Warning: Permanently added '[localhost]:14724' (ED25519) to the list of known hosts.
2025/11/15 12:15:41 parsed 1 programs
syzkaller login: [ 85.249556][ T5311] cgroup: Unknown subsys name 'net'
[ 85.337640][ T5311] cgroup: Unknown subsys name 'cpuset'
[ 85.343517][ T5311] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 87.038757][ T5311] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 91.662625][ T5325] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 91.888884][ T5333] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 91.893095][ T5333] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 91.897502][ T5333] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 91.901756][ T5333] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 91.905715][ T5333] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 92.006892][ T9] cfg80211: failed to load regulatory.db
[ 93.256904][ T5346] chnl_net:caif_netlink_parms(): no params data found
[ 93.328188][ T5346] bridge0: port 1(bridge_slave_0) entered blocking state
[ 93.332724][ T5346] bridge0: port 1(bridge_slave_0) entered disabled state
[ 93.336484][ T5346] bridge_slave_0: entered allmulticast mode
[ 93.340450][ T5346] bridge_slave_0: entered promiscuous mode
[ 93.347033][ T5346] bridge0: port 2(bridge_slave_1) entered blocking state
[ 93.350554][ T5346] bridge0: port 2(bridge_slave_1) entered disabled state
[ 93.354827][ T5346] bridge_slave_1: entered allmulticast mode
[ 93.358799][ T5346] bridge_slave_1: entered promiscuous mode
[ 93.386131][ T5346] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 93.392889][ T5346] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 93.417886][ T5346] team0: Port device team_slave_0 added
[ 93.422941][ T5346] team0: Port device team_slave_1 added
[ 93.451879][ T5346] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 93.456033][ T5346] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 93.467626][ T5346] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 93.475067][ T5346] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 93.478335][ T5346] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 93.490565][ T5346] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 93.526190][ T5346] hsr_slave_0: entered promiscuous mode
[ 93.530005][ T5346] hsr_slave_1: entered promiscuous mode
[ 93.677714][ T5346] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 93.689268][ T5346] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 93.695995][ T5346] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 93.702971][ T5346] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 93.733529][ T5346] bridge0: port 2(bridge_slave_1) entered blocking state
[ 93.737252][ T5346] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 93.741357][ T5346] bridge0: port 1(bridge_slave_0) entered blocking state
[ 93.744513][ T5346] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 93.804343][ T5346] 8021q: adding VLAN 0 to HW filter on device bond0
[ 93.826877][ T1042] bridge0: port 1(bridge_slave_0) entered disabled state
[ 93.832393][ T1042] bridge0: port 2(bridge_slave_1) entered disabled state
[ 93.847517][ T5346] 8021q: adding VLAN 0 to HW filter on device team0
[ 93.858371][ T1042] bridge0: port 1(bridge_slave_0) entered blocking state
[ 93.862338][ T1042] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 93.872561][ T31] bridge0: port 2(bridge_slave_1) entered blocking state
[ 93.875841][ T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 94.069462][ T5346] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 94.112869][ T5346] veth0_vlan: entered promiscuous mode
[ 94.122152][ T5346] veth1_vlan: entered promiscuous mode
[ 94.151471][ T5346] veth0_macvtap: entered promiscuous mode
[ 94.160322][ T5346] veth1_macvtap: entered promiscuous mode
[ 94.178306][ T5346] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 94.190213][ T5346] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 94.205004][ T1042] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 94.216320][ T1042] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 94.220114][ T1042] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 94.235763][ T1042] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 94.455554][ T5346] syz-executor (5346) used greatest stack depth: 19064 bytes left
[ 94.495647][ T1042] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 94.546537][ T1042] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 94.597090][ T1042] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 94.639634][ T1042] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 95.577286][ T1041] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 95.580640][ T1041] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 95.644567][ T43] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 95.648085][ T43] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 96.954482][ T1042] bridge_slave_1: left allmulticast mode
[ 96.957540][ T1042] bridge_slave_1: left promiscuous mode
[ 96.961101][ T1042] bridge0: port 2(bridge_slave_1) entered disabled state
[ 97.055065][ T1042] bridge_slave_0: left allmulticast mode
[ 97.057605][ T1042] bridge_slave_0: left promiscuous mode
[ 97.060145][ T1042] bridge0: port 1(bridge_slave_0) entered disabled state
[ 97.746352][ T1042] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 97.765342][ T1042] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 97.770612][ T1042] bond0 (unregistering): Released all slaves
