last executing test programs: 4.229313033s ago: executing program 2 (id=959): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0x2, 0x6, 0x0) newfstatat$auto(r0, &(0x7f0000000100)='./file0\x00', 0x0, 0x800) 3.88060919s ago: executing program 2 (id=963): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYBLOB='N\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 3.613126687s ago: executing program 2 (id=966): openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) write$auto(0x3, 0x0, 0x5c8) mmap$auto(0x0, 0x5810, 0xffb, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) write$auto(0x3, 0x0, 0xfdef) 2.820791588s ago: executing program 3 (id=975): setfsuid$auto(0x1) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) unshare$auto(0x40000080) madvise$auto(0x0, 0x20200, 0x15) 2.684921517s ago: executing program 1 (id=976): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x0) setsockopt$auto(0x3, 0x6, 0x9, 0x0, 0xfb3) 2.529740965s ago: executing program 1 (id=978): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/resume\x00', 0x189002, 0x0) sendfile$auto(r0, r0, 0x0, 0x3) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x0) 2.400949649s ago: executing program 1 (id=980): mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x3) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close$auto(0xffffffffffffffff) 2.275266316s ago: executing program 3 (id=981): socket(0xa, 0x801, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000ac0)='/proc/thread-self/net/sctp/remaddr\x00', 0x8200, 0x0) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000b00)=""/147, 0x93) 1.939796488s ago: executing program 1 (id=982): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.844152141s ago: executing program 3 (id=984): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x4242, 0x0) fanotify_mark$auto(0x0, 0x1, 0x3a, r0, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22200, 0x154) 1.624550925s ago: executing program 3 (id=986): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) getsockopt$auto(0x3, 0x200000000001, 0x11, 0x0, 0x0) 1.416850842s ago: executing program 0 (id=987): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/Stats\x00', 0x28102, 0x0) r0 = open(&(0x7f0000000000)='./cgroup.cpu/cgroup.procs\x00', 0x101800, 0x7) read$auto(r0, 0x0, 0x1) write$auto(0x3, 0x0, 0x1) 1.363575847s ago: executing program 1 (id=988): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000580)={0x1c, r1, 0x301, 0x70b52c, 0x25dfdbfb, {}, [@CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x17}]}, 0x1c}, 0x1, 0x0, 0x0, 0x400c01d}, 0x0) r2 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000080), r0) sendmsg$auto_MACSEC_CMD_UPD_TXSA(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000002ec0)={0x1c, r2, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@MACSEC_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4008000}, 0x400c8d4) 1.276324027s ago: executing program 0 (id=989): statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x44f, 0x7, 0x5, 0x1007181, 0x8a0d, 0x7, 0x7, 0x7ff, 0x89, 0x26, 0x4, 0x200000000001, 0x384, 0xfffffffffffffffa, 0x8, 0x0, 0x30, 0x0, 0x864, 0xe, 0x22000, 0x9, 0x0, 0x84}, 0x9, 0xd) r0 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r0, 0x2, &(0x7f0000000380)="dcbb5fd7054bed139fb7f9fb1dca8fe1d88f65ee057c0e6faac40d106e4f0d52edf6e31c48e8d983ae3431fa707225c2c387e1a200b38759ba8e9187200e6d044ef46a534de751b1436f20ed7071b254509700aa726ea003a1b7b9ce2313756dc84bc4556ddac694c4553d72ed13a885176712c9cff968f74bd1d14ff734ad08e60cf7e7a7dd07d2b6ca9cb21ddaae68d2969afcf6c734f6ee1c63b1c93abf32264f9ec022b64c903276298739ee8ae7ac1fe14534ad54004f39ea1b99964702554c1494e1742baeae527cf3007d50fc92e924f73b6288e5d9fd071d2fba76b2fabd3faf5229f4c3168226346e3087026d3d2c8aed398d4988971e05ff0ab9f5f2328e7f51d5061584b44581a4c83e413718d3a82f87daf87d1d5a2c32fbaa58f095fbf34ccc603b632155c27289cb5598049a7c9160dfe8a01d5a1983408082941eb39db2a09c5a34dc876dfa58a589687aa0cf6be7b5b084a8f753758332896ec3adad7a79b751908ee2b3d25131f44185a0ed8d20e9b6b8a1ed11402b02e544b67caf3177eda039e64aaf295eca7953c165fa73afca96d7750663711101c6e14e44817c6ad4b1474132dd441ca5c9d7776c871ffacbd96910496cad7010b9b526135e84") ioctl$auto__ctl_fops_dm_ioctl(r0, 0xfffffff7effffd05, &(0x7f00000001c0)) socket(0x28, 0xa, 0x0) 1.196072855s ago: executing program 3 (id=990): r0 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x8, 0x1ff, 0x7, 0x25, 0x4909b6f5, 0x1ffde, 0x7, 0x3, 0x9, 0x9, 0x3, 0x4, 0x1, 0xb4, 0x9, 0x8, 0x10003, 0x80, 0x3, 0x0, 0xa, 0x22000, 0x200, 0x0, 0x84}, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0xf7374674b920089e) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 1.124086838s ago: executing program 1 (id=991): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x20000000040019, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0x1, 0x0, 0x80000000) madvise$auto(0x0, 0x2003f0, 0x15) 1.077152458s ago: executing program 0 (id=992): adjtimex$auto(&(0x7f0000000000)={0x4, 0x0, 0xcbe9, 0xffff, 0xa, 0x80000000, 0xd37f, 0x0, 0xffff, 0xc, 0x3, {0x10, 0x6}, 0xfffffffffffffffc, 0x10002, 0x2, 0x4, 0x0, 0xfffffffdfffffffa, 0x1, 0x0, 0x9, 0x7, 0xffffffff}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) r0 = gettid() process_vm_readv$auto(r0, &(0x7f0000000040)={0x0, 0x2}, 0x4, &(0x7f00000000c0)={0x0, 0x100000000000002}, 0x3, 0x0) 891.996058ms ago: executing program 3 (id=993): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) write$auto(0x1, 0x0, 0x80000000) madvise$auto(0x0, 0x200007, 0x8) madvise$auto(0x0, 0x2003f0, 0x15) 465.849225ms ago: executing program 0 (id=994): socket(0xa, 0x2, 0x3a) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) io_uring_setup$auto(0x52, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xffff}, 0x1, 0x0, 0x0, 0x9}, 0x100007}, 0x3, 0x0) 464.802897ms ago: executing program 2 (id=995): mmap$auto(0x0, 0x2020007, 0xffffffffffffffff, 0x8000000000000eb1, 0xffffffffffffffff, 0x8000) socket(0x2, 0x2, 0x88) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) write$auto(0x3, 0x0, 0xfdf3) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0xa}, 0x5, 0x106) 348.817074ms ago: executing program 2 (id=996): mmap$auto(0x0, 0x4, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x3, 0x3}, 0x18, 0x0) 247.370077ms ago: executing program 0 (id=997): close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400, 0x7}, 0x9, 0x0) landlock_add_rule$auto(r0, 0x2, &(0x7f0000000080), 0x0) 170.358µs ago: executing program 0 (id=998): mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/apparmor/parameters/rawdata_compression_level\x00', 0x80, 0x0) read$auto(r0, 0x0, 0x4) r1 = openat$auto_bm_status_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000000), 0x40002, 0x0) write$auto(r1, 0x0, 0x2) 0s ago: executing program 2 (id=999): socket(0x2, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, 0x0, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x700fffe) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.167' (ED25519) to the list of known hosts. [ 86.774806][ T5828] cgroup: Unknown subsys name 'net' [ 86.888629][ T5828] cgroup: Unknown subsys name 'cpuset' [ 86.898149][ T5828] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 88.643164][ T5828] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 90.817722][ T5852] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 90.822444][ T5853] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 90.832601][ T5853] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 90.840984][ T5853] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 90.842131][ T5852] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 90.857459][ T5853] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 90.865148][ T5853] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 90.872599][ T5852] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 90.875104][ T5858] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 90.895006][ T5858] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 90.905593][ T5855] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 90.913935][ T5858] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 90.921775][ T5855] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 90.930394][ T5857] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 90.931517][ T5858] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 90.945907][ T5855] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 90.957203][ T5858] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 90.967348][ T5858] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 90.985428][ T5851] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 90.995773][ T5851] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 91.503038][ T5843] chnl_net:caif_netlink_parms(): no params data found [ 91.643536][ T5840] chnl_net:caif_netlink_parms(): no params data found [ 91.800471][ T5838] chnl_net:caif_netlink_parms(): no params data found [ 91.811467][ T5839] chnl_net:caif_netlink_parms(): no params data found [ 91.824049][ T5843] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.831236][ T5843] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.841304][ T5843] bridge_slave_0: entered allmulticast mode [ 91.849555][ T5843] bridge_slave_0: entered promiscuous mode [ 91.893082][ T5843] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.900443][ T5843] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.908015][ T5843] bridge_slave_1: entered allmulticast mode [ 91.916135][ T5843] bridge_slave_1: entered promiscuous mode [ 92.055721][ T5840] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.062884][ T5840] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.070640][ T5840] bridge_slave_0: entered allmulticast mode [ 92.079076][ T5840] bridge_slave_0: entered promiscuous mode [ 92.091965][ T5840] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.100039][ T5840] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.111333][ T5840] bridge_slave_1: entered allmulticast mode [ 92.120778][ T5840] bridge_slave_1: entered promiscuous mode [ 92.177090][ T5843] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.194785][ T5843] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.347609][ T5843] team0: Port device team_slave_0 added [ 92.357662][ T5840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.395455][ T5839] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.403420][ T5839] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.410596][ T5839] bridge_slave_0: entered allmulticast mode [ 92.418414][ T5839] bridge_slave_0: entered promiscuous mode [ 92.429658][ T5843] team0: Port device team_slave_1 added [ 92.438510][ T5840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.453148][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.460510][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.467961][ T5838] bridge_slave_0: entered allmulticast mode [ 92.476173][ T5838] bridge_slave_0: entered promiscuous mode [ 92.484262][ T5839] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.491417][ T5839] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.498883][ T5839] bridge_slave_1: entered allmulticast mode [ 92.506394][ T5839] bridge_slave_1: entered promiscuous mode [ 92.568824][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.578372][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.586342][ T5838] bridge_slave_1: entered allmulticast mode [ 92.595077][ T5838] bridge_slave_1: entered promiscuous mode [ 92.618870][ T5839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.645636][ T5840] team0: Port device team_slave_0 added [ 92.652679][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.660820][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.687131][ T5843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.716711][ T5839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.727612][ T5840] team0: Port device team_slave_1 added [ 92.748023][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.755267][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.781860][ T5843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.841219][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.848541][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.874534][ T5840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.889829][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.903944][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.929263][ T5839] team0: Port device team_slave_0 added [ 92.937867][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.945628][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.945711][ T5851] Bluetooth: hci1: command tx timeout [ 92.971993][ T5840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.005222][ T5839] team0: Port device team_slave_1 added [ 93.033567][ T5851] Bluetooth: hci2: command tx timeout [ 93.033680][ T5844] Bluetooth: hci0: command tx timeout [ 93.039311][ T5851] Bluetooth: hci3: command tx timeout [ 93.092991][ T5838] team0: Port device team_slave_0 added [ 93.102667][ T5838] team0: Port device team_slave_1 added [ 93.116122][ T5843] hsr_slave_0: entered promiscuous mode [ 93.124538][ T5843] hsr_slave_1: entered promiscuous mode [ 93.205531][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.212585][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.239322][ T5839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.251305][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.259116][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.285336][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.315527][ T5840] hsr_slave_0: entered promiscuous mode [ 93.322081][ T5840] hsr_slave_1: entered promiscuous mode [ 93.329215][ T5840] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 93.337242][ T5840] Cannot create hsr debugfs directory [ 93.345775][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.352845][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.379647][ T5839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.391662][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.399017][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.425278][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.661556][ T5839] hsr_slave_0: entered promiscuous mode [ 93.668821][ T5839] hsr_slave_1: entered promiscuous mode [ 93.675146][ T5839] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 93.682717][ T5839] Cannot create hsr debugfs directory [ 93.706973][ T5838] hsr_slave_0: entered promiscuous mode [ 93.713976][ T5838] hsr_slave_1: entered promiscuous mode [ 93.720073][ T5838] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 93.727731][ T5838] Cannot create hsr debugfs directory [ 94.046641][ T5843] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 94.086209][ T5843] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 94.119987][ T5843] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 94.149134][ T5843] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 94.225472][ T5840] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 94.256438][ T5840] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 94.268950][ T5840] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 94.290798][ T5840] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 94.347393][ T5839] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 94.359771][ T5839] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 94.385559][ T5839] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 94.396946][ T5839] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 94.541628][ T5838] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 94.558253][ T5838] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 94.572496][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.595239][ T5838] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 94.607257][ T5838] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 94.671044][ T5843] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.717149][ T1338] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.724687][ T1338] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.772683][ T1338] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.779952][ T1338] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.828595][ T5840] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.881707][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.940087][ T5840] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.956801][ T5839] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.985494][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.010363][ T53] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.017564][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.024708][ T5851] Bluetooth: hci1: command tx timeout [ 95.033121][ T53] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.040278][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.051157][ T53] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.058321][ T53] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.099056][ T5838] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.103981][ T5844] Bluetooth: hci2: command tx timeout [ 95.111146][ T5858] Bluetooth: hci3: command tx timeout [ 95.120871][ T3015] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.128176][ T3015] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.135798][ T5851] Bluetooth: hci0: command tx timeout [ 95.171729][ T1095] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.179077][ T1095] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.217725][ T1095] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.224950][ T1095] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.362844][ T5840] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 95.461418][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 95.627774][ T5843] veth0_vlan: entered promiscuous mode [ 95.695836][ T5843] veth1_vlan: entered promiscuous mode [ 95.796749][ T5843] veth0_macvtap: entered promiscuous mode [ 95.807678][ T5843] veth1_macvtap: entered promiscuous mode [ 95.884824][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 95.902982][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.927184][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 95.942316][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.957206][ T5843] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.966923][ T5843] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.976259][ T5843] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.985580][ T5843] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.068438][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.078097][ T5840] veth0_vlan: entered promiscuous mode [ 96.131796][ T5840] veth1_vlan: entered promiscuous mode [ 96.217566][ T5838] veth0_vlan: entered promiscuous mode [ 96.232911][ T3015] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.236490][ T5838] veth1_vlan: entered promiscuous mode [ 96.251384][ T3015] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.322255][ T5839] veth0_vlan: entered promiscuous mode [ 96.332595][ T1095] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.341850][ T1095] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.363967][ T5839] veth1_vlan: entered promiscuous mode [ 96.372400][ T5840] veth0_macvtap: entered promiscuous mode [ 96.425305][ T5840] veth1_macvtap: entered promiscuous mode [ 96.467681][ T5838] veth0_macvtap: entered promiscuous mode [ 96.501836][ T5838] veth1_macvtap: entered promiscuous mode [ 96.504366][ T5843] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 96.530746][ T5839] veth0_macvtap: entered promiscuous mode [ 96.561834][ T5839] veth1_macvtap: entered promiscuous mode [ 96.572315][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.585270][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.599129][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.609538][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.620211][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.643374][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.664263][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.680655][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.717623][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.731169][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.745775][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.759800][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.776236][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.790160][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.802830][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.819067][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.839780][ T5840] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.849183][ T5840] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.879838][ T5840] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.908899][ T5840] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.945712][ T5838] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.965934][ T24] cfg80211: failed to load regulatory.db [ 96.970305][ T5838] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.980405][ T5838] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.989207][ T5838] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.024944][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 97.042426][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.066834][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 97.077843][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.091174][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 97.102709][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.103590][ T5851] Bluetooth: hci1: command tx timeout [ 97.121356][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.166891][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 97.184161][ T5851] Bluetooth: hci3: command tx timeout [ 97.189755][ T5851] Bluetooth: hci2: command tx timeout [ 97.194716][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.196900][ T5858] Bluetooth: hci0: command tx timeout [ 97.214506][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 97.225892][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.236828][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 97.247667][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.259647][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.310684][ T5839] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.325587][ T5839] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.334856][ T5839] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.343916][ T5839] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.472407][ T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.486715][ T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.562825][ T67] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.582565][ T67] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.628398][ T67] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.643506][ T67] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.714631][ T67] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.722507][ T67] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.885179][ T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.900690][ T1338] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.909113][ T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.935061][ T1338] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.317108][ T5927] Zero length message leads to an empty skb [ 98.502071][ T30] audit: type=1800 audit(1745328289.142:2): pid=5934 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.13" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 99.183830][ T5858] Bluetooth: hci1: command tx timeout [ 99.206747][ T5956] capability: warning: `syz.1.22' uses 32-bit capabilities (legacy support in use) [ 99.263731][ T5858] Bluetooth: hci0: command tx timeout [ 99.274251][ T5858] Bluetooth: hci2: command tx timeout [ 99.274809][ T5851] Bluetooth: hci3: command tx timeout [ 100.764530][ T6004] netlink: 4 bytes leftover after parsing attributes in process `syz.0.44'. [ 100.924320][ T6007] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 102.212089][ T6045] sd 0:0:1:0: PR command failed: 1026 [ 102.218719][ T6045] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 102.234890][ T6045] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 102.896991][ T6060] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 104.337406][ T6093] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 105.196425][ T6126] vivid-009: ================= START STATUS ================= [ 105.243447][ T6126] vivid-009: Enable Output Cropping: true grabbed [ 105.250079][ T6126] vivid-009: Enable Output Composing: true grabbed [ 105.332514][ T6126] vivid-009: Enable Output Scaler: true grabbed [ 105.344015][ T6126] vivid-009: Tx RGB Quantization Range: Automatic grabbed [ 105.363584][ T6126] vivid-009: Transmit Mode: HDMI grabbed [ 105.381997][ T6126] vivid-009: Hotplug Present: 0x00000000 [ 105.420978][ T6126] vivid-009: RxSense Present: 0x00000000 [ 105.443409][ T6126] vivid-009: EDID Present: 0x00000000 [ 105.463391][ T6126] vivid-009: ================== END STATUS ================== [ 105.740326][ T6139] netlink: 206 bytes leftover after parsing attributes in process `syz.1.102'. [ 106.295678][ T6162] FAULT_INJECTION: forcing a failure. [ 106.295678][ T6162] name failslab, interval 1, probability 0, space 0, times 1 [ 106.315867][ T6162] CPU: 0 UID: 0 PID: 6162 Comm: syz.1.111 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(full) [ 106.315908][ T6162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 106.315928][ T6162] Call Trace: [ 106.315937][ T6162] [ 106.315950][ T6162] dump_stack_lvl+0x16c/0x1f0 [ 106.315995][ T6162] should_fail_ex+0x512/0x640 [ 106.316026][ T6162] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 106.316056][ T6162] should_failslab+0xc2/0x120 [ 106.316093][ T6162] __kmalloc_cache_noprof+0x6a/0x3e0 [ 106.316124][ T6162] ? getname_flags.part.0+0x292/0x550 [ 106.316170][ T6162] getname_flags.part.0+0x292/0x550 [ 106.316211][ T6162] getname_flags+0x93/0xf0 [ 106.316236][ T6162] do_sys_openat2+0xb8/0x1d0 [ 106.316276][ T6162] ? __pfx_do_sys_openat2+0x10/0x10 [ 106.316333][ T6162] __x64_sys_open+0x153/0x1e0 [ 106.316374][ T6162] ? __pfx___x64_sys_open+0x10/0x10 [ 106.316430][ T6162] ? rcu_is_watching+0x12/0xc0 [ 106.316460][ T6162] do_syscall_64+0xcd/0x230 [ 106.316504][ T6162] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 106.316532][ T6162] RIP: 0033:0x7f059eb8e169 [ 106.316562][ T6162] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 106.316590][ T6162] RSP: 002b:00007f059f94b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 106.316618][ T6162] RAX: ffffffffffffffda RBX: 00007f059edb5fa0 RCX: 00007f059eb8e169 [ 106.316637][ T6162] RDX: 00000000000000d1 RSI: 0000000000103040 RDI: 0000200000000380 [ 106.316654][ T6162] RBP: 00007f059ec10a68 R08: 0000000000000000 R09: 0000000000000000 [ 106.316672][ T6162] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 106.316692][ T6162] R13: 0000000000000000 R14: 00007f059edb5fa0 R15: 00007fffe3bf9568 [ 106.316729][ T6162] [ 106.373004][ T6164] syz.2.113 uses obsolete (PF_INET,SOCK_PACKET) [ 108.456391][ T6225] sctp: [Deprecated]: syz.3.139 (pid 6225) Use of struct sctp_assoc_value in delayed_ack socket option. [ 108.456391][ T6225] Use struct sctp_sack_info instead [ 110.815530][ T6301] netlink: 28 bytes leftover after parsing attributes in process `syz.0.174'. [ 111.589919][ T6326] usb usb38: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 