.343599][   T27]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  461.349684][   T27]  nmi_trigger_cpumask_backtrace+0x163/0x280
[  461.355770][   T27]  watchdog+0xe0f/0xe50
[  461.359956][   T27]  kthread+0x436/0x520
[  461.364034][   T27]  ? hungtask_pm_notify+0x40/0x40
[  461.369067][   T27]  ? kthread_blkcg+0xd0/0xd0
[  461.373680][   T27]  ret_from_fork+0x1f/0x30
[  461.378114][   T27]  </TASK>
[  461.382546][   T27] Sending NMI from CPU 1 to CPUs 0:
[  461.387831][    C0] NMI backtrace for cpu 0
[  461.387845][    C0] CPU: 0 PID: 5493 Comm: syz.9.25 Not tainted syzkaller #0
[  461.387864][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  461.387873][    C0] RIP: 0010:trace_rcu_utilization+0x0/0x1a0
[  461.387895][    C0] Code: c7 c1 64 e4 89 8d 80 e1 07 80 c1 03 38 c1 0f 8c de f7 ff ff 48 c7 c7 64 e4 89 8d e8 1a 49 59 00 e9 cd f7 ff ff 0f 1f 44 00 00 <41> 57 41 56 53 0f 1f 44 00 00 65 8b 05 87 31 9d 7e 83 f8 08 0f 83
[  461.387908][    C0] RSP: 0018:ffffc90003b9e878 EFLAGS: 00000086
[  461.387922][    C0] RAX: ffff8880b903b1c0 RBX: dffffc0000000000 RCX: e9d5ed1adfc05700
[  461.387934][    C0] RDX: 0000000000000000 RSI: ffffffff8a79f960 RDI: ffffffff8a2c5960
[  461.387945][    C0] RBP: ffffc90003b9e9f0 R08: ffffc90003b9eb6f R09: ffffc90003b9eb60
[  461.387957][    C0] R10: dffffc0000000000 R11: fffff52000773d6e R12: ffff88802a3e3b80
[  461.387969][    C0] R13: 0000000000000001 R14: ffffffff8be31820 R15: 1ffff92000773d2c
[  461.387979][    C0] FS:  00007f770b6d46c0(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000
[  461.387994][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  461.388005][    C0] CR2: 00007fec331dbe00 CR3: 000000002aba4000 CR4: 00000000003506f0
[  461.388020][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  461.388029][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  461.388039][    C0] Call Trace:
[  461.388043][    C0]  <TASK>
[  461.388049][    C0]  rcu_note_context_switch+0xc5/0x1020
[  461.388069][    C0]  ? update_load_avg+0x507/0x1130
[  461.388091][    C0]  ? wait_rcu_exp_gp+0x30/0x30
[  461.388106][    C0]  ? __schedule+0x2ba/0x43c0
[  461.388122][    C0]  ? lockdep_hardirqs_off+0x70/0x100
[  461.388141][    C0]  __schedule+0x2ca/0x43c0
[  461.388161][    C0]  ? __queue_work+0x9e2/0xd50
[  461.388180][    C0]  ? try_to_wake_up+0x6cf/0x1050
[  461.388197][    C0]  ? release_firmware_map_entry+0x190/0x190
[  461.388217][    C0]  ? preempt_schedule+0xbc/0xd0
[  461.388233][    C0]  preempt_schedule_common+0x82/0xd0
[  461.388249][    C0]  preempt_schedule+0xbc/0xd0
[  461.388264][    C0]  ? schedule_preempt_disabled+0x20/0x20
[  461.388279][    C0]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  461.388298][    C0]  ? lock_chain_count+0x20/0x20
[  461.388315][    C0]  preempt_schedule_thunk+0x16/0x18
[  461.388335][    C0]  _raw_spin_unlock_irq+0x3c/0x40
[  461.388349][    C0]  loop_queue_rq+0x9e0/0xac0
[  461.388368][    C0]  __blk_mq_try_issue_directly+0x497/0x820
[  461.388388][    C0]  ? blk_mq_request_issue_directly+0xa0/0xa0
[  461.388407][    C0]  ? rcu_is_watching+0x11/0xa0
[  461.388423][    C0]  blk_mq_try_issue_directly+0xaf/0x270
[  461.388442][    C0]  blk_mq_submit_bio+0xfa1/0x1820
[  461.388460][    C0]  ? submit_bio_checks+0xcf1/0x1910
[  461.388475][    C0]  ? blk_mq_try_issue_list_directly+0x530/0x530
[  461.388495][    C0]  ? __submit_bio+0x820/0x820
[  461.388511][    C0]  ? blk_try_enter_queue+0x399/0x4d0
[  461.388530][    C0]  __submit_bio+0x7d1/0x820
[  461.388548][    C0]  ? rcu_lock_release+0x20/0x20
[  461.388565][    C0]  ? rcu_lock_release+0x5/0x20
[  461.388582][    C0]  submit_bio_noacct+0x6b0/0x800
[  461.388607][    C0]  ? blk_put_request+0x20/0x20
[  461.388624][    C0]  ? __bio_add_page+0x304/0x510