[ 97.875004][ T1042] hsr_slave_0: left promiscuous mode
[ 97.883286][ T1042] hsr_slave_1: left promiscuous mode
[ 97.897123][ T1042] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 97.901216][ T1042] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 97.916133][ T1042] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 97.919428][ T1042] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 97.941548][ T1042] veth1_macvtap: left promiscuous mode
[ 97.954604][ T1042] veth0_macvtap: left promiscuous mode
[ 97.957462][ T1042] veth1_vlan: left promiscuous mode
[ 97.960089][ T1042] veth0_vlan: left promiscuous mode
[ 98.403332][ T1042] team0 (unregistering): Port device team_slave_1 removed
[ 98.427836][ T1042] team0 (unregistering): Port device team_slave_0 removed
2025/11/15 12:16:01 executed programs: 0
[ 102.885891][ T5333] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 102.891127][ T5333] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 102.898690][ T5333] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 102.904331][ T5333] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 102.908168][ T5333] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 103.331957][ T5452] chnl_net:caif_netlink_parms(): no params data found
[ 103.447038][ T5452] bridge0: port 1(bridge_slave_0) entered blocking state
[ 103.451351][ T5452] bridge0: port 1(bridge_slave_0) entered disabled state
[ 103.455101][ T5452] bridge_slave_0: entered allmulticast mode
[ 103.461208][ T5452] bridge_slave_0: entered promiscuous mode
[ 103.466546][ T5452] bridge0: port 2(bridge_slave_1) entered blocking state
[ 103.469699][ T5452] bridge0: port 2(bridge_slave_1) entered disabled state
[ 103.472862][ T5452] bridge_slave_1: entered allmulticast mode
[ 103.477328][ T5452] bridge_slave_1: entered promiscuous mode
[ 103.503068][ T5452] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 103.511340][ T5452] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 103.535195][ T5452] team0: Port device team_slave_0 added
[ 103.540349][ T5452] team0: Port device team_slave_1 added
[ 103.560700][ T5452] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 103.563659][ T5452] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 103.576378][ T5452] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 103.582444][ T5452] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 103.586198][ T5452] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 103.606491][ T5452] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 103.650669][ T5452] hsr_slave_0: entered promiscuous mode
[ 103.655854][ T5452] hsr_slave_1: entered promiscuous mode
[ 104.294221][ T5452] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 104.307347][ T5452] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 104.334158][ T5452] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 104.356503][ T5452] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 104.587938][ T5452] 8021q: adding VLAN 0 to HW filter on device bond0
[ 104.643650][ T5452] 8021q: adding VLAN 0 to HW filter on device team0
[ 104.669620][ T31] bridge0: port 1(bridge_slave_0) entered blocking state
[ 104.672921][ T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 104.702646][ T43] bridge0: port 2(bridge_slave_1) entered blocking state
[ 104.706272][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 104.967718][ T5333] Bluetooth: hci0: command tx timeout
[ 105.167582][ T5452] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 105.248204][ T5452] veth0_vlan: entered promiscuous mode
[ 105.271793][ T5452] veth1_vlan: entered promiscuous mode
[ 105.330242][ T5452] veth0_macvtap: entered promiscuous mode
[ 105.346301][ T5452] veth1_macvtap: entered promiscuous mode
[ 105.376450][ T5452] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 105.397526][ T5452] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 105.428591][ T31] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 105.437750][ T31] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 105.441699][ T31] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 105.455412][ T31] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 105.582142][ T31] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.587661][ T31] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.646419][ T43] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.649487][ T43] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 106.310516][ T5496] loop0: detected capacity change from 0 to 32768
[ 106.448922][ T25] audit: type=1800 audit(1763208965.137:2): pid=5496 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.17" name="bus" dev="loop0" ino=4096 res=0 errno=0
[ 106.496069][ T25] audit: type=1800 audit(1763208965.187:3): pid=5496 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.17" name="file1" dev="loop0" ino=4 res=0 errno=0
[ 107.045582][ T5333] Bluetooth: hci0: command tx timeout
[ 109.125317][ T5333] Bluetooth: hci0: command tx timeout
[ 111.204024][ T5333] Bluetooth: hci0: command tx timeout
[ 120.793151][ T4666] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 120.797550][ T4666] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 120.802877][ T4666] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 120.815174][ T4666] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 120.818931][ T4666] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 121.269956][ T5523] chnl_net:caif_netlink_parms(): no params data found
[ 121.369456][ T5523] bridge0: port 1(bridge_slave_0) entered blocking state
