[   58.926912][   T10] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   59.007539][   T10] bond0 (unregistering): Released all slaves
[   69.582679][   T26] kauditd_printk_skb: 19 callbacks suppressed
[   69.582696][   T26] audit: type=1400 audit(1681516641.089:176): avc:  denied  { search } for  pid=5339 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   69.617459][   T26] audit: type=1400 audit(1681516641.119:177): avc:  denied  { read } for  pid=5340 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=1405 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   69.649879][   T26] audit: type=1400 audit(1681516641.139:178): avc:  denied  { open } for  pid=5340 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1405 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   69.677969][   T26] audit: type=1400 audit(1681516641.139:179): avc:  denied  { getattr } for  pid=5340 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1405 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   69.788411][   T26] audit: type=1400 audit(1681516641.289:180): avc:  denied  { write } for  pid=5339 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1404 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   69.812971][   T26] audit: type=1400 audit(1681516641.289:181): avc:  denied  { add_name } for  pid=5339 comm="dhcpcd-run-hook" name="resolv.conf.eth1.ipv4ll" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   69.859587][   T26] audit: type=1400 audit(1681516641.359:182): avc:  denied  { remove_name } for  pid=5350 comm="rm" name="resolv.conf.eth1.ipv4ll" dev="tmpfs" ino=1529 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
Warning: Permanently added '10.128.0.40' (ECDSA) to the list of known hosts.
2023/04/14 23:57:27 parsed 1 programs
[   75.557207][   T26] audit: type=1400 audit(1681516647.059:183): avc:  denied  { mounton } for  pid=5516 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   75.582270][   T26] audit: type=1400 audit(1681516647.059:184): avc:  denied  { mount } for  pid=5516 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
2023/04/14 23:57:27 executed programs: 0
[   75.795767][   T26] audit: type=1400 audit(1681516647.299:185): avc:  denied  { mounton } for  pid=5521 comm="syz-executor.0" path="/syzcgroup/unified" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[   75.821120][   T26] audit: type=1400 audit(1681516647.319:186): avc:  denied  { create } for  pid=5521 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   76.451620][ T1111] cfg80211: failed to load regulatory.db
[   76.850111][   T26] audit: type=1400 audit(1681516648.349:187): avc:  denied  { ioctl } for  pid=5521 comm="syz-executor.0" path="socket:[30515]" dev="sockfs" ino=30515 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   76.852288][   T47] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   76.884761][   T47] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   76.893266][   T47] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   76.901435][   T47] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   76.909195][   T47] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   76.916529][   T47] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   76.935701][   T26] audit: type=1400 audit(1681516648.429:188): avc:  denied  { mounton } for  pid=5521 comm="syz-executor.0" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   77.002686][ T5521] chnl_net:caif_netlink_parms(): no params data found
[   77.039474][ T5521] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.046965][ T5521] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.054448][ T5521] bridge_slave_0: entered allmulticast mode
[   77.060908][ T5521] bridge_slave_0: entered promiscuous mode
[   77.068531][ T5521] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.075980][ T5521] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.083283][ T5521] bridge_slave_1: entered allmulticast mode
[   77.089791][ T5521] bridge_slave_1: entered promiscuous mode
[   77.110268][ T5521] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.125208][ T5521] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.146958][ T5521] team0: Port device team_slave_0 added
[   77.155016][ T5521] team0: Port device team_slave_1 added
[   77.173303][ T5521] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.180284][ T5521] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.206760][ T5521] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.218473][ T5521] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.226876][ T5521] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.253504][ T5521] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   77.278830][ T5521] hsr_slave_0: entered promiscuous mode
[   77.285056][ T5521] hsr_slave_1: entered promiscuous mode
