Warning: Permanently added '[localhost]:7491' (ED25519) to the list of known hosts.
2025/11/15 15:54:48 parsed 1 programs
syzkaller login: [ 85.246531][ T5315] cgroup: Unknown subsys name 'net'
[ 85.321516][ T5315] cgroup: Unknown subsys name 'cpuset'
[ 85.327016][ T5315] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 86.993217][ T5315] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 91.892667][ T55] cfg80211: failed to load regulatory.db
[ 92.145522][ T5329] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 95.798575][ T5379] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 95.802575][ T5379] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 95.806091][ T5379] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 95.812862][ T5379] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 95.816456][ T5379] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 96.259858][ T1039] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 96.263592][ T1039] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 96.299304][ T1040] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 96.302801][ T1040] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 97.828447][ T5401] chnl_net:caif_netlink_parms(): no params data found
[ 97.940369][ T5401] bridge0: port 1(bridge_slave_0) entered blocking state
[ 97.943563][ T5401] bridge0: port 1(bridge_slave_0) entered disabled state
[ 97.946639][ T5401] bridge_slave_0: entered allmulticast mode
[ 97.959090][ T5401] bridge_slave_0: entered promiscuous mode
[ 97.969351][ T5401] bridge0: port 2(bridge_slave_1) entered blocking state
[ 97.972591][ T5401] bridge0: port 2(bridge_slave_1) entered disabled state
[ 97.975724][ T5401] bridge_slave_1: entered allmulticast mode
[ 97.989674][ T5401] bridge_slave_1: entered promiscuous mode
[ 98.032784][ T5401] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 98.050081][ T5401] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 98.094808][ T5401] team0: Port device team_slave_0 added
[ 98.108912][ T5401] team0: Port device team_slave_1 added
[ 98.149508][ T5401] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 98.152400][ T5401] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 98.178247][ T5401] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 98.184800][ T5401] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 98.198640][ T5401] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 98.217969][ T5401] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 98.263420][ T5401] hsr_slave_0: entered promiscuous mode
[ 98.267330][ T5401] hsr_slave_1: entered promiscuous mode
[ 98.492085][ T5401] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 98.512490][ T5401] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 98.530048][ T5401] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 98.540744][ T5401] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 98.688449][ T5401] 8021q: adding VLAN 0 to HW filter on device bond0
[ 98.719399][ T5401] 8021q: adding VLAN 0 to HW filter on device team0
[ 98.735259][ T1040] bridge0: port 1(bridge_slave_0) entered blocking state
[ 98.739321][ T1040] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 98.767041][ T1040] bridge0: port 2(bridge_slave_1) entered blocking state
[ 98.770066][ T1040] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 99.098820][ T5401] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 99.165563][ T5401] veth0_vlan: entered promiscuous mode
[ 99.178869][ T5401] veth1_vlan: entered promiscuous mode
[ 99.204231][ T5401] veth0_macvtap: entered promiscuous mode
[ 99.211490][ T5401] veth1_macvtap: entered promiscuous mode
[ 99.225303][ T5401] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 99.237406][ T5401] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 99.252744][ T31] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 99.263662][ T31] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 99.267450][ T31] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 99.281140][ T31] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 99.416020][ T1040] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 99.461307][ T1040] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 99.499280][ T1040] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 99.543985][ T1040] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/11/15 15:55:06 executed programs: 0
[ 100.358922][ T4672] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 100.363381][ T4672] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 100.367284][ T4672] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 100.374510][ T4672] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 100.379789][ T4672] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 100.829780][ T5426] chnl_net:caif_netlink_parms(): no params data found
[ 100.980596][ T5426] bridge0: port 1(bridge_slave_0) entered blocking state
[ 100.983774][ T5426] bridge0: port 1(bridge_slave_0) entered disabled state
[ 100.986975][ T5426] bridge_slave_0: entered allmulticast mode
[ 100.991351][ T5426] bridge_slave_0: entered promiscuous mode
[ 100.997099][ T5426] bridge0: port 2(bridge_slave_1) entered blocking state
[ 101.000574][ T5426] bridge0: port 2(bridge_slave_1) entered disabled state