[ 121.373410][ T5523] bridge0: port 1(bridge_slave_0) entered disabled state
[ 121.378061][ T5523] bridge_slave_0: entered allmulticast mode
[ 121.381997][ T5523] bridge_slave_0: entered promiscuous mode
[ 121.386999][ T5523] bridge0: port 2(bridge_slave_1) entered blocking state
[ 121.390138][ T5523] bridge0: port 2(bridge_slave_1) entered disabled state
[ 121.393273][ T5523] bridge_slave_1: entered allmulticast mode
[ 121.397631][ T5523] bridge_slave_1: entered promiscuous mode
[ 121.420855][ T5523] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 121.427775][ T5523] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 121.453494][ T5523] team0: Port device team_slave_0 added
[ 121.458749][ T5523] team0: Port device team_slave_1 added
[ 121.482385][ T5523] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 121.486214][ T5523] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 121.498322][ T5523] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 121.504344][ T5523] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 121.507386][ T5523] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 121.519180][ T5523] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 121.556176][ T5523] hsr_slave_0: entered promiscuous mode
[ 121.559590][ T5523] hsr_slave_1: entered promiscuous mode
[ 121.562838][ T5523] debugfs: 'hsr0' already exists in 'hsr'
[ 121.566348][ T5523] Cannot create hsr debugfs directory
[ 121.723290][ T5523] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 121.731302][ T5523] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 121.738130][ T5523] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 121.745145][ T5523] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 121.772785][ T5523] bridge0: port 2(bridge_slave_1) entered blocking state
[ 121.776119][ T5523] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 121.779437][ T5523] bridge0: port 1(bridge_slave_0) entered blocking state
[ 121.782664][ T5523] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 121.839777][ T5523] 8021q: adding VLAN 0 to HW filter on device bond0
[ 121.856671][ T1091] bridge0: port 1(bridge_slave_0) entered disabled state
[ 121.861542][ T1091] bridge0: port 2(bridge_slave_1) entered disabled state
[ 121.873645][ T5523] 8021q: adding VLAN 0 to HW filter on device team0
[ 121.888346][ T1091] bridge0: port 1(bridge_slave_0) entered blocking state
[ 121.891445][ T1091] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 121.904330][ T1091] bridge0: port 2(bridge_slave_1) entered blocking state
[ 121.907918][ T1091] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 122.111928][ T5523] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 122.151389][ T5523] veth0_vlan: entered promiscuous mode
[ 122.161456][ T5523] veth1_vlan: entered promiscuous mode
[ 122.219961][ T5523] veth0_macvtap: entered promiscuous mode
[ 122.246967][ T5523] veth1_macvtap: entered promiscuous mode
[ 122.293177][ T5523] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 122.340957][ T5523] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 122.406734][ T1091] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 122.416627][ T1091] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 122.441489][ T1091] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 122.464027][ T1091] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 122.591164][ T43] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 122.614460][ T43] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 122.667331][ T1042] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 122.673031][ T1042] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/11/15 12:16:21 executed programs: 3
[ 122.884437][ T5333] Bluetooth: hci1: command tx timeout
[ 124.963896][ T5333] Bluetooth: hci1: command tx timeout
[ 127.044620][ T5333] Bluetooth: hci1: command tx timeout
[ 129.123989][ T5333] Bluetooth: hci1: command tx timeout
2025/11/15 12:16:28 executed programs: 7
2025/11/15 12:16:33 executed programs: 10
[ 138.087904][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[ 138.090839][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
2025/11/15 12:16:39 executed programs: 14
2025/11/15 12:16:46 executed programs: 18
2025/11/15 12:16:52 executed programs: 22
2025/11/15 12:16:58 executed programs: 26
2025/11/15 12:17:05 executed programs: 30
2025/11/15 12:17:11 executed programs: 34
2025/11/15 12:17:17 executed programs: 38
2025/11/15 12:17:23 executed programs: 42
2025/11/15 12:17:30 executed programs: 46
2025/11/15 12:17:36 executed programs: 50
[ 199.526053][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[ 199.529113][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
2025/11/15 12:17:42 executed programs: 54
2025/11/15 12:17:49 executed programs: 58
2025/11/15 12:17:55 executed programs: 62
2025/11/15 12:18:01 executed programs: 66
[ 227.211100][ T4666] Bluetooth: hci0: command 0x0406 tx timeout
2025/11/15 12:18:07 executed programs: 70
2025/11/15 12:18:13 executed programs: 74
2025/11/15 12:18:20 executed programs: 78
[ 247.692827][ T4666] Bluetooth: hci1: command 0x0406 tx timeout
2025/11/15 12:18:26 executed programs: 82
2025/11/15 12:18:32 executed programs: 86
2025/11/15 12:18:38 executed programs: 90
[ 260.968132][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[ 260.970957][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
2025/11/15 12:18:45 executed programs: 94
[ 269.284590][ T26] INFO: task kworker/u4:2:31 blocked for more than 143 seconds.