[   77.335930][   T26] audit: type=1400 audit(1681516648.839:189): avc:  denied  { create } for  pid=5521 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   77.356958][   T26] audit: type=1400 audit(1681516648.849:190): avc:  denied  { write } for  pid=5521 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   77.358545][ T5521] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.378265][   T26] audit: type=1400 audit(1681516648.849:191): avc:  denied  { read } for  pid=5521 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   77.384862][ T5521] bridge0: port 2(bridge_slave_1) entered forwarding state
[   77.413767][ T5521] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.420902][ T5521] bridge0: port 1(bridge_slave_0) entered forwarding state
[   77.457632][ T5521] 8021q: adding VLAN 0 to HW filter on device bond0
[   77.469439][ T1111] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   77.477703][ T1111] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.486364][ T1111] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.494390][ T1111] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   77.507138][ T5521] 8021q: adding VLAN 0 to HW filter on device team0
[   77.517652][ T1111] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   77.526380][ T1111] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.533492][ T1111] bridge0: port 1(bridge_slave_0) entered forwarding state
[   77.545710][ T5074] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   77.554115][ T5074] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.561161][ T5074] bridge0: port 2(bridge_slave_1) entered forwarding state
[   77.580345][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   77.595632][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   77.604248][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   77.612989][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   77.624942][ T5521] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   77.636644][ T5521] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   77.646185][  T895] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   77.662885][  T895] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   77.670476][  T895] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   77.684031][ T5521] 8021q: adding VLAN 0 to HW filter on device batadv0
[   77.996242][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   78.007928][ T1111] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   78.016634][ T1111] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   78.026256][ T5073] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   78.034443][ T5073] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   78.043807][ T5521] veth0_vlan: entered promiscuous mode
[   78.056919][ T5521] veth1_vlan: entered promiscuous mode
[   78.071908][ T5073] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   78.080262][ T5073] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   78.089102][ T5073] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   78.097652][ T5073] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   78.109092][ T5521] veth0_macvtap: entered promiscuous mode
[   78.117792][ T5521] veth1_macvtap: entered promiscuous mode
[   78.131859][ T5521] batman_adv: batadv0: Interface activated: batadv_slave_0
[   78.140011][ T5073] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   78.148670][ T5073] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   78.157014][ T5073] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   78.166002][ T5073] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   78.177155][ T5521] batman_adv: batadv0: Interface activated: batadv_slave_1
[   78.184867][ T5073] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   78.194177][ T5073] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   78.245166][   T10] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.254340][   T10] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.267039][ T1111] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   78.279259][ T2823] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.288166][ T2823] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.299476][ T1111] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   78.333499][ T5544] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5544 'syz-executor.0'
[   78.348375][ T5544] loop0: detected capacity change from 0 to 96
[   78.356415][   T26] audit: type=1400 audit(1681516649.859:192): avc:  denied  { mounton } for  pid=5543 comm="syz-executor.0" path="/root/syzkaller-testdir4272260876/syzkaller.gf02HB/0/file0" dev="sda1" ino=1149 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   78.363874][ T5544] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[   78.394383][ T5544] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 2048)