[ 101.003758][ T5426] bridge_slave_1: entered allmulticast mode
[ 101.011806][ T5426] bridge_slave_1: entered promiscuous mode
[ 101.036145][ T5426] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 101.043282][ T5426] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 101.066308][ T5426] team0: Port device team_slave_0 added
[ 101.071119][ T5426] team0: Port device team_slave_1 added
[ 101.092392][ T5426] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 101.095442][ T5426] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 101.106744][ T5426] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 101.113266][ T5426] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 101.116078][ T5426] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 101.128285][ T5426] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 101.162569][ T5426] hsr_slave_0: entered promiscuous mode
[ 101.165816][ T5426] hsr_slave_1: entered promiscuous mode
[ 101.169622][ T5426] debugfs: 'hsr0' already exists in 'hsr'
[ 101.172191][ T5426] Cannot create hsr debugfs directory
[ 101.629736][ T1040] bridge_slave_1: left allmulticast mode
[ 101.632299][ T1040] bridge_slave_1: left promiscuous mode
[ 101.635753][ T1040] bridge0: port 2(bridge_slave_1) entered disabled state
[ 101.658646][ T1040] bridge_slave_0: left allmulticast mode
[ 101.661105][ T1040] bridge_slave_0: left promiscuous mode
[ 101.664160][ T1040] bridge0: port 1(bridge_slave_0) entered disabled state
[ 102.052574][ T1040] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 102.059879][ T1040] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 102.064813][ T1040] bond0 (unregistering): Released all slaves
[ 102.190276][ T1040] hsr_slave_0: left promiscuous mode
[ 102.199980][ T1040] hsr_slave_1: left promiscuous mode
[ 102.203079][ T1040] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 102.206305][ T1040] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 102.218738][ T1040] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 102.221854][ T1040] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 102.247527][ T1040] veth1_macvtap: left promiscuous mode
[ 102.258052][ T1040] veth0_macvtap: left promiscuous mode
[ 102.261779][ T1040] veth1_vlan: left promiscuous mode
[ 102.264236][ T1040] veth0_vlan: left promiscuous mode
[ 102.449879][ T4672] Bluetooth: hci0: command tx timeout
[ 102.696169][ T1040] team0 (unregistering): Port device team_slave_1 removed
[ 102.721005][ T1040] team0 (unregistering): Port device team_slave_0 removed
[ 103.182687][ T5426] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 103.208481][ T5426] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 103.216756][ T5426] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 103.277849][ T5426] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 103.460095][ T5426] 8021q: adding VLAN 0 to HW filter on device bond0
[ 103.484190][ T5426] 8021q: adding VLAN 0 to HW filter on device team0
[ 103.504890][ T31] bridge0: port 1(bridge_slave_0) entered blocking state
[ 103.508012][ T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 103.548574][ T1040] bridge0: port 2(bridge_slave_1) entered blocking state
[ 103.552103][ T1040] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 103.856270][ T5426] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 103.896305][ T5426] veth0_vlan: entered promiscuous mode
[ 103.906826][ T5426] veth1_vlan: entered promiscuous mode
[ 103.933112][ T5426] veth0_macvtap: entered promiscuous mode
[ 103.940926][ T5426] veth1_macvtap: entered promiscuous mode
[ 103.960134][ T5426] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 103.970086][ T5426] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 103.981903][ T1039] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 103.985560][ T1039] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 104.002223][ T1039] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 104.005970][ T1039] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 104.063588][ T1039] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.067067][ T1039] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.102702][ T1039] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.106123][ T1039] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.528557][ T4672] Bluetooth: hci0: command tx timeout
[ 104.600227][ T5467] loop0: detected capacity change from 0 to 32768
[ 104.663275][ T25] audit: type=1800 audit(1763222110.723:2): pid=5467 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.17" name="bus" dev="loop0" ino=4096 res=0 errno=0
[ 104.698097][ T25] audit: type=1800 audit(1763222110.733:3): pid=5467 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.17" name="file1" dev="loop0" ino=4 res=0 errno=0
[ 106.607756][ T4672] Bluetooth: hci0: command tx timeout
[ 108.688018][ T4672] Bluetooth: hci0: command tx timeout
[ 119.200385][ T5379] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 119.203984][ T5379] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 119.207122][ T5379] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 119.211382][ T5379] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 119.215159][ T5379] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 119.574424][ T5473] chnl_net:caif_netlink_parms(): no params data found
