IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
VFS: Found a Xenix FS (block size = 512) on device loop5
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
BUG: sleeping function called from invalid context at fs/buffer.c:1381
in_atomic(): 1, irqs_disabled(): 0, pid: 9444, name: syz-executor.5
3 locks held by syz-executor.5/9444:
 #0:  (sb_writers#13){.+.+}, at: [<ffffffff818e1f2a>] sb_start_write include/linux/fs.h:1551 [inline]
 #0:  (sb_writers#13){.+.+}, at: [<ffffffff818e1f2a>] mnt_want_write+0x3a/0xb0 fs/namespace.c:386
 #1:  (&sb->s_type->i_mutex_key#21){+.+.}, at: [<ffffffff818673a0>] inode_lock include/linux/fs.h:719 [inline]
 #1:  (&sb->s_type->i_mutex_key#21){+.+.}, at: [<ffffffff818673a0>] do_truncate+0xf0/0x1a0 fs/open.c:61
 #2:  (pointers_lock){.+.+}, at: [<ffffffff81fd96c3>] get_block+0x153/0x1230 fs/sysv/itree.c:217
Preemption disabled at:
[<          (null)>]           (null)
CPU: 1 PID: 9444 Comm: syz-executor.5 Not tainted 4.14.305-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x1b2/0x281 lib/dump_stack.c:58
 ___might_sleep.cold+0x235/0x250 kernel/sched/core.c:6040
 __getblk_gfp fs/buffer.c:1381 [inline]
 __bread_gfp+0x3e/0x2e0 fs/buffer.c:1428
 sb_bread include/linux/buffer_head.h:343 [inline]
 get_branch+0x2ac/0x600 fs/sysv/itree.c:104
 get_block+0x176/0x1230 fs/sysv/itree.c:218
 block_truncate_page+0x2a8/0x8f0 fs/buffer.c:2944
 sysv_truncate+0x1c4/0xd70 fs/sysv/itree.c:383
 sysv_setattr+0x115/0x180 fs/sysv/file.c:47
 notify_change+0x56b/0xd10 fs/attr.c:315
 do_truncate+0xff/0x1a0 fs/open.c:63
 vfs_truncate+0x456/0x680 fs/open.c:120
 do_sys_truncate.part.0+0xdc/0xf0 fs/open.c:143
 do_sys_truncate fs/open.c:137 [inline]
 SYSC_truncate fs/open.c:155 [inline]
 SyS_truncate+0x23/0x40 fs/open.c:153
 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x5e/0xd3
RIP: 0033:0x7f9a055010f9
RSP: 002b:00007f9a03a73168 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
RAX: ffffffffffffffda RBX: 00007f9a05620f80 RCX: 00007f9a055010f9
RDX: 0000000000000000 RSI: 000000000000317b RDI: 00000000200001c0
RBP: 00007f9a0555cae9 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffd8a0c8f4f R14: 00007f9a03a73300 R15: 0000000000022000
IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready
device veth0_macvtap entered promiscuous mode
IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
device veth0_macvtap entered promiscuous mode
IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready
device veth1_macvtap entered promiscuous mode
IPv6: ADDRCONF(NETDEV_UP): macsec0: link is not ready
device veth1_macvtap entered promiscuous mode
IPv6: ADDRCONF(NETDEV_UP): macsec0: link is not ready
print_req_error: I/O error, dev loop4, sector 0
Buffer I/O error on dev loop4, logical block 0, async page read
Bluetooth: hci1 command 0x0419 tx timeout
Bluetooth: hci2 command 0x0419 tx timeout
IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready
Bluetooth: hci0 command 0x0419 tx timeout
VFS: Found a Xenix FS (block size = 512) on device loop5
IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready
Bluetooth: hci4 command 0x0419 tx timeout
Bluetooth: hci3 command 0x0419 tx timeout
IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready
Bluetooth: hci5 command 0x0419 tx timeout
batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
VFS: Found a Xenix FS (block size = 512) on device loop5
batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
print_req_error: I/O error, dev loop4, sector 0
Buffer I/O error on dev loop4, logical block 0, async page read
batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
hrtimer: interrupt took 35377 ns
batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready
batman_adv: batadv0: Interface activated: batadv_slave_0
batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready
batman_adv: batadv0: Interface activated: batadv_slave_0
IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready
batman_adv: batadv0: Interface activated: batadv_slave_1
IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready
batman_adv: batadv0: Interface activated: batadv_slave_1
IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
VFS: Found a Xenix FS (block size = 512) on device loop5
BUG: sleeping function called from invalid context at fs/buffer.c:1381
in_atomic(): 1, irqs_disabled(): 0, pid: 9567, name: syz-executor.5
3 locks held by syz-executor.5/9567:
 #0:  (sb_writers#13){.+.+}, at: [<ffffffff818e1f2a>] sb_start_write include/linux/fs.h:1551 [inline]
 #0:  (sb_writers#13){.+.+}, at: [<ffffffff818e1f2a>] mnt_want_write+0x3a/0xb0 fs/namespace.c:386
 #1:  (&sb->s_type->i_mutex_key#21){+.+.}, at: [<ffffffff818673a0>] inode_lock include/linux/fs.h:719 [inline]
 #1:  (&sb->s_type->i_mutex_key#21){+.+.}, at: [<ffffffff818673a0>] do_truncate+0xf0/0x1a0 fs/open.c:61
 #2:  (pointers_lock){++++}, at: [<ffffffff81fd96c3>] get_block+0x153/0x1230 fs/sysv/itree.c:217
Preemption disabled at:
[<          (null)>]           (null)
CPU: 1 PID: 9567 Comm: syz-executor.5 Tainted: G        W       4.14.305-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x1b2/0x281 lib/dump_stack.c:58
 ___might_sleep.cold+0x235/0x250 kernel/sched/core.c:6040
 __getblk_gfp fs/buffer.c:1381 [inline]
 __bread_gfp+0x3e/0x2e0 fs/buffer.c:1428
 sb_bread include/linux/buffer_head.h:343 [inline]
 get_branch+0x2ac/0x600 fs/sysv/itree.c:104
 get_block+0x176/0x1230 fs/sysv/itree.c:218
 block_truncate_page+0x2a8/0x8f0 fs/buffer.c:2944
 sysv_truncate+0x1c4/0xd70 fs/sysv/itree.c:383
 sysv_setattr+0x115/0x180 fs/sysv/file.c:47
 notify_change+0x56b/0xd10 fs/attr.c:315
 do_truncate+0xff/0x1a0 fs/open.c:63
 vfs_truncate+0x456/0x680 fs/open.c:120
 do_sys_truncate.part.0+0xdc/0xf0 fs/open.c:143
 do_sys_truncate fs/open.c:137 [inline]
 SYSC_truncate fs/open.c:155 [inline]
 SyS_truncate+0x23/0x40 fs/open.c:153
 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x5e/0xd3
RIP: 0033:0x7f9a055010f9
RSP: 002b:00007f9a03a73168 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
RAX: ffffffffffffffda RBX: 00007f9a05620f80 RCX: 00007f9a055010f9
RDX: 0000000000000000 RSI: 000000000000317b RDI: 00000000200001c0
RBP: 00007f9a0555cae9 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffd8a0c8f4f R14: 00007f9a03a73300 R15: 0000000000022000
device erspan0 entered promiscuous mode
device erspan0 left promiscuous mode
device erspan0 entered promiscuous mode
device erspan0 left promiscuous mode
omfs: Invalid superblock (7b3184f9)
device erspan0 entered promiscuous mode
device erspan0 left promiscuous mode
device erspan0 entered promiscuous mode
device erspan0 left promiscuous mode
L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
kvm: vcpu 0: requested 128 ns lapic timer period limited to 500000 ns
BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop3
BTRFS info (device loop3): using free space tree
BTRFS info (device loop3): has skinny extents
syz-executor.3 (9864) used greatest stack depth: 24648 bytes left
kvm: vcpu 0: requested 128 ns lapic timer period limited to 500000 ns
attempt to access beyond end of device
loop5: rw=1, want=2052, limit=2048