[  461.388641][    C0]  ? bio_add_page+0x2d6/0x460
[  461.388657][    C0]  submit_bio+0x2c1/0x560
[  461.388671][    C0]  ? guard_bio_eod+0xee/0x130
[  461.388686][    C0]  ? submit_bio_noacct+0x800/0x800
[  461.388706][    C0]  submit_bh+0x23/0x30
[  461.388721][    C0]  flush_journal_list+0x89d/0x1ba0
[  461.388745][    C0]  flush_used_journal_lists+0x12e6/0x1660
[  461.388769][    C0]  ? do_journal_end+0x2ed8/0x42d0
[  461.388785][    C0]  ? flush_journal_list+0x1ba0/0x1ba0
[  461.388801][    C0]  ? __lock_acquire+0x7d10/0x7d10
[  461.388819][    C0]  ? memset+0x1e/0x40
[  461.388838][    C0]  ? __mutex_unlock_slowpath+0x1b0/0x6c0
[  461.388855][    C0]  ? mutex_unlock+0x10/0x10
[  461.388878][    C0]  do_journal_end+0x3615/0x42d0
[  461.388911][    C0]  do_journal_begin_r+0xa5b/0x1040
[  461.388937][    C0]  ? journal_join_abort+0xe0/0xe0
[  461.388959][    C0]  journal_begin+0x148/0x350
[  461.388976][    C0]  reiserfs_fill_super+0x16a1/0x2440
[  461.388999][    C0]  ? reiserfs_kill_sb+0x140/0x140
[  461.389013][    C0]  ? snprintf+0xe5/0x140
[  461.389028][    C0]  ? vscnprintf+0x80/0x80
[  461.389042][    C0]  ? set_blocksize+0x1f3/0x370
[  461.389057][    C0]  ? sb_set_blocksize+0xa5/0xe0
[  461.389072][    C0]  mount_bdev+0x287/0x3c0
[  461.389087][    C0]  ? reiserfs_kill_sb+0x140/0x140
[  461.389103][    C0]  legacy_get_tree+0xe6/0x180
[  461.389118][    C0]  ? remove_save_link+0x3e0/0x3e0
[  461.389134][    C0]  vfs_get_tree+0x88/0x270
[  461.389149][    C0]  do_new_mount+0x24a/0xa40
[  461.389168][    C0]  __se_sys_mount+0x2e3/0x3d0
[  461.389185][    C0]  ? __x64_sys_mount+0xc0/0xc0
[  461.389202][    C0]  ? lockdep_hardirqs_on+0x94/0x140
[  461.389217][    C0]  ? __x64_sys_mount+0x1c/0xc0
[  461.389233][    C0]  do_syscall_64+0x4c/0xa0
[  461.389246][    C0]  ? clear_bhb_loop+0x30/0x80
[  461.389260][    C0]  ? clear_bhb_loop+0x30/0x80
[  461.389275][    C0]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  461.389290][    C0] RIP: 0033:0x7f770c47034a
[  461.389304][    C0] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  461.389316][    C0] RSP: 002b:00007f770b6d3e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  461.389331][    C0] RAX: ffffffffffffffda RBX: 00007f770b6d3ee0 RCX: 00007f770c47034a
[  461.389343][    C0] RDX: 0000200000000080 RSI: 0000200000000040 RDI: 00007f770b6d3ea0
[  461.389353][    C0] RBP: 0000200000000080 R08: 00007f770b6d3ee0 R09: 000000000000800c
[  461.389364][    C0] R10: 000000000000800c R11: 0000000000000246 R12: 0000200000000040
[  461.389374][    C0] R13: 00007f770b6d3ea0 R14: 000000000000112d R15: 0000200000000300
[  461.389391][    C0]  </TASK>
[  461.980902][   T27] Kernel panic - not syncing: hung_task: blocked tasks
[  461.988044][   T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted syzkaller #0
[  461.995249][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  462.005408][   T27] Call Trace:
[  462.008708][   T27]  <TASK>
[  462.011639][   T27]  dump_stack_lvl+0x188/0x250
[  462.016414][   T27]  ? show_regs_print_info+0x20/0x20
[  462.021623][   T27]  ? load_image+0x400/0x400
[  462.026157][   T27]  panic+0x2e5/0x810
[  462.030069][   T27]  ? schedule_preempt_disabled+0x20/0x20
[  462.035725][   T27]  ? bpf_jit_dump+0xd0/0xd0
[  462.040246][   T27]  ? __irq_work_queue_local+0x12c/0x190
[  462.045997][   T27]  ? nmi_trigger_cpumask_backtrace+0x260/0x280
[  462.052276][   T27]  watchdog+0xe4e/0xe50
[  462.056460][   T27]  kthread+0x436/0x520
[  462.060622][   T27]  ? hungtask_pm_notify+0x40/0x40
[  462.065658][   T27]  ? kthread_blkcg+0xd0/0xd0
[  462.070258][   T27]  ret_from_fork+0x1f/0x30
[  462.074697][   T27]  </TASK>
[  462.078174][   T27] Kernel Offset: disabled
[  462.082532][   T27] Rebooting in 86400 seconds..