[ 119.632322][ T5473] bridge0: port 1(bridge_slave_0) entered blocking state
[ 119.635501][ T5473] bridge0: port 1(bridge_slave_0) entered disabled state
[ 119.639070][ T5473] bridge_slave_0: entered allmulticast mode
[ 119.642954][ T5473] bridge_slave_0: entered promiscuous mode
[ 119.648676][ T5473] bridge0: port 2(bridge_slave_1) entered blocking state
[ 119.651921][ T5473] bridge0: port 2(bridge_slave_1) entered disabled state
[ 119.654973][ T5473] bridge_slave_1: entered allmulticast mode
[ 119.659492][ T5473] bridge_slave_1: entered promiscuous mode
[ 119.683037][ T5473] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 119.688927][ T5473] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 119.712717][ T5473] team0: Port device team_slave_0 added
[ 119.717023][ T5473] team0: Port device team_slave_1 added
[ 119.740330][ T5473] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 119.743262][ T5473] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 119.753734][ T5473] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 119.760062][ T5473] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 119.763167][ T5473] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 119.774319][ T5473] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 119.807224][ T5473] hsr_slave_0: entered promiscuous mode
[ 119.810608][ T5473] hsr_slave_1: entered promiscuous mode
[ 119.951334][ T5473] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 119.956890][ T5473] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 119.963214][ T5473] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 119.969797][ T5473] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 119.994943][ T5473] bridge0: port 2(bridge_slave_1) entered blocking state
[ 119.998223][ T5473] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 120.001852][ T5473] bridge0: port 1(bridge_slave_0) entered blocking state
[ 120.004864][ T5473] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 120.053120][ T5473] 8021q: adding VLAN 0 to HW filter on device bond0
[ 120.064313][ T1040] bridge0: port 1(bridge_slave_0) entered disabled state
[ 120.069295][ T1040] bridge0: port 2(bridge_slave_1) entered disabled state
[ 120.079942][ T5473] 8021q: adding VLAN 0 to HW filter on device team0
[ 120.088885][ T1040] bridge0: port 1(bridge_slave_0) entered blocking state
[ 120.091802][ T1040] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 120.098845][ T1040] bridge0: port 2(bridge_slave_1) entered blocking state
[ 120.101669][ T1040] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 120.280004][ T5473] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 120.311152][ T5473] veth0_vlan: entered promiscuous mode
[ 120.320433][ T5473] veth1_vlan: entered promiscuous mode
[ 120.343214][ T5473] veth0_macvtap: entered promiscuous mode
[ 120.349365][ T5473] veth1_macvtap: entered promiscuous mode
[ 120.362821][ T5473] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 120.373631][ T5473] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 120.381983][ T1040] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 120.387187][ T1040] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 120.401570][ T1040] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 120.405269][ T1040] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 120.456326][ T1040] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 120.477922][ T1040] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 120.539484][ T1039] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 120.543745][ T1039] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/11/15 15:55:26 executed programs: 3
[ 121.249465][ T4672] Bluetooth: hci1: command tx timeout
[ 123.328512][ T4672] Bluetooth: hci1: command tx timeout
[ 125.408358][ T4672] Bluetooth: hci1: command tx timeout
2025/11/15 15:55:31 executed programs: 6
[ 127.488029][ T4672] Bluetooth: hci1: command tx timeout
2025/11/15 15:55:37 executed programs: 9
2025/11/15 15:55:43 executed programs: 13
[ 137.970034][ T1313] ieee802154 phy0 wpan0: encryption failed: -22
[ 137.973104][ T1313] ieee802154 phy1 wpan1: encryption failed: -22
2025/11/15 15:55:50 executed programs: 17
2025/11/15 15:55:56 executed programs: 21
2025/11/15 15:56:02 executed programs: 25
2025/11/15 15:56:08 executed programs: 29
2025/11/15 15:56:15 executed programs: 33
2025/11/15 15:56:21 executed programs: 37
2025/11/15 15:56:27 executed programs: 41
2025/11/15 15:56:34 executed programs: 45
2025/11/15 15:56:40 executed programs: 49
[ 199.410518][ T1313] ieee802154 phy0 wpan0: encryption failed: -22
[ 199.413323][ T1313] ieee802154 phy1 wpan1: encryption failed: -22
2025/11/15 15:56:46 executed programs: 53
2025/11/15 15:56:51 executed programs: 56
2025/11/15 15:56:58 executed programs: 60
2025/11/15 15:57:03 executed programs: 63
2025/11/15 15:57:09 executed programs: 67
[ 227.089266][ T5379] Bluetooth: hci0: command 0x0406 tx timeout
2025/11/15 15:57:15 executed programs: 71
2025/11/15 15:57:22 executed programs: 75
2025/11/15 15:57:28 executed programs: 79
[ 242.449081][ T4672] Bluetooth: hci1: command 0x0406 tx timeout
2025/11/15 15:57:34 executed programs: 83
[ 248.695295][ T26] INFO: task syz.0.17:5467 blocked for more than 143 seconds.