[ 269.287942][ T26] Not tainted syzkaller #0
[ 269.290593][ T26] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 269.295569][ T26] task:kworker/u4:2 state:D stack:19944 pid:31 tgid:31 ppid:2 task_flags:0x4208060 flags:0x00080000
[ 269.300631][ T26] Workqueue: writeback wb_workfn (flush-7:0)
[ 269.303345][ T26] Call Trace:
[ 269.305697][ T26]
[ 269.307197][ T26] __schedule+0x1798/0x4cc0
[ 269.309572][ T26] ? blk_mq_flush_plug_list+0x41f/0x550
[ 269.312242][ T26] ? __lock_acquire+0xab9/0xd20
[ 269.314867][ T26] ? __pfx_blk_mq_flush_plug_list+0x10/0x10
[ 269.317523][ T26] ? __pfx___schedule+0x10/0x10
[ 269.319546][ T26] ? schedule+0x91/0x360
[ 269.321394][ T26] schedule+0x165/0x360
[ 269.323380][ T26] io_schedule+0x80/0xd0
[ 269.326403][ T26] lock_metapage+0x1f3/0x400
[ 269.328529][ T26] ? lock_metapage+0x10b/0x400
[ 269.330629][ T26] ? __pfx_lock_metapage+0x10/0x10
[ 269.332901][ T26] ? __pfx_default_wake_function+0x10/0x10
[ 269.336609][ T26] ? do_read_cache_folio+0x4c6/0x590
[ 269.340373][ T26] ? __pfx_metapage_read_folio+0x10/0x10
[ 269.342746][ T26] __get_metapage+0x497/0xde0
[ 269.345751][ T26] diWrite+0x401/0x1f40
[ 269.348285][ T26] ? txBegin+0x959/0xb10
[ 269.350112][ T26] txCommit+0x852/0x5430
[ 269.351946][ T26] ? __pfx_txCommit+0x10/0x10
[ 269.354567][ T26] ? __lock_acquire+0xab9/0xd20
[ 269.356702][ T26] jfs_commit_inode+0x2ef/0x530
[ 269.359089][ T26] ? __pfx_jfs_commit_inode+0x10/0x10
[ 269.361567][ T26] jfs_write_inode+0x145/0x220
[ 269.363685][ T26] __writeback_single_inode+0x6f1/0xff0
[ 269.366730][ T26] writeback_sb_inodes+0x6c7/0x1010
[ 269.369018][ T26] ? __pfx_writeback_sb_inodes+0x10/0x10
[ 269.371676][ T26] ? __pfx_down_read_trylock+0x10/0x10
[ 269.374766][ T26] ? __pfx___up_read+0x10/0x10
[ 269.376994][ T26] __writeback_inodes_wb+0x111/0x240
[ 269.379229][ T26] wb_writeback+0x44f/0xaf0
[ 269.381154][ T26] ? queue_io+0x2e1/0x590
[ 269.383193][ T26] ? __pfx_wb_writeback+0x10/0x10
[ 269.386490][ T26] wb_workfn+0x90b/0xef0
[ 269.388395][ T26] ? __pfx_wb_workfn+0x10/0x10
[ 269.390597][ T26] ? __lock_acquire+0xab9/0xd20
[ 269.392799][ T26] ? _raw_spin_unlock_irq+0x23/0x50
[ 269.396517][ T26] ? process_scheduled_works+0x9ef/0x17b0
[ 269.399173][ T26] ? process_scheduled_works+0x9ef/0x17b0
[ 269.401799][ T26] process_scheduled_works+0xae1/0x17b0
[ 269.404858][ T26] ? __pfx_process_scheduled_works+0x10/0x10
[ 269.407652][ T26] worker_thread+0x8a0/0xda0
[ 269.409648][ T26] kthread+0x711/0x8a0
[ 269.411554][ T26] ? __pfx_worker_thread+0x10/0x10
[ 269.414963][ T26] ? __pfx_kthread+0x10/0x10
[ 269.417249][ T26] ? _raw_spin_unlock_irq+0x23/0x50
[ 269.419635][ T26] ? lockdep_hardirqs_on+0x9c/0x150
[ 269.422013][ T26] ? __pfx_kthread+0x10/0x10
[ 269.424793][ T26] ret_from_fork+0x4bc/0x870
[ 269.426812][ T26] ? __pfx_ret_from_fork+0x10/0x10
[ 269.428999][ T26] ? __pfx_kthread+0x10/0x10
[ 269.431186][ T26] ret_from_fork_asm+0x1a/0x30
[ 269.433431][ T26]
[ 269.436496][ T26] INFO: task syz.0.17:5496 blocked for more than 143 seconds.