[   78.404199][ T5544] NILFS (loop0): mounting unchecked fs
[   78.418317][ T5544] NILFS (loop0): recovery complete
[   78.425880][ T5545] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   79.003384][   T47] Bluetooth: hci0: command 0x0409 tx timeout
[   81.082368][ T4383] Bluetooth: hci0: command 0x041b tx timeout
[   83.172886][   T47] Bluetooth: hci0: command 0x040f tx timeout
[   85.242286][   T47] Bluetooth: hci0: command 0x0419 tx timeout
[  201.402298][ T4383] Bluetooth: hci0: command 0x0406 tx timeout
[  233.882425][   T27] INFO: task syz-executor.0:5521 blocked for more than 143 seconds.
[  233.891434][   T27]       Not tainted 6.3.0-rc6-syzkaller-00173-g7a934f4bd7d6 #0
[  233.900346][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  233.909108][   T27] task:syz-executor.0  state:D stack:24128 pid:5521  ppid:1      flags:0x00004004
[  233.918766][   T27] Call Trace:
[  233.922097][   T27]  <TASK>
[  233.925421][   T27]  __schedule+0xc91/0x5770
[  233.930044][   T27]  ? io_schedule_timeout+0x150/0x150
[  233.935680][   T27]  ? mark_held_locks+0x9f/0xe0
[  233.940458][   T27]  ? _raw_spin_unlock_irqrestore+0x54/0x70
[  233.946628][   T27]  ? lockdep_hardirqs_on+0x7d/0x100
[  233.951835][   T27]  ? _raw_spin_unlock_irqrestore+0x41/0x70
[  233.958438][   T27]  schedule+0xde/0x1a0
[  233.962800][   T27]  wb_wait_for_completion+0x182/0x240
[  233.968371][   T27]  ? wb_writeback+0xa50/0xa50
[  233.973774][   T27]  ? prepare_to_wait_exclusive+0x2c0/0x2c0
[  233.979732][   T27]  ? rwsem_down_write_slowpath+0x1220/0x1220
[  233.986156][   T27]  ? nilfs_sync_fs+0x34a/0x580
[  233.990931][   T27]  ? I_BDEV+0xd/0x20
[  233.995293][   T27]  sync_inodes_sb+0x1aa/0xa60
[  234.000974][   T27]  ? try_to_writeback_inodes_sb+0xc0/0xc0
[  234.007579][   T27]  ? get_nr_dirty_inodes+0x60/0x1d0
[  234.013321][   T27]  sync_filesystem.part.0+0xe6/0x1d0
[  234.018653][   T27]  sync_filesystem+0x8f/0xc0
[  234.025647][   T27]  generic_shutdown_super+0x74/0x480
[  234.031086][   T27]  kill_block_super+0x9b/0xf0
[  234.036386][   T27]  deactivate_locked_super+0x98/0x160
[  234.041883][   T27]  deactivate_super+0xb1/0xd0
[  234.047000][   T27]  cleanup_mnt+0x2ae/0x3d0
[  234.051455][   T27]  task_work_run+0x16f/0x270
[  234.056102][   T27]  ? task_work_cancel+0x30/0x30
[  234.060979][   T27]  ? __x64_sys_umount+0x118/0x190
[  234.066283][   T27]  exit_to_user_mode_prepare+0x210/0x240
[  234.071948][   T27]  syscall_exit_to_user_mode+0x1d/0x50
[  234.077504][   T27]  do_syscall_64+0x46/0xb0
[  234.082052][   T27]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  234.088131][   T27] RIP: 0033:0x466eb7
[  234.092034][   T27] RSP: 002b:00007ffe2a466628 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  234.100524][   T27] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000466eb7
[  234.109288][   T27] RDX: 00007ffe2a4666f9 RSI: 0000000000000002 RDI: 00007ffe2a4666f0
[  234.117863][   T27] RBP: 00007ffe2a4666f0 R08: 00000000ffffffff R09: 00007ffe2a4664c0
[  234.126745][   T27] R10: 0000000002a67893 R11: 0000000000000246 R12: 00000000004af4e4
[  234.135420][   T27] R13: 00007ffe2a4677a0 R14: 0000000002a67810 R15: 00007ffe2a4677e0
[  234.144664][   T27]  </TASK>
[  234.147785][   T27] 
[  234.147785][   T27] Showing all locks held in the system:
[  234.155582][   T27] 2 locks held by kworker/u4:0/8:
[  234.160630][   T27]  #0: ffff888144f6a138 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work+0x87a/0x15c0
[  234.172779][   T27]  #1: ffffc900002efda8 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work+0x8ae/0x15c0
[  234.185465][   T27] 1 lock held by rcu_tasks_kthre/11:
[  234.190769][   T27]  #0: ffffffff8c791ab0 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x31/0xd80
[  234.201290][   T27] 1 lock held by rcu_tasks_trace/12:
[  234.210871][   T27]  #0: ffffffff8c7917b0 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x31/0xd80
[  234.222036][   T27] 1 lock held by khungtaskd/27:
[  234.227036][   T27]  #0: ffffffff8c792600 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x340
[  234.237451][   T27] 2 locks held by getty/4744:
[  234.242462][   T27]  #0: ffff88814b7cd098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x26/0x80
[  234.252329][   T27]  #1: ffffc900020182f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xef4/0x13e0
[  234.262775][   T27] 2 locks held by syz-executor.0/5521:
[  234.268446][   T27]  #0: ffff8880798880e0 (&type->s_umount_key#64){+.+.}-{3:3}, at: deactivate_super+0xa9/0xd0
[  234.278960][   T27]  #1: ffff88801ec8e7d0 (&bdi->wb_switch_rwsem){+.+.}-{3:3}, at: sync_inodes_sb+0x190/0xa60
[  234.289135][   T27] 
[  234.291450][   T27] =============================================
[  234.291450][   T27] 
[  234.299934][   T27] NMI backtrace for cpu 1
[  234.304268][   T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 6.3.0-rc6-syzkaller-00173-g7a934f4bd7d6 #0