[ 248.711839][ T26] Not tainted syzkaller #0
[ 248.717923][ T26] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 248.721737][ T26] task:syz.0.17 state:D stack:22952 pid:5467 tgid:5467 ppid:5426 task_flags:0x400140 flags:0x00080003
[ 248.740142][ T26] Call Trace:
[ 248.741790][ T26]
[ 248.743205][ T26] __schedule+0x1798/0x4cc0
[ 248.747406][ T26] ? blk_mq_flush_plug_list+0x41f/0x550
[ 248.761851][ T26] ? __lock_acquire+0xab9/0xd20
[ 248.764044][ T26] ? __pfx_blk_mq_flush_plug_list+0x10/0x10
[ 248.766741][ T26] ? __pfx___schedule+0x10/0x10
[ 248.778151][ T26] ? schedule+0x91/0x360
[ 248.780562][ T26] schedule+0x165/0x360
[ 248.782803][ T26] io_schedule+0x80/0xd0
[ 248.785075][ T26] lock_metapage+0x1f3/0x400
[ 248.798183][ T26] ? lock_metapage+0x10b/0x400
[ 248.800412][ T26] ? __pfx_lock_metapage+0x10/0x10
[ 248.802623][ T26] ? __pfx_default_wake_function+0x10/0x10
[ 248.805144][ T26] ? __filemap_get_folio+0x79f/0xaf0
[ 248.817719][ T26] __get_metapage+0x497/0xde0
[ 248.819959][ T26] xtSplitPage+0x284/0x21a0
[ 248.822160][ T26] ? dbAlloc+0x7ae/0xba0
[ 248.824533][ T26] xtSplitUp+0x31b/0x1f40
[ 248.826726][ T26] ? folio_unlock+0x101/0x160
[ 248.839194][ T26] ? __get_metapage+0x865/0xde0
[ 248.841927][ T26] ? __pfx_xtSplitUp+0x10/0x10
[ 248.844091][ T26] xtInsert+0x415/0xe30
[ 248.845933][ T26] ? __lock_acquire+0xab9/0xd20
[ 248.867650][ T26] ? do_raw_spin_lock+0x121/0x290
[ 248.869878][ T26] ? __pfx_xtInsert+0x10/0x10
[ 248.872132][ T26] ? rcu_is_watching+0x15/0xb0
[ 248.874158][ T26] ? __mark_inode_dirty+0x3d2/0xe10
[ 248.876445][ T26] extAlloc+0xa9a/0xfb0
[ 248.887655][ T26] ? __pfx_extAlloc+0x10/0x10
[ 248.889823][ T26] ? down_write_nested+0x169/0x200
[ 248.892181][ T26] ? __pfx_down_write_nested+0x10/0x10
[ 248.894771][ T26] jfs_get_block+0x346/0xab0
[ 248.896713][ T26] ? __pfx_jfs_get_block+0x10/0x10
[ 248.908116][ T26] ? iov_iter_extract_bvec_pages+0x72e/0x7d0
[ 248.917876][ T26] ? blk_start_plug+0x6f/0x1b0
[ 248.919904][ T26] ? __pfx_jfs_get_block+0x10/0x10
[ 248.921955][ T26] __blockdev_direct_IO+0x16ff/0x3490
[ 248.933651][ T26] ? __pfx___blockdev_direct_IO+0x10/0x10
[ 248.936192][ T26] ? __pfx_invalidate_inode_pages2_range+0x10/0x10
[ 248.948241][ T26] ? __pfx_jfs_get_block+0x10/0x10
[ 248.952068][ T26] ? filemap_write_and_wait_range+0x18a/0x320
[ 248.954740][ T26] ? __pfx_filemap_write_and_wait_range+0x10/0x10
[ 248.968369][ T26] ? current_time+0x222/0x370
[ 248.971238][ T26] ? __pfx_current_time+0x10/0x10
[ 248.974113][ T26] jfs_direct_IO+0x119/0x220
[ 248.976799][ T26] generic_file_direct_write+0x1db/0x3e0
[ 248.988113][ T26] ? file_update_time+0x2da/0x490
[ 248.997811][ T26] __generic_file_write_iter+0x11d/0x230
[ 249.000235][ T26] ? generic_file_write_iter+0x103/0x550
[ 249.002644][ T26] generic_file_write_iter+0x117/0x550
[ 249.005019][ T26] ? __pfx_generic_file_write_iter+0x10/0x10
[ 249.017729][ T26] ? splice_from_pipe_next+0x61d/0x670
[ 249.020214][ T26] ? __asan_memset+0x22/0x50
[ 249.022291][ T26] iter_file_splice_write+0x975/0x10e0
[ 249.024805][ T26] ? __pfx_iter_file_splice_write+0x10/0x10
[ 249.027403][ T26] ? rcu_read_lock_any_held+0xb3/0x120
[ 249.040067][ T26] ? direct_splice_actor+0x10c/0x160
[ 249.041965][ T26] ? __pfx_iter_file_splice_write+0x10/0x10
[ 249.043889][ T26] direct_splice_actor+0x101/0x160
[ 249.045589][ T26] splice_direct_to_actor+0x5a8/0xcc0
[ 249.047517][ T26] ? __pfx_direct_splice_actor+0x10/0x10