[ 269.439681][ T26] Not tainted syzkaller #0
[ 269.442953][ T26] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 269.447245][ T26] task:syz.0.17 state:D stack:22952 pid:5496 tgid:5496 ppid:5452 task_flags:0x400140 flags:0x00080003
[ 269.452870][ T26] Call Trace:
[ 269.454755][ T26]
[ 269.456045][ T26] __schedule+0x1798/0x4cc0
[ 269.458031][ T26] ? blk_mq_flush_plug_list+0x41f/0x550
[ 269.460430][ T26] ? __lock_acquire+0xab9/0xd20
[ 269.462503][ T26] ? __pfx_blk_mq_flush_plug_list+0x10/0x10
[ 269.465807][ T26] ? __pfx___schedule+0x10/0x10
[ 269.468080][ T26] ? schedule+0x91/0x360
[ 269.469886][ T26] schedule+0x165/0x360
[ 269.471645][ T26] io_schedule+0x80/0xd0
[ 269.473462][ T26] lock_metapage+0x1f3/0x400
[ 269.476009][ T26] ? lock_metapage+0x10b/0x400
[ 269.478138][ T26] ? __pfx_lock_metapage+0x10/0x10
[ 269.480480][ T26] ? __pfx_default_wake_function+0x10/0x10
[ 269.483148][ T26] ? __filemap_get_folio+0x79f/0xaf0
[ 269.485918][ T26] __get_metapage+0x497/0xde0
[ 269.487728][ T26] xtSplitPage+0x284/0x21a0
[ 269.489496][ T26] ? dbAlloc+0x7ae/0xba0
[ 269.491327][ T26] xtSplitUp+0x31b/0x1f40
[ 269.493150][ T26] ? folio_unlock+0x101/0x160
[ 269.495778][ T26] ? __get_metapage+0x865/0xde0
[ 269.498005][ T26] ? __pfx_xtSplitUp+0x10/0x10
[ 269.499985][ T26] xtInsert+0x415/0xe30
[ 269.501792][ T26] ? __lock_acquire+0xab9/0xd20
[ 269.506904][ T26] ? do_raw_spin_lock+0x121/0x290
[ 269.510039][ T26] ? __pfx_xtInsert+0x10/0x10
[ 269.512310][ T26] ? rcu_is_watching+0x15/0xb0
[ 269.514760][ T26] ? __mark_inode_dirty+0x3d2/0xe10
[ 269.517021][ T26] extAlloc+0xa9a/0xfb0
[ 269.518824][ T26] ? __pfx_extAlloc+0x10/0x10
[ 269.521258][ T26] ? down_write_nested+0x169/0x200
[ 269.523489][ T26] ? __pfx_down_write_nested+0x10/0x10
[ 269.527039][ T26] jfs_get_block+0x346/0xab0
[ 269.529013][ T26] ? __pfx_jfs_get_block+0x10/0x10
[ 269.531063][ T26] ? iov_iter_extract_bvec_pages+0x72e/0x7d0
[ 269.533636][ T26] ? blk_start_plug+0x6f/0x1b0
[ 269.536460][ T26] ? __pfx_jfs_get_block+0x10/0x10
[ 269.538850][ T26] __blockdev_direct_IO+0x16ff/0x3490
[ 269.541461][ T26] ? __pfx___blockdev_direct_IO+0x10/0x10
[ 269.546109][ T26] ? __pfx_invalidate_inode_pages2_range+0x10/0x10
[ 269.548753][ T26] ? __pfx_jfs_get_block+0x10/0x10
[ 269.550819][ T26] ? filemap_write_and_wait_range+0x18a/0x320
[ 269.553314][ T26] ? __pfx_filemap_write_and_wait_range+0x10/0x10
[ 269.556845][ T26] ? current_time+0x222/0x370
[ 269.559800][ T26] ? __pfx_current_time+0x10/0x10
[ 269.562509][ T26] jfs_direct_IO+0x119/0x220
[ 269.565152][ T26] generic_file_direct_write+0x1db/0x3e0
[ 269.567746][ T26] ? file_update_time+0x2da/0x490
[ 269.569924][ T26] __generic_file_write_iter+0x11d/0x230
[ 269.572761][ T26] ? generic_file_write_iter+0x103/0x550
[ 269.575764][ T26] generic_file_write_iter+0x117/0x550
[ 269.578432][ T26] ? __pfx_generic_file_write_iter+0x10/0x10
[ 269.581220][ T26] ? splice_from_pipe_next+0x61d/0x670
[ 269.583612][ T26] ? __asan_memset+0x22/0x50
[ 269.586279][ T26] iter_file_splice_write+0x975/0x10e0