Buffer I/O error on dev loop5, logical block 512, lost async page write
attempt to access beyond end of device
loop5: rw=1, want=2056, limit=2048
Buffer I/O error on dev loop5, logical block 513, lost async page write
attempt to access beyond end of device
loop5: rw=1, want=2060, limit=2048
Buffer I/O error on dev loop5, logical block 514, lost async page write
attempt to access beyond end of device
loop5: rw=1, want=2064, limit=2048
Buffer I/O error on dev loop5, logical block 515, lost async page write
kvm: vcpu 0: requested 128 ns lapic timer period limited to 500000 ns
BTRFS info (device loop3): using free space tree
BTRFS info (device loop3): has skinny extents
kvm: vcpu 0: requested 128 ns lapic timer period limited to 500000 ns
attempt to access beyond end of device
loop5: rw=1, want=2052, limit=2048
Buffer I/O error on dev loop5, logical block 512, lost async page write
attempt to access beyond end of device
loop5: rw=1, want=2056, limit=2048
Buffer I/O error on dev loop5, logical block 513, lost async page write
attempt to access beyond end of device
loop5: rw=1, want=2060, limit=2048
BTRFS info (device loop0): using free space tree
Buffer I/O error on dev loop5, logical block 514, lost async page write
BTRFS info (device loop0): has skinny extents
attempt to access beyond end of device
loop5: rw=1, want=2064, limit=2048
Buffer I/O error on dev loop5, logical block 515, lost async page write
attempt to access beyond end of device
loop2: rw=1, want=2052, limit=2048
Buffer I/O error on dev loop2, logical block 512, lost async page write
attempt to access beyond end of device
loop2: rw=1, want=2056, limit=2048
Buffer I/O error on dev loop2, logical block 513, lost async page write
attempt to access beyond end of device
loop2: rw=1, want=2060, limit=2048
Buffer I/O error on dev loop2, logical block 514, lost async page write
attempt to access beyond end of device
loop2: rw=1, want=2064, limit=2048
Buffer I/O error on dev loop2, logical block 515, lost async page write
attempt to access beyond end of device
loop5: rw=1, want=2052, limit=2048
Buffer I/O error on dev loop5, logical block 512, lost async page write
attempt to access beyond end of device
loop5: rw=1, want=2056, limit=2048
Buffer I/O error on dev loop5, logical block 513, lost async page write
attempt to access beyond end of device
loop5: rw=1, want=2060, limit=2048
attempt to access beyond end of device
loop5: rw=1, want=2064, limit=2048
attempt to access beyond end of device
loop2: rw=1, want=2052, limit=2048
attempt to access beyond end of device
loop2: rw=1, want=2056, limit=2048
attempt to access beyond end of device
loop2: rw=1, want=2060, limit=2048
attempt to access beyond end of device
BTRFS info (device loop0): using free space tree
BTRFS info (device loop0): has skinny extents
loop2: rw=1, want=2064, limit=2048
attempt to access beyond end of device
loop5: rw=1, want=2052, limit=2048
attempt to access beyond end of device
loop5: rw=1, want=2056, limit=2048
attempt to access beyond end of device
loop5: rw=1, want=2060, limit=2048
attempt to access beyond end of device
loop5: rw=1, want=2064, limit=2048
attempt to access beyond end of device
loop2: rw=1, want=2052, limit=2048
attempt to access beyond end of device
loop2: rw=1, want=2056, limit=2048
attempt to access beyond end of device
loop2: rw=1, want=2060, limit=2048
attempt to access beyond end of device
loop2: rw=1, want=2064, limit=2048
BTRFS info (device loop1): using free space tree
BTRFS info (device loop1): has skinny extents
netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.