[  234.314506][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[  234.324635][   T27] Call Trace:
[  234.327907][   T27]  <TASK>
[  234.330839][   T27]  dump_stack_lvl+0xd9/0x150
[  234.335422][   T27]  nmi_cpu_backtrace+0x29c/0x350
[  234.340359][   T27]  ? lapic_can_unplug_cpu+0xa0/0xa0
[  234.345671][   T27]  nmi_trigger_cpumask_backtrace+0x2a4/0x300
[  234.352014][   T27]  watchdog+0xe16/0x1090
[  234.356354][   T27]  ? proc_dohung_task_timeout_secs+0x80/0x80
[  234.362341][   T27]  kthread+0x2e8/0x3a0
[  234.366772][   T27]  ? kthread_complete_and_exit+0x40/0x40
[  234.372484][   T27]  ret_from_fork+0x1f/0x30
[  234.376921][   T27]  </TASK>
[  234.380009][   T27] Sending NMI from CPU 1 to CPUs 0:
[  234.385297][    C0] NMI backtrace for cpu 0
[  234.385307][    C0] CPU: 0 PID: 10 Comm: kworker/u4:1 Not tainted 6.3.0-rc6-syzkaller-00173-g7a934f4bd7d6 #0
[  234.385325][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[  234.385337][    C0] Workqueue: events_unbound toggle_allocation_gate
[  234.385365][    C0] RIP: 0010:match_held_lock+0x1/0xc0
[  234.385387][    C0] Code: 85 c0 75 ae 48 c7 c6 c0 49 4c 8a 48 c7 c7 00 4a 4c 8a e8 42 b0 4b f7 0f 0b eb 97 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 53 <48> 89 fb 48 83 ec 08 48 39 77 10 74 6a 66 f7 47 22 f0 ff 74 5a 48
[  234.385403][    C0] RSP: 0018:ffffc9000030f948 EFLAGS: 00000097
[  234.385416][    C0] RAX: 000000000000000a RBX: 0000000000000002 RCX: 0000000000000001
[  234.385426][    C0] RDX: 0000000000000000 RSI: ffff8880b983c2d8 RDI: ffff888016ee0d08
[  234.385438][    C0] RBP: ffff8880b983c2d8 R08: 0000000000000000 R09: ffffffff8e769897
[  234.385449][    C0] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888016ee0280
[  234.385459][    C0] R13: ffff888016ee0cb8 R14: 00000000ffffffff R15: ffff888016ee0d08
[  234.385470][    C0] FS:  0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[  234.385487][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  234.385499][    C0] CR2: 000055fa3d44e600 CR3: 000000000c571000 CR4: 00000000003506f0
[  234.385510][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  234.385526][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  234.385537][    C0] Call Trace:
[  234.385541][    C0]  <TASK>
[  234.385547][    C0]  lock_is_held_type+0xab/0x140
[  234.385567][    C0]  update_load_avg+0x2fa/0x1cb0
[  234.385596][    C0]  set_next_entity+0x33d/0x5d0
[  234.385618][    C0]  pick_next_task_fair+0x94b/0x1290
[  234.385645][    C0]  __schedule+0x45b/0x5770
[  234.385663][    C0]  ? prepare_to_wait_event+0xd0/0x6a0
[  234.385679][    C0]  ? lock_downgrade+0x640/0x690
[  234.385695][    C0]  ? io_schedule_timeout+0x150/0x150
[  234.385712][    C0]  ? mark_held_locks+0x9f/0xe0
[  234.385727][    C0]  ? _raw_spin_unlock_irqrestore+0x54/0x70
[  234.385751][    C0]  ? lockdep_hardirqs_on+0x7d/0x100
[  234.385769][    C0]  ? _raw_spin_unlock_irqrestore+0x41/0x70
[  234.385792][    C0]  schedule+0xde/0x1a0
[  234.385808][    C0]  toggle_allocation_gate+0x1ad/0x230
[  234.385831][    C0]  ? wake_up_kfence_timer+0x30/0x30
[  234.385853][    C0]  ? prepare_to_wait_exclusive+0x2c0/0x2c0
[  234.385880][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  234.385903][    C0]  process_one_work+0x991/0x15c0
[  234.385924][    C0]  ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[  234.385943][    C0]  ? spin_bug+0x1c0/0x1c0
[  234.385960][    C0]  ? _raw_spin_lock_irq+0x45/0x50
[  234.385982][    C0]  worker_thread+0x669/0x1090
[  234.386001][    C0]  ? process_one_work+0x15c0/0x15c0
[  234.386020][    C0]  kthread+0x2e8/0x3a0
[  234.386035][    C0]  ? kthread_complete_and_exit+0x40/0x40
[  234.386058][    C0]  ret_from_fork+0x1f/0x30
[  234.386082][    C0]  </TASK>
[  234.386295][   T27] Kernel panic - not syncing: hung_task: blocked tasks
[  234.677086][   T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 6.3.0-rc6-syzkaller-00173-g7a934f4bd7d6 #0
[  234.687677][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[  234.697740][   T27] Call Trace:
[  234.701030][   T27]  <TASK>
[  234.703970][   T27]  dump_stack_lvl+0xd9/0x150
[  234.708651][   T27]  panic+0x688/0x730
[  234.712578][   T27]  ? panic_smp_self_stop+0x90/0x90
[  234.717751][   T27]  ? irq_work_claim+0x76/0x90
[  234.722626][   T27]  ? lapic_can_unplug_cpu+0xa0/0xa0
[  234.728304][   T27]  ? irq_work_queue+0x2d/0x80
[  234.733086][   T27]  ? watchdog+0xbe8/0x1090
[  234.737694][   T27]  watchdog+0xbf9/0x1090
[  234.741961][   T27]  ? proc_dohung_task_timeout_secs+0x80/0x80
[  234.747957][   T27]  kthread+0x2e8/0x3a0
[  234.752119][   T27]  ? kthread_complete_and_exit+0x40/0x40
[  234.757758][   T27]  ret_from_fork+0x1f/0x30
[  234.762201][   T27]  </TASK>
[  234.765382][   T27] Kernel Offset: disabled
[  234.769797][   T27] Rebooting in 86400 seconds..