[ 269.589476][ T26] ? __pfx_iter_file_splice_write+0x10/0x10
[ 269.592467][ T26] ? rcu_read_lock_any_held+0xb3/0x120
[ 269.595712][ T26] ? direct_splice_actor+0x10c/0x160
[ 269.598226][ T26] ? __pfx_iter_file_splice_write+0x10/0x10
[ 269.601074][ T26] direct_splice_actor+0x101/0x160
[ 269.603540][ T26] splice_direct_to_actor+0x5a8/0xcc0
[ 269.606569][ T26] ? __pfx_direct_splice_actor+0x10/0x10
[ 269.609077][ T26] ? __pfx_splice_direct_to_actor+0x10/0x10
[ 269.611795][ T26] ? futex_hash+0x40/0x2d0
[ 269.615119][ T26] ? futex_hash+0x2ad/0x2d0
[ 269.617289][ T26] do_splice_direct+0x181/0x270
[ 269.619480][ T26] ? __pfx_do_splice_direct+0x10/0x10
[ 269.621826][ T26] ? __pfx_direct_file_splice_eof+0x10/0x10
[ 269.625169][ T26] ? rw_verify_area+0x255/0x4d0
[ 269.627281][ T26] do_sendfile+0x4da/0x7e0
[ 269.629373][ T26] ? __pfx_do_sendfile+0x10/0x10
[ 269.631598][ T26] ? __se_sys_futex+0x36f/0x400
[ 269.634597][ T26] __se_sys_sendfile64+0x13e/0x190
[ 269.637137][ T26] ? __pfx___se_sys_futex+0x10/0x10
[ 269.639494][ T26] ? __pfx___se_sys_sendfile64+0x10/0x10
[ 269.642045][ T26] ? do_syscall_64+0xbe/0xfa0
[ 269.645158][ T26] do_syscall_64+0xfa/0xfa0
[ 269.648478][ T26] ? lockdep_hardirqs_on+0x9c/0x150
[ 269.650663][ T26] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 269.653230][ T26] ? clear_bhb_loop+0x60/0xb0
[ 269.656498][ T26] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 269.659024][ T26] RIP: 0033:0x7fbcbb78f6c9
[ 269.660944][ T26] RSP: 002b:00007ffe7a329a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 269.665167][ T26] RAX: ffffffffffffffda RBX: 00007fbcbb9e5fa0 RCX: 00007fbcbb78f6c9
[ 269.668573][ T26] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000006
[ 269.672073][ T26] RBP: 00007fbcbb811f91 R08: 0000000000000000 R09: 0000000000000000
[ 269.676385][ T26] R10: 000000080000000c R11: 0000000000000246 R12: 0000000000000000
[ 269.680092][ T26] R13: 00007fbcbb9e5fa0 R14: 00007fbcbb9e5fa0 R15: 0000000000000004
[ 269.683525][ T26]
[ 269.686582][ T26]
[ 269.686582][ T26] Showing all locks held in the system:
[ 269.689879][ T26] 1 lock held by khungtaskd/26:
[ 269.692198][ T26] #0: ffffffff8df3d6e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 269.700436][ T26] 4 locks held by kworker/u4:2/31:
[ 269.702704][ T26] #0: ffff888030f6f148 ((wq_completion)writeback){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 269.707757][ T26] #1: ffffc90000527ba0 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 269.713212][ T26] #2: ffff88803308c0e0 (&type->s_umount_key#54){.+.+}-{4:4}, at: super_trylock_shared+0x20/0xf0
[ 269.718491][ T26] #3: ffff8880468bb8b8 (&jfs_ip->commit_mutex){+.+.}-{4:4}, at: jfs_commit_inode+0x1ca/0x530
[ 269.723222][ T26] 2 locks held by getty/5107:
[ 269.726756][ T26] #0: ffff88803339c0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 269.731015][ T26] #1: ffffc9000285b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[ 269.736848][ T26] 4 locks held by syz.0.17/5496:
[ 269.738983][ T26] #0: ffff88803308c420 (sb_writers#12){.+.+}-{0:0}, at: direct_splice_actor+0x49/0x160
[ 269.743382][ T26] #1: ffff8880468bceb8 (&sb->s_type->i_mutex_key#20){+.+.}-{4:4}, at: generic_file_write_iter+0xeb/0x550
[ 269.749996][ T26] #2: ffff8880468bca78 (&jfs_ip->rdwrlock#3){++++}-{4:4}, at: jfs_get_block+0x141/0xab0
[ 269.754814][ T26] #3: ffff8880468bcb08 (&jfs_ip->commit_mutex){+.+.}-{4:4}, at: extAlloc+0x13c/0xfb0
[ 269.761926][ T26]
[ 269.763014][ T26] =============================================
[ 269.763014][ T26]
[ 269.776185][ T26] NMI backtrace for cpu 0
[ 269.776199][ T26] CPU: 0 UID: 0 PID: 26 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full)
[ 269.776214][ T26] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 269.776222][ T26] Call Trace:
[ 269.776227][ T26]
[ 269.776233][ T26] dump_stack_lvl+0x189/0x250
[ 269.776258][ T26] ? __pfx_dump_stack_lvl+0x10/0x10
[ 269.776274][ T26] ? __pfx__printk+0x10/0x10
[ 269.776295][ T26] nmi_cpu_backtrace+0x39e/0x3d0
[ 269.776311][ T26] ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 269.776325][ T26] ? __pfx__printk+0x10/0x10
[ 269.776341][ T26] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 269.776361][ T26] nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 269.776380][ T26] watchdog+0xf60/0xfa0
[ 269.776397][ T26] ? watchdog+0x1e2/0xfa0
[ 269.776412][ T26] kthread+0x711/0x8a0
[ 269.776431][ T26] ? __pfx_watchdog+0x10/0x10
[ 269.776442][ T26] ? __pfx_kthread+0x10/0x10
[ 269.776459][ T26] ? _raw_spin_unlock_irq+0x23/0x50
[ 269.776474][ T26] ? lockdep_hardirqs_on+0x9c/0x150
[ 269.776489][ T26] ? __pfx_kthread+0x10/0x10
[ 269.776506][ T26] ret_from_fork+0x4bc/0x870
[ 269.776521][ T26] ? __pfx_ret_from_fork+0x10/0x10
[ 269.776537][ T26] ? __pfx_kthread+0x10/0x10
[ 269.776554][ T26] ret_from_fork_asm+0x1a/0x30
[ 269.776573][ T26]
2025/11/15 12:18:51 executed programs: 98
VM DIAGNOSIS:
12:18:48 Registers:
info registers vcpu 0
CPU#0
RAX=ffffffff81a00721 RBX=ffffffff997c9fc8 RCX=ffffc900004d7c20 RDX=ffffffff8b6f2c60
RSI=000000000000004d RDI=ffffffff997c9fc8 RBP=000000000000004d RSP=ffffc900004d7838
R8 =ffffffff8b6f2c60 R9 =ffffc900004d7c20 R10=dffffc0000000000 R11=fffff5200009aec1
R12=ffffc900004d7c20 R13=ffffffff8b6f2c60 R14=0000000000000000 R15=ffffc900004d78dc
RIP=ffffffff8b44a8f4 RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88808d730000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007ffdb5ee20e0 CR3=00000000560d5000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdb5ee4480 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa19e413050
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa19e41305d
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa19e413057
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa19e41306b
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa19e4130f1
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa19e4131cf
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 00000000000000a0
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000