111.624284][ T6326] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 112.769697][ T6361] process 'syz.2.203' launched ':,' with NULL argv: empty string added [ 115.364372][ T6435] bridge0: port 3(hsr0) entered blocking state [ 115.370978][ T6435] bridge0: port 3(hsr0) entered disabled state [ 115.380568][ T6435] hsr0: entered allmulticast mode [ 115.399309][ T6435] hsr_slave_0: entered allmulticast mode [ 115.406305][ T6435] hsr_slave_1: entered allmulticast mode [ 115.424691][ T6435] hsr0: entered promiscuous mode [ 115.434763][ T6435] bridge0: port 3(hsr0) entered blocking state [ 115.441260][ T6435] bridge0: port 3(hsr0) entered forwarding state [ 116.508326][ T6467] netlink: 206 bytes leftover after parsing attributes in process `syz.1.250'. [ 116.579000][ T6469] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 116.585849][ T6469] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 118.407932][ T6509] netlink: 8 bytes leftover after parsing attributes in process `syz.2.268'. [ 123.559351][ T6596] kexec: Could not allocate control_code_buffer [ 125.406912][ T6685] netlink: 294 bytes leftover after parsing attributes in process `syz.0.342'. [ 126.240207][ T6665] kexec: Could not allocate control_code_buffer [ 127.220650][ T6719] netlink: 186 bytes leftover after parsing attributes in process `syz.1.356'. [ 128.142932][ T6752] netlink: 28 bytes leftover after parsing attributes in process `syz.1.369'. [ 128.153173][ T6754] netlink: 28 bytes leftover after parsing attributes in process `syz.0.370'. [ 128.174329][ T6754] ipvlan1: entered allmulticast mode [ 128.179725][ T6754] veth0_vlan: entered allmulticast mode [ 129.081112][ T6783] netlink: 28 bytes leftover after parsing attributes in process `syz.3.382'. [ 129.496685][ T6793] netlink: 206 bytes leftover after parsing attributes in process `syz.3.384'. [ 130.209092][ T6818] netlink: 28 bytes leftover after parsing attributes in process `syz.3.393'. [ 130.702838][ T6827] sock: sock_timestamping_bind_phc: sock not bind to device [ 131.687687][ T6811] kexec: Could not allocate control_code_buffer [ 132.623976][ T30] audit: type=1800 audit(1745328323.262:3): pid=6873 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.420" name="discovery_nqn" dev="configfs" ino=9812 res=0 errno=0 [ 133.283000][ T6894] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 133.833606][ T6917] netlink: 342 bytes leftover after parsing attributes in process `syz.0.437'. [ 133.859034][ T6917] netlink: 342 bytes leftover after parsing attributes in process `syz.0.437'. [ 134.124600][ T5851] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 134.124657][ T5851] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 134.143832][ T5851] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 134.143900][ T5851] Bluetooth: hci2: adv larger than maximum supported [ 134.151722][ T5851] Bluetooth: hci2: Malformed LE Event: 0x0d [ 134.351072][ T6926] netlink: 206 bytes leftover after parsing attributes in process `syz.2.440'. [ 135.180797][ T6959] netlink: 346 bytes leftover after parsing attributes in process `syz.3.455'. [ 135.719864][ T6976] netlink: 206 bytes leftover after parsing attributes in process `syz.0.459'. [ 136.675944][ T7007] netlink: 'syz.1.482': attribute type 9 has an invalid length. [ 136.693483][ T7007] netlink: 330 bytes leftover after parsing attributes in process `syz.1.482'. [ 136.973463][ T7016] netlink: 206 bytes leftover after parsing attributes in process `syz.1.476'. [ 137.604712][ T7034] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input5 [ 137.911066][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 137.920503][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.275423][ T7052] qrtr: Invalid version 0 [ 138.704600][ T5851] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 138.704643][ T5851] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 138.720234][ T5851] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 138.720291][ T5851] Bluetooth: hci3: adv larger than maximum supported [ 138.727963][ T5851] Bluetooth: hci3: Malformed LE Event: 0x0d [ 138.815549][ T7070] lo: entered allmulticast mode [ 138.904318][ T7068] lo: left allmulticast mode [ 139.609214][ T7090] netlink: 206 bytes leftover after parsing attributes in process `syz.2.509'. [ 140.333787][ T7110] netlink: 346 bytes leftover after parsing attributes in process `syz.2.517'. [ 140.363983][ T5851] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 140.364028][ T5851] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 140.381367][ T5851] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 140.381427][ T5851] Bluetooth: hci1: adv larger than maximum supported [ 140.388877][ T5851] Bluetooth: hci1: Malformed LE Event: 0x0d [ 142.486117][ T5851] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 142.486161][ T5851] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 142.502991][ T5851] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 142.503051][ T5851] Bluetooth: hci0: adv larger than maximum supported [ 142.510760][ T5851] Bluetooth: hci0: Malformed LE Event: 0x0d [ 143.122764][ T7176] netlink: 350 bytes leftover after parsing attributes in process `syz.2.553'. [ 143.703320][ T30] audit: type=1804 audit(1745328334.342:4): pid=7195 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.552" name="/newroot/144/file0" dev="tmpfs" ino=746 res=1 errno=0 [ 143.780697][ T30] audit: type=1800 audit(1745328334.342:5): pid=7195 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.552" name="file0" dev="tmpfs" ino=746 res=0 errno=0 [ 143.852672][ T30] audit: type=1800 audit(1745328334.342:6): pid=7195 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.552" name="file0" dev="tmpfs" ino=746 res=0 errno=0 [ 144.947734][ T7227] CIFS: VFS: Invalid SecurityFlags: 0x0 [ 147.289103][ T7280] netlink: 'syz.3.586': attribute type 1 has an invalid length. [ 147.620382][ T7287] netlink: 4 bytes leftover after parsing attributes in process `syz.2.591'. [ 148.018407][ T7302] netlink: 28 bytes leftover after parsing attributes in process `syz.1.596'. [ 148.118760][ T7302] team0: Port device team_slave_0 removed [ 148.822758][ T7323] syz.0.604 (7323): /proc/7322/oom_adj is deprecated, please use /proc/7322/oom_score_adj instead. [ 148.974174][ T7328] netlink: 350 bytes leftover after parsing attributes in process `syz.0.606'. [ 149.668681][ T7344] CIFS: VFS: Invalid SecurityFlags: 0x0 [ 152.087009][ T5851] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 152.087052][ T5851] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 152.102093][ T5851] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 152.102126][ T5851] Bluetooth: hci2: Unknown advertising packet type: 0x74 [ 152.109353][ T5851] Bluetooth: hci2: adv larger than maximum supported [ 152.116466][ T5851] Bluetooth: hci2: Unknown advertising packet type: 0x20 [ 152.123184][ T5851] Bluetooth: hci2: adv larger than maximum supported [ 152.130320][ T5851] Bluetooth: hci2: adv larger than maximum supported [ 152.137063][ T5851] Bluetooth: hci2: Malformed LE Event: 0x0d [ 152.257796][ T7391] netlink: 8 bytes leftover after parsing attributes in process `syz.3.631'. [ 152.292811][ T7396] netlink: 8 bytes leftover after parsing attributes in process `syz.3.631'. [ 152.374747][ T7396] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 152.397167][ T7396] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 154.339113][ T7438] netlink: 214 bytes leftover after parsing attributes in process `syz.3.649'. [ 154.628576][ T7447] netlink: 4 bytes leftover after parsing attributes in process `syz.1.653'. [ 154.660590][ T7447] netlink: 4 bytes leftover after parsing attributes in process `syz.1.653'. [ 155.931107][ T7488] netlink: 28 bytes leftover after parsing attributes in process `syz.0.668'. [ 156.083901][ T7488] team0: Port device team_slave_0 removed [ 157.969194][ T7548] zswap: compressor not available [ 157.976667][ T7551] Setting dangerous option i915.mitigations - tainting kernel [ 158.088344][ T7554] netlink: 8 bytes leftover after parsing attributes in process `syz.0.696'. [ 158.610029][ T5851] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 158.610076][ T5851] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 158.626879][ T5851] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 158.626912][ T5851] Bluetooth: hci0: Unknown advertising packet type: 0x74 [ 158.634453][ T5851] Bluetooth: hci0: adv larger than maximum supported [ 158.642894][ T5851] Bluetooth: hci0: Unknown advertising packet type: 0x20 [ 158.650259][ T5851] Bluetooth: hci0: adv larger than maximum supported [ 158.657445][ T5851] Bluetooth: hci0: adv larger than maximum supported [ 158.664260][ T5851] Bluetooth: hci0: Malformed LE Event: 0x0d [ 159.928391][ T7611] netlink: 8 bytes leftover after parsing attributes in process `syz.2.720'. [ 159.946950][ T7611] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 159.975363][ T7611] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 160.023723][ T7612] netlink: 8 bytes leftover after parsing attributes in process `syz.2.720'. [ 161.025740][ T5851] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 161.025782][ T5851] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 161.043532][ T5851] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 161.043566][ T5851] Bluetooth: hci3: Unknown advertising packet type: 0x74 [ 161.050674][ T5851] Bluetooth: hci3: adv larger than maximum supported [ 161.060546][ T5851] Bluetooth: hci3: Unknown advertising packet type: 0x20 [ 161.067343][ T5851] Bluetooth: hci3: Malformed LE Event: 0x0d [ 161.764114][ T7663] tipc: Trying to set illegal importance in message [ 162.257087][ T5851] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 162.257125][ T5851] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 162.272436][ T5851] Bluetooth: hci1: Malformed LE Event: 0x0d [ 163.197778][ T7718] netlink: 8 bytes leftover after parsing attributes in process `syz.0.763'. [ 163.218730][ T7718] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 163.303517][ T7718] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 163.304870][ T7720] netlink: 8 bytes leftover after parsing attributes in process `syz.0.763'. [ 164.279981][ T5851] Bluetooth: hci3: ISO packet too small [ 165.501942][ T5851] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 165.501982][ T5851] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 165.522689][ T5851] bt_err_ratelimited: 4 callbacks suppressed [ 165.522711][ T5851] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 165.528784][ T5851] Bluetooth: hci2: Unknown advertising packet type: 0x74 [ 165.535981][ T5851] Bluetooth: hci2: adv larger than maximum supported [ 165.543045][ T5851] Bluetooth: hci2: Unknown advertising packet type: 0x20 [ 165.549844][ T5851] Bluetooth: hci2: adv larger than maximum supported [ 165.556941][ T5851] Bluetooth: hci2: adv larger than maximum supported [ 165.563797][ T5851] Bluetooth: hci2: Malformed LE Event: 0x0d [ 167.087952][ T5851] Bluetooth: hci2: ISO packet too small [ 168.118993][ T7859] netlink: 'syz.0.817': attribute type 2 has an invalid length. [ 170.264988][ T7912] delete_channel: no stack [ 170.407859][ T5851] Bluetooth: hci1: Malformed HCI Event [ 171.430346][ T7948] netlink: 8 bytes leftover after parsing attributes in process `syz.1.855'. [ 175.522003][ T8056] netlink: 4 bytes leftover after parsing attributes in process `syz.1.900'. [ 175.547596][ T8056] netlink: 4 bytes leftover after parsing attributes in process `syz.1.900'. [ 177.679993][ T5851] Bluetooth: hci3: SCO packet for unknown connection handle 0 [ 177.918430][ T8114] Device name cannot be null; rc = [-22] [ 179.523579][ T8143] netlink: 4 bytes leftover after parsing attributes in process `syz.2.934'. [ 180.020215][ T8154] netlink: 19 bytes leftover after parsing attributes in process `syz.3.938'. [ 181.133472][ T8176] sctp: [Deprecated]: syz.3.945 (pid 8176) Use of int in max_burst socket option deprecated. [ 181.133472][ T8176] Use struct sctp_assoc_value instead [ 183.411998][ T8218] CIFS: VFS: Unsupported security flags: 0x10 [ 183.510651][ T8221] netlink: 8 bytes leftover after parsing attributes in process `syz.2.963'. [ 184.317144][ T8239] ======================================================= [ 184.317144][ T8239] WARNING: The mand mount option has been deprecated and [ 184.317144][ T8239] and is ignored by this kernel. Remove the mand [ 184.317144][ T8239] option from the mount to silence this warning. [ 184.317144][ T8239] ======================================================= [ 186.051074][ T8281] device-mapper: ioctl: Unable to rename non-existent device, to uuid [ 186.164107][ T8283] netlink: 28 bytes leftover after parsing attributes in process `syz.3.990'. [ 186.173133][ T8283] team_slave_0: entered allmulticast mode [ 186.361990][ T8287] GUP no longer grows the stack in syz.0.992 (8287): 14000-401000 (4000) [ 186.380279][ T8287] CPU: 0 UID: 0 PID: 8287 Comm: syz.0.992 Tainted: G U 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(full) [ 186.380334][ T8287] Tainted: [U]=USER [ 186.380345][ T8287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 186.380365][ T8287] Call Trace: [ 186.380375][ T8287] [ 186.380391][ T8287] dump_stack_lvl+0x16c/0x1f0 [ 186.380447][ T8287] gup_vma_lookup+0x1d2/0x220 [ 186.380501][ T8287] __get_user_pages+0x234/0x36f0 [ 186.380546][ T8287] ? process_vm_rw_core.constprop.0+0x1d8/0x9a0 [ 186.380590][ T8287] ? look_up_lock_class+0x59/0x150 [ 186.380635][ T8287] ? __pfx___get_user_pages+0x10/0x10 [ 186.380665][ T8287] ? process_vm_rw+0x216/0x2c0 [ 186.380712][ T8287] ? __x64_sys_process_vm_readv+0xe2/0x1c0 [ 186.380756][ T8287] ? do_syscall_64+0xcd/0x230 [ 186.380817][ T8287] __gup_longterm_locked+0x20d/0x1850 [ 186.380863][ T8287] ? __pfx___gup_longterm_locked+0x10/0x10 [ 186.380918][ T8287] pin_user_pages_remote+0xed/0x140 [ 186.380953][ T8287] ? __pfx_pin_user_pages_remote+0x10/0x10 [ 186.380984][ T8287] ? mm_access+0x22d/0x2e0 [ 186.381043][ T8287] process_vm_rw_core.constprop.0+0x41b/0x9a0 [ 186.381095][ T8287] ? futex_wait_queue+0x14c/0x220 [ 186.381148][ T8287] ? futex_unqueue+0xba/0x140 [ 186.381189][ T8287] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 186.381237][ T8287] ? iovec_from_user+0xbb/0x140 [ 186.381298][ T8287] ? iovec_from_user+0xbb/0x140 [ 186.381343][ T8287] process_vm_rw+0x216/0x2c0 [ 186.381388][ T8287] ? __pfx_process_vm_rw+0x10/0x10 [ 186.381439][ T8287] ? task_mm_cid_work+0x37b/0x910 [ 186.381507][ T8287] ? xfd_validate_state+0x5d/0x180 [ 186.381549][ T8287] __x64_sys_process_vm_readv+0xe2/0x1c0 [ 186.381593][ T8287] ? do_syscall_64+0x91/0x230 [ 186.381638][ T8287] ? lockdep_hardirqs_on+0x7c/0x110 [ 186.381680][ T8287] do_syscall_64+0xcd/0x230 [ 186.381736][ T8287] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.381768][ T8287] RIP: 0033:0x7f86cf38e169 [ 186.381794][ T8287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 186.381824][ T8287] RSP: 002b:00007f86d0217038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 186.381859][ T8287] RAX: ffffffffffffffda RBX: 00007f86cf5b5fa0 RCX: 00007f86cf38e169 [ 186.381879][ T8287] RDX: 0000000000000004 RSI: 0000200000000040 RDI: 0000000000000255 [ 186.381898][ T8287] RBP: 00007f86cf410a68 R08: 0000000000000003 R09: 0000000000000000 [ 186.381917][ T8287] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000 [ 186.381935][ T8287] R13: 0000000000000000 R14: 00007f86cf5b5fa0 R15: 00007ffc3ecee138 [ 186.381975][ T8287] [ 199.347857][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.354325][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 216.788520][ T5858] Bluetooth: hci1: command 0x0406 tx timeout [ 216.788562][ T5852] Bluetooth: hci2: command 0x0406 tx timeout [ 216.796189][ T5855] Bluetooth: hci3: command 0x0406 tx timeout [ 216.805858][ T5857] Bluetooth: hci0: command 0x0406 tx timeout [ 260.786417][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.792839][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 322.229578][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.236031][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 332.465956][ T31] INFO: task kworker/u8:4:67 blocked for more than 143 seconds. [ 332.475063][ T31] Tainted: G U 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 [ 332.484353][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 332.493063][ T31] task:kworker/u8:4 state:D stack:23960 pid:67 tgid:67 ppid:2 task_flags:0x4248160 flags:0x00004000 [ 332.505445][ T31] Workqueue: writeback wb_workfn (flush-8:0) [ 332.513420][ T31] Call Trace: [ 332.516739][ T31] [ 332.519701][ T31] __schedule+0x116f/0x5de0 [ 332.525827][ T31] ? blk_mq_flush_plug_list+0x75a/0x1c70 [ 332.531513][ T31] ? __lock_acquire+0x5ca/0x1ba0 [ 332.538915][ T31] ? __pfx___schedule+0x10/0x10 [ 332.545519][ T31] ? __blk_flush_plug+0x2f3/0x4b0 [ 332.550588][ T31] ? find_held_lock+0x2b/0x80 [ 332.556913][ T31] ? schedule+0x2d7/0x3a0 [ 332.561299][ T31] schedule+0xe7/0x3a0 [ 332.567273][ T31] io_schedule+0xbf/0x130 [ 332.571905][ T31] bit_wait_io+0x15/0xe0 [ 332.578668][ T31] __wait_on_bit_lock+0x112/0x1a0 [ 332.586255][ T31] ? __pfx_bit_wait_io+0x10/0x10 [ 332.591257][ T31] out_of_line_wait_on_bit_lock+0xd9/0x110 [ 332.598626][ T31] ? __pfx_out_of_line_wait_on_bit_lock+0x10/0x10 [ 332.606681][ T31] ? __pfx_wake_bit_function+0x10/0x10 [ 332.615298][ T31] ? __pfx___might_resched+0x10/0x10 [ 332.620657][ T31] __lock_buffer+0x67/0x70 [ 332.627147][ T31] do_get_write_access+0x8cd/0x12a0 [ 332.632446][ T31] ? jbd2_write_access_granted+0x61/0x3d0 [ 332.638442][ T31] jbd2_journal_get_write_access+0x1d6/0x280 [ 332.644640][ T31] __ext4_journal_get_write_access+0x6a/0x340 [ 332.650744][ T31] ext4_mb_mark_context+0x175/0xd40 [ 332.656039][ T31] ? find_held_lock+0x2b/0x80 [ 332.660767][ T31] ? __pfx_ext4_mb_mark_context+0x10/0x10 [ 332.666673][ T31] ext4_mb_mark_diskspace_used+0x466/0x8c0 [ 332.672540][ T31] ? ext4_mb_use_preallocated.constprop.0+0xec/0x1550 [ 332.679440][ T31] ? __pfx_ext4_mb_mark_diskspace_used+0x10/0x10 [ 332.686041][ T31] ? ext4_mb_new_blocks+0x977/0x4f00 [ 332.691409][ T31] ext4_mb_new_blocks+0xa5b/0x4f00 [ 332.697588][ T31] ? rcu_is_watching+0x12/0xc0 [ 332.702388][ T31] ? __pfx_ext4_mb_new_blocks+0x10/0x10 [ 332.708024][ T31] ? ext4_ext_search_right+0x2c2/0xb90 [ 332.713569][ T31] ext4_ext_map_blocks+0x1b95/0x5d60 [ 332.719797][ T31] ? stack_trace_save+0x8e/0xc0 [ 332.724792][ T31] ? __pfx_stack_trace_save+0x10/0x10 [ 332.730199][ T31] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 332.735909][ T31] ? inet_gro_receive+0x239/0xdf0 [ 332.740975][ T31] ? __kasan_slab_alloc+0x89/0x90 [ 332.746221][ T31] ? ext4_do_writepages+0x1432/0x3490 [ 332.751632][ T31] ? __pfx___might_resched+0x10/0x10 [ 332.756997][ T31] ? __pfx_down_write+0x10/0x10 [ 332.761883][ T31] ? ext4_es_lookup_extent+0xc7/0xc50 [ 332.767315][ T31] ext4_map_blocks+0x45b/0x1390 [ 332.772218][ T31] ? __pfx_ext4_map_blocks+0x10/0x10 [ 332.777586][ T31] ? trace_kmem_cache_alloc+0x28/0xc0 [ 332.782998][ T31] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 332.788734][ T31] ext4_do_writepages+0x1a2c/0x3490 [ 332.794057][ T31] ? __pfx_ext4_do_writepages+0x10/0x10 [ 332.799645][ T31] ? ext4_writepages+0x37a/0x7d0 [ 332.804693][ T31] ext4_writepages+0x37a/0x7d0 [ 332.809509][ T31] ? __pfx_ext4_writepages+0x10/0x10 [ 332.814903][ T31] ? blk_finish_plug+0x16/0xa0 [ 332.820769][ T31] ? do_writepages+0x6b6/0x820 [ 332.825633][ T31] ? __pfx_ext4_writepages+0x10/0x10 [ 332.830965][ T31] do_writepages+0x1b2/0x820 [ 332.835636][ T31] ? __pfx_do_writepages+0x10/0x10 [ 332.840769][ T31] ? __lock_acquire+0xaa4/0x1ba0 [ 332.845782][ T31] ? reacquire_held_locks+0xcd/0x1f0 [ 332.851109][ T31] __writeback_single_inode+0x160/0xfb0 [ 332.856916][ T31] ? __pfx___writeback_single_inode+0x10/0x10 [ 332.863015][ T31] ? do_raw_spin_unlock+0x172/0x230 [ 332.868456][ T31] writeback_sb_inodes+0x601/0xf90 [ 332.873687][ T31] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 332.879406][ T31] ? __pfx___up_read+0x10/0x10 [ 332.884348][ T31] ? __writeback_inodes_wb+0x104/0x2d0 [ 332.889860][ T31] __writeback_inodes_wb+0xf8/0x2d0 [ 332.895286][ T31] ? __pfx___writeback_inodes_wb+0x10/0x10 [ 332.901157][ T31] ? queue_io+0x3f6/0x520 [ 332.905556][ T31] wb_writeback+0x7f3/0xb70 [ 332.910115][ T31] ? __pfx_wb_writeback+0x10/0x10 [ 332.915261][ T31] ? get_nr_dirty_inodes+0x170/0x1e0 [ 332.921861][ T31] wb_workfn+0x8ca/0xbe0 [ 332.926234][ T31] ? try_to_wake_up+0x157/0x1680 [ 332.931218][ T31] ? __pfx_wb_workfn+0x10/0x10 [ 332.936095][ T31] ? rcu_is_watching+0x12/0xc0 [ 332.940902][ T31] process_one_work+0x9cc/0x1b70 [ 332.946257][ T31] ? __pfx_batadv_dat_purge+0x10/0x10 [ 332.951650][ T31] ? __pfx_process_one_work+0x10/0x10 [ 332.957190][ T31] ? assign_work+0x1a0/0x250 [ 332.961843][ T31] worker_thread+0x6c8/0xf10 [ 332.966689][ T31] ? __kthread_parkme+0x19e/0x250 [ 332.971750][ T31] ? __pfx_worker_thread+0x10/0x10 [ 332.976937][ T31] kthread+0x3c2/0x780 [ 332.981046][ T31] ? __pfx_kthread+0x10/0x10 [ 332.985721][ T31] ? __pfx_kthread+0x10/0x10 [ 332.990353][ T31] ? __pfx_kthread+0x10/0x10 [ 332.995039][ T31] ? __pfx_kthread+0x10/0x10 [ 332.999679][ T31] ? rcu_is_watching+0x12/0xc0 [ 333.004542][ T31] ? __pfx_kthread+0x10/0x10 [ 333.009176][ T31] ret_from_fork+0x45/0x80 [ 333.013680][ T31] ? __pfx_kthread+0x10/0x10 [ 333.018329][ T31] ret_from_fork_asm+0x1a/0x30 [ 333.024379][ T31] [ 333.027536][ T31] INFO: task jbd2/sda1-8:5175 blocked for more than 143 seconds. [ 333.035324][ T31] Tainted: G U 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 [ 333.044586][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 333.053324][ T31] task:jbd2/sda1-8 state:D stack:26008 pid:5175 tgid:5175 ppid:2 task_flags:0x240040 flags:0x00004000 [ 333.065542][ T31] Call Trace: [ 333.068842][ T31] [ 333.071777][ T31] __schedule+0x116f/0x5de0 [ 333.076575][ T31] ? __lock_acquire+0x5ca/0x1ba0 [ 333.081583][ T31] ? __pfx___schedule+0x10/0x10 [ 333.086537][ T31] ? find_held_lock+0x2b/0x80 [ 333.091252][ T31] ? schedule+0x2d7/0x3a0 [ 333.095706][ T31] schedule+0xe7/0x3a0 [ 333.099827][ T31] jbd2_journal_wait_updates+0x11e/0x240 [ 333.105661][ T31] ? __pfx_jbd2_journal_wait_updates+0x10/0x10 [ 333.111868][ T31] ? __pfx_autoremove_wake_function+0x10/0x10 [ 333.118007][ T31] ? __pfx_do_raw_write_lock+0x10/0x10 [ 333.123707][ T31] ? jbd2_journal_commit_transaction+0x4ec/0x6830 [ 333.131054][ T31] jbd2_journal_commit_transaction+0x828/0x6830 [ 333.137413][ T31] ? __lock_acquire+0xaa4/0x1ba0 [ 333.142412][ T31] ? lock_acquire+0x179/0x350 [ 333.147187][ T31] ? do_raw_spin_lock+0x12c/0x2b0 [ 333.152248][ T31] ? __pfx_jbd2_journal_commit_transaction+0x10/0x10 [ 333.159041][ T31] ? do_raw_spin_unlock+0x172/0x230 [ 333.164333][ T31] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 333.170173][ T31] ? debug_object_deactivate+0x1ec/0x3a0 [ 333.175925][ T31] ? __pfx_debug_object_deactivate+0x10/0x10 [ 333.181984][ T31] ? find_held_lock+0x2b/0x80 [ 333.186935][ T31] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 333.192806][ T31] ? rcu_is_watching+0x12/0xc0 [ 333.197683][ T31] kjournald2+0x1f4/0x760 [ 333.202076][ T31] ? __pfx_kjournald2+0x10/0x10 [ 333.207027][ T31] ? find_held_lock+0x2b/0x80 [ 333.211745][ T31] ? __pfx_autoremove_wake_function+0x10/0x10 [ 333.217954][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 333.223252][ T31] ? __kthread_parkme+0x19e/0x250 [ 333.229545][ T31] ? __pfx_kjournald2+0x10/0x10 [ 333.234524][ T31] kthread+0x3c2/0x780 [ 333.238646][ T31] ? __pfx_kthread+0x10/0x10 [ 333.243317][ T31] ? __pfx_kthread+0x10/0x10 [ 333.247974][ T31] ? __pfx_kthread+0x10/0x10 [ 333.252615][ T31] ? __pfx_kthread+0x10/0x10 [ 333.257295][ T31] ? rcu_is_watching+0x12/0xc0 [ 333.262087][ T31] ? __pfx_kthread+0x10/0x10 [ 333.266773][ T31] ret_from_fork+0x45/0x80 [ 333.271237][ T31] ? __pfx_kthread+0x10/0x10 [ 333.275971][ T31] ret_from_fork_asm+0x1a/0x30 [ 333.280808][ T31] [ 333.283920][ T31] INFO: task syz-executor:5828 blocked for more than 144 seconds. [ 333.291749][ T31] Tainted: G U 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 [ 333.301404][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 333.310207][ T31] task:syz-executor state:D stack:22664 pid:5828 tgid:5828 ppid:5826 task_flags:0x400100 flags:0x00000002 [ 333.322352][ T31] Call Trace: [ 333.325672][ T31] [ 333.328630][ T31] __schedule+0x116f/0x5de0 [ 333.334399][ T31] ? __lock_acquire+0x5ca/0x1ba0 [ 333.339426][ T31] ? __pfx___schedule+0x10/0x10 [ 333.344491][ T31] ? find_held_lock+0x2b/0x80 [ 333.349227][ T31] ? schedule+0x2d7/0x3a0 [ 333.353679][ T31] schedule+0xe7/0x3a0 [ 333.357800][ T31] ? wait_transaction_locked+0x17c/0x230 [ 333.363803][ T31] wait_transaction_locked+0x1a1/0x230 [ 333.369324][ T31] ? wait_transaction_locked+0x17c/0x230 [ 333.375449][ T31] ? __pfx_wait_transaction_locked+0x10/0x10 [ 333.381490][ T31] ? stack_depot_save_flags+0x28/0xa50 [ 333.387035][ T31] ? __pfx_autoremove_wake_function+0x10/0x10 [ 333.393228][ T31] add_transaction_credits+0x110/0xe60 [ 333.398755][ T31] ? do_page_mkwrite+0x171/0x380 [ 333.403935][ T31] ? do_wp_page+0xb9e/0x58e0 [ 333.408572][ T31] ? __handle_mm_fault+0x1ada/0x2a40 [ 333.413918][ T31] ? handle_mm_fault+0x3fe/0xad0 [ 333.418890][ T31] ? do_user_addr_fault+0x60c/0x1370 [ 333.424655][ T31] ? __pfx_add_transaction_credits+0x10/0x10 [ 333.430671][ T31] ? lock_acquire+0x179/0x350 [ 333.436469][ T31] start_this_handle+0x3e7/0x1410 [ 333.441560][ T31] ? __pfx_start_this_handle+0x10/0x10 [ 333.447077][ T31] ? rcu_is_watching+0x12/0xc0 [ 333.451875][ T31] ? trace_kmem_cache_alloc+0x28/0xc0 [ 333.457346][ T31] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 333.463016][ T31] ? jbd2__journal_start+0x193/0x6a0 [ 333.468396][ T31] jbd2__journal_start+0x394/0x6a0 [ 333.473635][ T31] __ext4_journal_start_sb+0x195/0x690 [ 333.479150][ T31] ? ext4_dirty_inode+0xa1/0x130 [ 333.484198][ T31] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 333.489613][ T31] ext4_dirty_inode+0xa1/0x130 [ 333.494474][ T31] ? rcu_is_watching+0x12/0xc0 [ 333.499394][ T31] __mark_inode_dirty+0x1eb/0xe50 [ 333.504585][ T31] generic_update_time+0xcf/0xf0 [ 333.509572][ T31] file_update_time+0x17d/0x1c0 [ 333.514766][ T31] ext4_page_mkwrite+0x35e/0x1750 [ 333.519953][ T31] ? anon_pipe_read+0xc85/0x1210 [ 333.525069][ T31] ? __pfx_ext4_page_mkwrite+0x10/0x10 [ 333.530560][ T31] ? vm_normal_page+0x13b/0x2b0 [ 333.536617][ T31] ? find_held_lock+0x2b/0x80 [ 333.541334][ T31] ? find_held_lock+0x2b/0x80 [ 333.546067][ T31] do_page_mkwrite+0x171/0x380 [ 333.550873][ T31] do_wp_page+0xb9e/0x58e0 [ 333.555407][ T31] ? __pfx_do_wp_page+0x10/0x10 [ 333.560312][ T31] ? do_raw_spin_lock+0x12c/0x2b0 [ 333.565443][ T31] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 333.570874][ T31] ? ___pte_offset_map+0x1bc/0x540 [ 333.576104][ T31] __handle_mm_fault+0x1ada/0x2a40 [ 333.581259][ T31] ? __pfx___handle_mm_fault+0x10/0x10 [ 333.586840][ T31] ? lock_vma_under_rcu+0x47d/0x970 [ 333.592096][ T31] ? lock_vma_under_rcu+0x47d/0x970 [ 333.597427][ T31] handle_mm_fault+0x3fe/0xad0 [ 333.602228][ T31] do_user_addr_fault+0x60c/0x1370 [ 333.607410][ T31] exc_page_fault+0x5c/0xc0 [ 333.611964][ T31] asm_exc_page_fault+0x26/0x30 [ 333.616920][ T31] RIP: 0033:0x7fa213a681e5 [ 333.621373][ T31] RSP: 002b:00007ffc52f361e0 EFLAGS: 00010202 [ 333.627734][ T31] RAX: 00007fa20fbedf28 RBX: 00007ffc52f362e0 RCX: 0000000000000000 [ 333.635803][ T31] RDX: 00007fa20fbedf24 RSI: 0000000000000008 RDI: 00007ffc52f362e0 [ 333.645013][ T31] RBP: 00000000000003e6 R08: 0000000000000000 R09: 0000000000000000 [ 333.653008][ T31] R10: 