[ 249.056539][ T26] ? __pfx_splice_direct_to_actor+0x10/0x10
[ 249.070339][ T26] ? futex_hash+0x40/0x2d0
[ 249.072440][ T26] ? futex_hash+0x2ad/0x2d0
[ 249.074662][ T26] do_splice_direct+0x181/0x270
[ 249.077122][ T26] ? __pfx_do_splice_direct+0x10/0x10
[ 249.088177][ T26] ? __pfx_direct_file_splice_eof+0x10/0x10
[ 249.090896][ T26] ? rw_verify_area+0x255/0x4d0
[ 249.097921][ T26] do_sendfile+0x4da/0x7e0
[ 249.099922][ T26] ? __pfx_do_sendfile+0x10/0x10
[ 249.102139][ T26] ? __se_sys_futex+0x36f/0x400
[ 249.114580][ T26] __se_sys_sendfile64+0x13e/0x190
[ 249.116739][ T26] ? __pfx___se_sys_futex+0x10/0x10
[ 249.127683][ T26] ? __pfx___se_sys_sendfile64+0x10/0x10
[ 249.130183][ T26] ? do_syscall_64+0xbe/0xfa0
[ 249.132124][ T26] do_syscall_64+0xfa/0xfa0
[ 249.134052][ T26] ? lockdep_hardirqs_on+0x9c/0x150
[ 249.136264][ T26] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 249.147640][ T26] ? clear_bhb_loop+0x60/0xb0
[ 249.149549][ T26] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 249.158492][ T26] RIP: 0033:0x7f2d3bb8f6c9
[ 249.160993][ T26] RSP: 002b:00007ffd7a81ed08 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 249.168221][ T26] RAX: ffffffffffffffda RBX: 00007f2d3bde5fa0 RCX: 00007f2d3bb8f6c9
[ 249.171297][ T26] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000006
[ 249.174402][ T26] RBP: 00007f2d3bc11f91 R08: 0000000000000000 R09: 0000000000000000
[ 249.189521][ T26] R10: 000000080000000c R11: 0000000000000246 R12: 0000000000000000
[ 249.192930][ T26] R13: 00007f2d3bde5fa0 R14: 00007f2d3bde5fa0 R15: 0000000000000004
[ 249.196303][ T26]
[ 249.207750][ T26]
[ 249.207750][ T26] Showing all locks held in the system:
[ 249.217707][ T26] 1 lock held by khungtaskd/26:
[ 249.219743][ T26] #0: ffffffff8df3d6e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 249.223505][ T26] 4 locks held by kworker/u4:7/1040:
[ 249.237321][ T26] #0: ffff888030fa3148 ((wq_completion)writeback){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 249.247659][ T26] #1: ffffc90002537ba0 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 249.252305][ T26] #2: ffff88801174c0e0 (&type->s_umount_key#54){.+.+}-{4:4}, at: super_trylock_shared+0x20/0xf0
[ 249.267224][ T26] #3: ffff8880008d38b8 (&jfs_ip->commit_mutex){+.+.}-{4:4}, at: jfs_commit_inode+0x1ca/0x530
[ 249.271464][ T26] 2 locks held by getty/5111:
[ 249.273038][ T26] #0: ffff8880331640a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 249.277098][ T26] #1: ffffc9000018e2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[ 249.291623][ T26] 4 locks held by syz.0.17/5467:
[ 249.293885][ T26] #0: ffff88801174c420 (sb_writers#12){.+.+}-{0:0}, at: direct_splice_actor+0x49/0x160
[ 249.307999][ T26] #1: ffff8880008d4eb8 (&sb->s_type->i_mutex_key#20){+.+.}-{4:4}, at: generic_file_write_iter+0xeb/0x550
[ 249.317871][ T26] #2: ffff8880008d4a78 (&jfs_ip->rdwrlock#3){++++}-{4:4}, at: jfs_get_block+0x141/0xab0
[ 249.322493][ T26] #3: ffff8880008d4b08 (&jfs_ip->commit_mutex){+.+.}-{4:4}, at: extAlloc+0x13c/0xfb0
[ 249.337095][ T26]
[ 249.339418][ T26] =============================================
[ 249.339418][ T26]
[ 249.347916][ T26] NMI backtrace for cpu 0
[ 249.347929][ T26] CPU: 0 UID: 0 PID: 26 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full)
[ 249.347942][ T26] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 249.347949][ T26] Call Trace:
[ 249.347954][ T26]
[ 249.347959][ T26] dump_stack_lvl+0x189/0x250
[ 249.347982][ T26] ? __pfx_dump_stack_lvl+0x10/0x10
[ 249.347996][ T26] ? __pfx__printk+0x10/0x10
[ 249.348015][ T26] nmi_cpu_backtrace+0x39e/0x3d0
[ 249.348029][ T26] ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 249.348042][ T26] ? __pfx__printk+0x10/0x10
[ 249.348055][ T26] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 249.348074][ T26] nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 249.348087][ T26] watchdog+0xf60/0xfa0
[ 249.348102][ T26] ? watchdog+0x1e2/0xfa0
[ 249.348116][ T26] kthread+0x711/0x8a0
[ 249.348133][ T26] ? __pfx_watchdog+0x10/0x10
[ 249.348143][ T26] ? __pfx_kthread+0x10/0x10
[ 249.348158][ T26] ? _raw_spin_unlock_irq+0x23/0x50
[ 249.348173][ T26] ? lockdep_hardirqs_on+0x9c/0x150
[ 249.348186][ T26] ? __pfx_kthread+0x10/0x10
[ 249.348201][ T26] ret_from_fork+0x4bc/0x870
[ 249.348214][ T26] ? __pfx_ret_from_fork+0x10/0x10
[ 249.348237][ T26] ? __pfx_kthread+0x10/0x10
[ 249.348252][ T26] ret_from_fork_asm+0x1a/0x30
[ 249.348271][ T26]
2025/11/15 15:57:39 executed programs: 86
VM DIAGNOSIS:
15:57:34 Registers:
info registers vcpu 0
CPU#0
RAX=8559c31f52e52e00 RBX=0000000000000000 RCX=8559c31f52e52e00 RDX=0000000000000000
RSI=ffffffff8d8f7dbd RDI=ffffffff8bbf18e0 RBP=ffffffff821be47c RSP=ffffc9000cedf478
R8 =0000000000000000 R9 =ffffffff821be47c R10=0000000000000001 R11=0000000000000000
R12=0000000000000000 R13=ffff88801fe3f910 R14=0000000000000001 R15=0000000000000246
RIP=ffffffff819d52c5 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f826e7ec740 ffffffff 00c00000
GS =0000 ffff88808d730000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007f826e82ee80 CR3=0000000011aef000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000cc160081 Opmask01=0000000000000001 Opmask02=00000000bfffbfff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555fbf74bb74 0000555fbf74bb74
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffed909ffa0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555fbf817870 0000555fbf77ff40
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555fbf7352c0 0000555fbf735370
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000a6425006469 702e73257325002f 6e75722f7261762f 0036353261687300
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000a410000414c 550b56005600000a 4b50570a5744530a 00131017444d5600
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ef4732f400000000 000080fe00010014 00000007fd80400a c3d15c7c6918a25e
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000008000080008 0000173b0000173b ffffffffffffffff 00060014b28460b0
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 301c0fcb00000000 000080fe00010014 00000008fd80400a c3d15c7c6918a25e
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0002001400000048 0000008000080008 0000173700001737 ffffffffffffffff
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00060014194430e7 ef4732f400000000 000080fe00010014 00000007fd80400a
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a33206120646520 64200a0a650a6565 206464203233006d 6420203600622020
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbff52532232d20
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 262821df2e2e33df 3228df3232202b22 df312e232d2435bf 2324353124322431
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000