00007ffc52f362c0 R11: 0000000000000000 R12: 0000000000000000 [ 333.661165][ T31] R13: 00000000000120d8 R14: fffffffffffedf28 R15: 00000000000120d8 [ 333.669199][ T31] [ 333.672257][ T31] INFO: task syz.3.993:8294 blocked for more than 144 seconds. [ 333.679958][ T31] Tainted: G U 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 [ 333.689224][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 333.697945][ T31] task:syz.3.993 state:D stack:26488 pid:8294 tgid:8294 ppid:5839 task_flags:0x400040 flags:0x00000004 [ 333.709961][ T31] Call Trace: [ 333.713339][ T31] [ 333.716317][ T31] __schedule+0x116f/0x5de0 [ 333.720870][ T31] ? __lock_acquire+0x5ca/0x1ba0 [ 333.725866][ T31] ? __pfx___schedule+0x10/0x10 [ 333.730790][ T31] ? find_held_lock+0x2b/0x80 [ 333.735802][ T31] ? schedule+0x2d7/0x3a0 [ 333.741286][ T31] schedule+0xe7/0x3a0 [ 333.745596][ T31] ? wait_transaction_locked+0x17c/0x230 [ 333.751270][ T31] wait_transaction_locked+0x1a1/0x230 [ 333.756830][ T31] ? wait_transaction_locked+0x17c/0x230 [ 333.762507][ T31] ? __pfx_wait_transaction_locked+0x10/0x10 [ 333.768568][ T31] ? stack_depot_save_flags+0x28/0xa50 [ 333.774131][ T31] ? __pfx_autoremove_wake_function+0x10/0x10 [ 333.780251][ T31] add_transaction_credits+0x110/0xe60 [ 333.785854][ T31] ? do_page_mkwrite+0x171/0x380 [ 333.790859][ T31] ? do_pte_missing+0x29c/0x3fb0 [ 333.795845][ T31] ? __handle_mm_fault+0x103d/0x2a40 [ 333.801174][ T31] ? handle_mm_fault+0x3fe/0xad0 [ 333.806236][ T31] ? do_user_addr_fault+0x60c/0x1370 [ 333.811555][ T31] ? __pfx_add_transaction_credits+0x10/0x10 [ 333.817602][ T31] ? lock_acquire+0x179/0x350 [ 333.822332][ T31] start_this_handle+0x3e7/0x1410 [ 333.827481][ T31] ? __pfx_start_this_handle+0x10/0x10 [ 333.833000][ T31] ? rcu_is_watching+0x12/0xc0 [ 333.837874][ T31] ? trace_kmem_cache_alloc+0x28/0xc0 [ 333.844580][ T31] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 333.850291][ T31] ? jbd2__journal_start+0x193/0x6a0 [ 333.855671][ T31] jbd2__journal_start+0x394/0x6a0 [ 333.860830][ T31] __ext4_journal_start_sb+0x195/0x690 [ 333.866397][ T31] ? ext4_dirty_inode+0xa1/0x130 [ 333.871375][ T31] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 333.876806][ T31] ext4_dirty_inode+0xa1/0x130 [ 333.881602][ T31] ? rcu_is_watching+0x12/0xc0 [ 333.886463][ T31] __mark_inode_dirty+0x1eb/0xe50 [ 333.891550][ T31] generic_update_time+0xcf/0xf0 [ 333.896565][ T31] file_update_time+0x17d/0x1c0 [ 333.901452][ T31] ext4_page_mkwrite+0x35e/0x1750 [ 333.906565][ T31] ? __pfx_ext4_page_mkwrite+0x10/0x10 [ 333.912069][ T31] do_page_mkwrite+0x171/0x380 [ 333.916911][ T31] do_pte_missing+0x29c/0x3fb0 [ 333.921713][ T31] ? __handle_mm_fault+0x1010/0x2a40 [ 333.927062][ T31] __handle_mm_fault+0x103d/0x2a40 [ 333.932228][ T31] ? __pfx___handle_mm_fault+0x10/0x10 [ 333.937797][ T31] ? lock_vma_under_rcu+0x47d/0x970 [ 333.943042][ T31] ? lock_vma_under_rcu+0x47d/0x970 [ 333.949258][ T31] handle_mm_fault+0x3fe/0xad0 [ 333.954118][ T31] do_user_addr_fault+0x60c/0x1370 [ 333.959277][ T31] exc_page_fault+0x5c/0xc0 [ 333.963863][ T31] asm_exc_page_fault+0x26/0x30 [ 333.968769][ T31] RIP: 0033:0x7f108b86eaa2 [ 333.973245][ T31] RSP: 002b:00007ffd969f7020 EFLAGS: 00010202 [ 333.979368][ T31] RAX: 0000000000009008 RBX: 00007f108c6e5720 RCX: 0000000000000000 [ 333.987892][ T31] RDX: 0000001b30f17000 RSI: 0000000000000008 RDI: 00007f108c6e5720 [ 333.995963][ T31] RBP: 000000000000040c R08: 00007f108afff060 R09: 00007f108bba2000 [ 334.004052][ T31] R10: 00007f108afff008 R11: 0000000000000004 R12: ffffffff8b65ecbe [ 334.012064][ T31] R13: 00007f108bbb6038 R14: 000000000000003c R15: ffffffffffff7000 [ 334.020136][ T31] ? mas_prev_setup.constprop.0+0x1e/0x830 [ 334.026092][ T31] [ 334.029149][ T31] INFO: task syz.2.999:8303 blocked for more than 144 seconds. [ 334.036786][ T31] Tainted: G U 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 [ 334.048316][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 334.057113][ T31] task:syz.2.999 state:D stack:28488 pid:8303 tgid:8303 ppid:5843 task_flags:0x400040 flags:0x00000004 [ 334.069167][ T31] Call Trace: [ 334.072466][ T31] [ 334.075492][ T31] __schedule+0x116f/0x5de0 [ 334.080048][ T31] ? check_path.constprop.0+0x24/0x50 [ 334.085531][ T31] ? __lock_acquire+0x5ca/0x1ba0 [ 334.090522][ T31] ? __pfx___schedule+0x10/0x10 [ 334.095480][ T31] ? find_held_lock+0x2b/0x80 [ 334.100206][ T31] ? schedule+0x2d7/0x3a0 [ 334.104666][ T31] schedule+0xe7/0x3a0 [ 334.108785][ T31] ? wait_transaction_locked+0x17c/0x230 [ 334.114500][ T31] wait_transaction_locked+0x1a1/0x230 [ 334.120028][ T31] ? wait_transaction_locked+0x17c/0x230 [ 334.125843][ T31] ? __pfx_wait_transaction_locked+0x10/0x10 [ 334.131863][ T31] ? stack_depot_save_flags+0x28/0xa50 [ 334.137430][ T31] ? __pfx_autoremove_wake_function+0x10/0x10 [ 334.143639][ T31] add_transaction_credits+0x110/0xe60 [ 334.150323][ T31] ? do_page_mkwrite+0x171/0x380 [ 334.155385][ T31] ? do_pte_missing+0x29c/0x3fb0 [ 334.160382][ T31] ? __handle_mm_fault+0x103d/0x2a40 [ 334.165742][ T31] ? handle_mm_fault+0x3fe/0xad0 [ 334.170759][ T31] ? do_user_addr_fault+0x60c/0x1370 [ 334.176185][ T31] ? __pfx_add_transaction_credits+0x10/0x10 [ 334.182231][ T31] ? lock_acquire+0x179/0x350 [ 334.187112][ T31] start_this_handle+0x3e7/0x1410 [ 334.192209][ T31] ? __pfx_start_this_handle+0x10/0x10 [ 334.197859][ T31] ? rcu_is_watching+0x12/0xc0 [ 334.202654][ T31] ? trace_kmem_cache_alloc+0x28/0xc0 [ 334.208146][ T31] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 334.213871][ T31] ? jbd2__journal_start+0x193/0x6a0 [ 334.219201][ T31] jbd2__journal_start+0x394/0x6a0 [ 334.224401][ T31] __ext4_journal_start_sb+0x195/0x690 [ 334.229928][ T31] ? ext4_dirty_inode+0xa1/0x130 [ 334.234936][ T31] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 334.240358][ T31] ext4_dirty_inode+0xa1/0x130 [ 334.245196][ T31] ? rcu_is_watching+0x12/0xc0 [ 334.249995][ T31] __mark_inode_dirty+0x1eb/0xe50 [ 334.256204][ T31] generic_update_time+0xcf/0xf0 [ 334.261190][ T31] file_update_time+0x17d/0x1c0 [ 334.266127][ T31] ext4_page_mkwrite+0x35e/0x1750 [ 334.271212][ T31] ? __pfx_ext4_page_mkwrite+0x10/0x10 [ 334.276765][ T31] ? __pfx_filemap_map_pages+0x10/0x10 [ 334.282278][ T31] ? pte_alloc_one+0x2b1/0x380 [ 334.287119][ T31] do_page_mkwrite+0x171/0x380 [ 334.291940][ T31] do_pte_missing+0x29c/0x3fb0 [ 334.296900][ T31] ? do_raw_spin_unlock+0x172/0x230 [ 334.302158][ T31] ? __pmd_alloc+0x3c2/0x870 [ 334.306860][ T31] __handle_mm_fault+0x103d/0x2a40 [ 334.312033][ T31] ? __pfx___handle_mm_fault+0x10/0x10 [ 334.317579][ T31] ? lock_vma_under_rcu+0x47d/0x970 [ 334.322832][ T31] ? lock_vma_under_rcu+0x47d/0x970 [ 334.328135][ T31] handle_mm_fault+0x3fe/0xad0 [ 334.332914][ T31] do_user_addr_fault+0x60c/0x1370 [ 334.338091][ T31] exc_page_fault+0x5c/0xc0 [ 334.342639][ T31] asm_exc_page_fault+0x26/0x30 [ 334.347551][ T31] RIP: 0033:0x7f4b9c664c9b [ 334.351985][ T31] RSP: 002b:00007fff1f846020 EFLAGS: 00010246 [ 334.359294][ T31] RAX: 00000000003ffde8 RBX: 0000000000000000 RCX: 0000000000000000 [ 334.367339][ T31] RDX: 0000001b30820000 RSI: 0000000000400000 RDI: 00007f4b9c898eb0 [ 334.375387][ T31] RBP: 0000000000000000 R08: 0000000000000004 R09: 0000000000040000 [ 334.383939][ T31] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 334.391949][ T31] R13: 00000000000927c0 R14: 000000000002dad8 R15: 00007fff1f8462d0 [ 334.400037][ T31] [ 334.403089][ T31] INFO: task syz.0.998:8304 blocked for more than 145 seconds. [ 334.410767][ T31] Tainted: G U 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 [ 334.420002][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 334.428721][ T31] task:syz.0.998 state:D stack:27560 pid:8304 tgid:8304 ppid:5838 task_flags:0x400040 flags:0x00000004 [ 334.440773][ T31] Call Trace: [ 334.444151][ T31] [ 334.447126][ T31] __schedule+0x116f/0x5de0 [ 334.451694][ T31] ? __lock_acquire+0x5ca/0x1ba0 [ 334.457933][ T31] ? __pfx___schedule+0x10/0x10 [ 334.462838][ T31] ? find_held_lock+0x2b/0x80 [ 334.467573][ T31] ? schedule+0x2d7/0x3a0 [ 334.471954][ T31] schedule+0xe7/0x3a0 [ 334.476074][ T31] ? wait_transaction_locked+0x17c/0x230 [ 334.481733][ T31] wait_transaction_locked+0x1a1/0x230 [ 334.487266][ T31] ? wait_transaction_locked+0x17c/0x230 [ 334.492940][ T31] ? __pfx_wait_transaction_locked+0x10/0x10 [ 334.498997][ T31] ? stack_depot_save_flags+0x28/0xa50 [ 334.504563][ T31] ? __pfx_autoremove_wake_function+0x10/0x10 [ 334.510694][ T31] add_transaction_credits+0x110/0xe60 [ 334.516227][ T31] ? do_page_mkwrite+0x171/0x380 [ 334.521224][ T31] ? do_pte_missing+0x29c/0x3fb0 [ 334.526205][ T31] ? __handle_mm_fault+0x103d/0x2a40 [ 334.531519][ T31] ? handle_mm_fault+0x3fe/0xad0 [ 334.536513][ T31] ? do_user_addr_fault+0x60c/0x1370 [ 334.541849][ T31] ? __pfx_add_transaction_credits+0x10/0x10 [ 334.548507][ T31] ? lock_acquire+0x179/0x350 [ 334.553320][ T31] start_this_handle+0x3e7/0x1410 [ 334.559442][ T31] ? __pfx_start_this_handle+0x10/0x10 [ 334.564984][ T31] ? rcu_is_watching+0x12/0xc0 [ 334.569795][ T31] ? trace_kmem_cache_alloc+0x28/0xc0 [ 334.575221][ T31] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 334.580893][ T31] ? jbd2__journal_start+0x193/0x6a0 [ 334.586246][ T31] jbd2__journal_start+0x394/0x6a0 [ 334.591412][ T31] __ext4_journal_start_sb+0x195/0x690 [ 334.596936][ T31] ? ext4_dirty_inode+0xa1/0x130 [ 334.601898][ T31] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 334.607327][ T31] ext4_dirty_inode+0xa1/0x130 [ 334.612120][ T31] ? rcu_is_watching+0x12/0xc0 [ 334.616935][ T31] __mark_inode_dirty+0x1eb/0xe50 [ 334.621996][ T31] generic_update_time+0xcf/0xf0 [ 334.627018][ T31] file_update_time+0x17d/0x1c0 [ 334.631905][ T31] ext4_page_mkwrite+0x35e/0x1750 [ 334.637012][ T31] ? __pfx_ext4_page_mkwrite+0x10/0x10 [ 334.642527][ T31] ? __pfx_filemap_map_pages+0x10/0x10 [ 334.648059][ T31] ? pte_alloc_one+0x2b1/0x380 [ 334.652879][ T31] do_page_mkwrite+0x171/0x380 [ 334.657727][ T31] do_pte_missing+0x29c/0x3fb0 [ 334.663555][ T31] __handle_mm_fault+0x103d/0x2a40 [ 334.668733][ T31] ? __pfx___handle_mm_fault+0x10/0x10 [ 334.674294][ T31] ? lock_vma_under_rcu+0x47d/0x970 [ 334.679558][ T31] ? lock_vma_under_rcu+0x47d/0x970 [ 334.684881][ T31] handle_mm_fault+0x3fe/0xad0 [ 334.689671][ T31] do_user_addr_fault+0x60c/0x1370 [ 334.694908][ T31] exc_page_fault+0x5c/0xc0 [ 334.699489][ T31] asm_exc_page_fault+0x26/0x30 [ 334.705988][ T31] RIP: 0033:0x7f86cf26e247 [ 334.710434][ T31] RSP: 002b:00007ffc3ecee170 EFLAGS: 00010202 [ 334.716950][ T31] RAX: 0000001b30c20000 RBX: 00007f86d00e5720 RCX: 0000001b30620218 [ 334.726145][ T31] RDX: 0000001b30c1fffc RSI: 00000000005ffde8 RDI: 00007f86d00e5700 [ 334.734231][ T31] RBP: 0000000000000000 R08: 00007f86cf5b6038 R09: 00007f86cf5a2000 [ 334.742228][ T31] R10: 00007f86d00e5700 R11: 0000000000000000 R12: 0000000000000000 [ 334.750266][ T31] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000001301 [ 334.758293][ T31] [ 334.761321][ T31] [ 334.761321][ T31] Showing all locks held in the system: [ 334.770146][ T31] 1 lock held by khungtaskd/31: [ 334.775066][ T31] #0: ffffffff8e3bf440 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 [ 334.785064][ T31] 6 locks held by kworker/u8:4/67: [ 334.790202][ T31] #0: ffff88801c6f3148 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 334.801029][ T31] #1: ffffc90001577d18 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 334.812989][ T31] #2: ffff88814cf440e0 (&type->s_umount_key#32){++++}-{4:4}, at: super_trylock_shared+0x1e/0xf0 [ 334.823670][ T31] #3: ffff88814cf46b98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: do_writepages+0x1b2/0x820 [ 334.834058][ T31] #4: ffff888034a50950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x5e4/0x1410 [ 334.843793][ T31] #5: ffff88807ccc02c8 (&ei->i_data_sem){++++}-{4:4}, at: ext4_map_blocks+0x355/0x1390 [ 334.853669][ T31] 2 locks held by kworker/u8:5/204: [ 334.858905][ T31] #0: ffff8880b8439f18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130 [ 334.870113][ T31] #1: ffffc90002f57d18 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 334.881935][ T31] 2 locks held by getty/5600: [ 334.886651][ T31] #0: ffff888034e300a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 334.896481][ T31] #1: ffffc9000334b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0 [ 334.906690][ T31] 2 locks held by syz-executor/5828: [ 334.911997][ T31] #0: ffff88803056b948 (vm_lock){++++}-{0:0}, at: do_user_addr_fault+0x452/0x1370 [ 334.921454][ T31] #1: ffff88814cf44518 (sb_pagefaults){.+.+}-{0:0}, at: do_page_mkwrite+0x171/0x380 [ 334.931087][ T31] 2 locks held by syz.3.993/8294: [ 334.936183][ T31] #0: ffff8880309f1a88 (vm_lock){++++}-{0:0}, at: do_user_addr_fault+0x452/0x1370 [ 334.945700][ T31] #1: ffff88814cf44518 (sb_pagefaults){.+.+}-{0:0}, at: do_page_mkwrite+0x171/0x380 [ 334.955311][ T31] 2 locks held by syz.2.999/8303: [ 334.960348][ T31] #0: ffff8880491bf308 (vm_lock){++++}-{0:0}, at: do_user_addr_fault+0x452/0x1370 [ 334.970761][ T31] #1: ffff88814cf44518 (sb_pagefaults){.+.+}-{0:0}, at: do_page_mkwrite+0x171/0x380 [ 334.980419][ T31] 2 locks held by syz.0.998/8304: [ 334.985490][ T31] #0: ffff88802adb2088 (vm_lock){++++}-{0:0}, at: do_user_addr_fault+0x452/0x1370 [ 334.994909][ T31] #1: ffff88814cf44518 (sb_pagefaults){.+.+}-{0:0}, at: do_page_mkwrite+0x171/0x380 [ 335.004524][ T31] [ 335.006889][ T31] ============================================= [ 335.006889][ T31] [ 335.015400][ T31] NMI backtrace for cpu 1 [ 335.015426][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Tainted: G U 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(full) [ 335.015467][ T31] Tainted: [U]=USER [ 335.015476][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 335.015493][ T31] Call Trace: [ 335.015502][ T31] [ 335.015512][ T31] dump_stack_lvl+0x116/0x1f0 [ 335.015560][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 335.015593][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 335.015625][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 335.015674][ T31] watchdog+0xf70/0x12c0 [ 335.015741][ T31] ? __pfx_watchdog+0x10/0x10 [ 335.015782][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 335.015828][ T31] ? __kthread_parkme+0x19e/0x250 [ 335.015882][ T31] ? __pfx_watchdog+0x10/0x10 [ 335.015922][ T31] kthread+0x3c2/0x780 [ 335.015966][ T31] ? __pfx_kthread+0x10/0x10 [ 335.016007][ T31] ? __pfx_kthread+0x10/0x10 [ 335.016050][ T31] ? __pfx_kthread+0x10/0x10 [ 335.016092][ T31] ? __pfx_kthread+0x10/0x10 [ 335.016134][ T31] ? rcu_is_watching+0x12/0xc0 [ 335.016171][ T31] ? __pfx_kthread+0x10/0x10 [ 335.016215][ T31] ret_from_fork+0x45/0x80 [ 335.016242][ T31] ? __pfx_kthread+0x10/0x10 [ 335.016286][ T31] ret_from_fork_asm+0x1a/0x30 [ 335.016348][ T31] [ 335.016357][ T31] Sending NMI from CPU 1 to CPUs 0: [ 335.154862][ C0] NMI backtrace for cpu 0 [ 335.154883][ C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G U 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(full) [ 335.154918][ C0] Tainted: [U]=USER [ 335.154926][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 335.154940][ C0] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 335.154978][ C0] Code: 46 60 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 83 e9 1a 00 fb f4 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 335.155001][ C0] RSP: 0018:ffffffff8e007e10 EFLAGS: 000002c2 [ 335.155019][ C0] RAX: 0000000000157a55 RBX: 0000000000000000 RCX: ffffffff8b6f03e9 [ 335.155034][ C0] RDX: 0000000000000000 RSI: ffffffff8dbe98c0 RDI: ffffffff8bf44f00 [ 335.155049][ C0] RBP: fffffbfff1c12ee8 R08: 0000000000000001 R09: ffffed10170865bd [ 335.155064][ C0] R10: ffff8880b8432deb R11: 0000000000000000 R12: 0000000000000000 [ 335.155078][ C0] R13: ffffffff8e097740 R14: ffffffff90866710 R15: 0000000000000000 [ 335.155093][ C0] FS: 0000000000000000(0000) GS:ffff8881249bf000(0000) knlGS:0000000000000000 [ 335.155115][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 335.155131][ C0] CR2: 000055bf12813518 CR3: 000000000e180000 CR4: 00000000003526f0 [ 335.155146][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 335.155160][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 335.155174][ C0] Call Trace: [ 335.155181][ C0] [ 335.155189][ C0] default_idle+0x13/0x20 [ 335.155209][ C0] default_idle_call+0x6d/0xb0 [ 335.155229][ C0] do_idle+0x391/0x510 [ 335.155256][ C0] ? __pfx_do_idle+0x10/0x10 [ 335.155281][ C0] ? trace_sched_exit_tp+0x31/0x130 [ 335.155315][ C0] cpu_startup_entry+0x4f/0x60 [ 335.155341][ C0] rest_init+0x16b/0x2b0 [ 335.155372][ C0] ? acpi_subsystem_init+0x133/0x180 [ 335.155423][ C0] ? __pfx_x86_late_time_init+0x10/0x10 [ 335.155458][ C0] start_kernel+0x3e9/0x4d0 [ 335.155490][ C0] x86_64_start_reservations+0x18/0x30 [ 335.155522][ C0] x86_64_start_kernel+0xb0/0xc0 [ 335.155554][ C0] common_startup_64+0x13e/0x148 [ 335.155592][ C0] [ 335.155913][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 335.376081][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G U 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(full) [ 335.389463][ T31] Tainted: [U]=USER [ 335.393271][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 335.403332][ T31] Call Trace: [ 335.406614][ T31] [ 335.409549][ T31] dump_stack_lvl+0x3d/0x1f0 [ 335.414169][ T31] panic+0x71c/0x800 [ 335.418086][ T31] ? __pfx_panic+0x10/0x10 [ 335.422519][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 335.427913][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 335.433900][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 335.439283][ T31] ? watchdog+0xdda/0x12c0 [ 335.443716][ T31] ? watchdog+0xdcd/0x12c0 [ 335.448153][ T31] watchdog+0xdeb/0x12c0 [ 335.452414][ T31] ? __pfx_watchdog+0x10/0x10 [ 335.457134][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 335.462348][ T31] ? __kthread_parkme+0x19e/0x250 [ 335.467397][ T31] ? __pfx_watchdog+0x10/0x10 [ 335.472097][ T31] kthread+0x3c2/0x780 [ 335.476204][ T31] ? __pfx_kthread+0x10/0x10 [ 335.480822][ T31] ? __pfx_kthread+0x10/0x10 [ 335.485457][ T31] ? __pfx_kthread+0x10/0x10 [ 335.490059][ T31] ? __pfx_kthread+0x10/0x10 [ 335.494668][ T31] ? rcu_is_watching+0x12/0xc0 [ 335.499437][ T31] ? __pfx_kthread+0x10/0x10 [ 335.504046][ T31] ret_from_fork+0x45/0x80 [ 335.508466][ T31] ? __pfx_kthread+0x10/0x10 [ 335.513068][ T31] ret_from_fork_asm+0x1a/0x30 [ 335.517866][ T31] [ 335.521217][ T31] Kernel Offset: disabled [ 335.525551][ T31] Rebooting in 86400 seconds..