syzkaller login: [   91.937678][   T55] cfg80211: failed to load regulatory.db
Warning: Permanently added '[localhost]:58047' (ED25519) to the list of known hosts.
2025/10/29 16:49:28 parsed 1 programs
[  240.352590][ T5344] cgroup: Unknown subsys name 'net'
[  240.421453][ T5344] cgroup: Unknown subsys name 'cpuset'
[  240.426677][ T5344] cgroup: Unknown subsys name 'rlimit'
[  242.141812][ T5344] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  245.656892][ T5352] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  247.202824][ T5381] chnl_net:caif_netlink_parms(): no params data found
[  247.273567][ T5381] bridge0: port 1(bridge_slave_0) entered blocking state
[  247.277775][ T5381] bridge0: port 1(bridge_slave_0) entered disabled state
[  247.280944][ T5381] bridge_slave_0: entered allmulticast mode
[  247.284774][ T5381] bridge_slave_0: entered promiscuous mode
[  247.291455][ T5381] bridge0: port 2(bridge_slave_1) entered blocking state
[  247.294526][ T5381] bridge0: port 2(bridge_slave_1) entered disabled state
[  247.298040][ T5381] bridge_slave_1: entered allmulticast mode
[  247.301674][ T5381] bridge_slave_1: entered promiscuous mode
[  247.324136][ T5381] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  247.330760][ T5381] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  247.351891][ T5381] team0: Port device team_slave_0 added
[  247.356179][ T5381] team0: Port device team_slave_1 added
[  247.377075][ T5381] batman_adv: batadv0: Adding interface: batadv_slave_0
[  247.380669][ T5381] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  247.392244][ T5381] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  247.399356][ T5381] batman_adv: batadv0: Adding interface: batadv_slave_1
[  247.402393][ T5381] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  247.413739][ T5381] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  247.460444][ T5381] hsr_slave_0: entered promiscuous mode
[  247.464344][ T5381] hsr_slave_1: entered promiscuous mode
[  247.604424][ T5381] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  247.613772][ T5381] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  247.621388][ T5381] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  247.629969][ T5381] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  247.694103][ T5381] bridge0: port 2(bridge_slave_1) entered blocking state
[  247.697601][ T5381] bridge0: port 2(bridge_slave_1) entered forwarding state
[  247.791811][ T5381] 8021q: adding VLAN 0 to HW filter on device bond0
[  247.806213][   T56] bridge0: port 2(bridge_slave_1) entered disabled state
[  247.821869][ T5381] 8021q: adding VLAN 0 to HW filter on device team0
[  247.832023][   T56] bridge0: port 1(bridge_slave_0) entered blocking state
[  247.835256][   T56] bridge0: port 1(bridge_slave_0) entered forwarding state
[  247.849035][   T56] bridge0: port 2(bridge_slave_1) entered blocking state
[  247.852362][   T56] bridge0: port 2(bridge_slave_1) entered forwarding state
[  248.021562][ T5381] 8021q: adding VLAN 0 to HW filter on device batadv0
[  248.056695][ T5381] veth0_vlan: entered promiscuous mode
[  248.065362][ T5381] veth1_vlan: entered promiscuous mode
[  248.092718][ T5381] veth0_macvtap: entered promiscuous mode
[  248.101346][ T5381] veth1_macvtap: entered promiscuous mode
[  248.120280][ T5381] batman_adv: batadv0: Interface activated: batadv_slave_0
[  248.131119][ T5381] batman_adv: batadv0: Interface activated: batadv_slave_1
[  248.142219][   T56] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  248.161118][   T56] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  248.164789][   T56] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  248.179979][   T56] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  248.325572][   T56] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.384359][   T56] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.428967][   T56] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.469907][   T56] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.714112][ T5415] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  248.718314][ T5415] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  248.721714][ T5415] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  248.725182][ T5415] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  248.729744][ T5415] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  250.226596][ T1039] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  250.235870][ T1039] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  250.265226][ T1048] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  250.268845][ T1048] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  250.778366][   T56] bridge_slave_1: left allmulticast mode
[  250.780956][   T56] bridge_slave_1: left promiscuous mode
[  250.796095][   T56] bridge0: port 2(bridge_slave_1) entered disabled state
[  250.816819][   T56] bridge_slave_0: left allmulticast mode
[  250.827725][   T56] bridge_slave_0: left promiscuous mode
[  250.830244][   T56] bridge0: port 1(bridge_slave_0) entered disabled state
2025/10/29 16:49:41 executed programs: 0
[  250.955845][ T5415] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  250.960126][ T5415] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  250.963786][ T5415] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  250.977415][ T5415] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  250.981560][ T5415] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  251.328960][   T56] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  251.335061][   T56] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  251.340868][   T56] bond0 (unregistering): Released all slaves
[  251.456918][   T56] hsr_slave_0: left promiscuous mode
[  251.467221][   T56] hsr_slave_1: left promiscuous mode
[  251.473374][   T56] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  251.476659][   T56] batman_adv: batadv0: Removing interface: batadv_slave_0
[  251.490930][   T56] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  251.494163][   T56] batman_adv: batadv0: Removing interface: batadv_slave_1
[  251.519323][   T56] veth1_macvtap: left promiscuous mode
[  251.521875][   T56] veth0_macvtap: left promiscuous mode
[  251.524565][   T56] veth1_vlan: left promiscuous mode
[  251.526996][   T56] veth0_vlan: left promiscuous mode
[  251.933572][   T56] team0 (unregistering): Port device team_slave_1 removed
[  251.952495][   T56] team0 (unregistering): Port device team_slave_0 removed
[  252.475578][ T5454] chnl_net:caif_netlink_parms(): no params data found
[  252.926839][ T5454] bridge0: port 1(bridge_slave_0) entered blocking state
[  252.940392][ T5454] bridge0: port 1(bridge_slave_0) entered disabled state
[  252.943445][ T5454] bridge_slave_0: entered allmulticast mode
[  252.969699][ T5454] bridge_slave_0: entered promiscuous mode
[  253.050751][ T5415] Bluetooth: hci0: command tx timeout
[  253.059448][ T5454] bridge0: port 2(bridge_slave_1) entered blocking state
[  253.074208][ T5454] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.089781][ T5454] bridge_slave_1: entered allmulticast mode
[  253.111860][ T5454] bridge_slave_1: entered promiscuous mode
[  253.183381][ T5454] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  253.244178][ T5454] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  253.390969][ T5454] team0: Port device team_slave_0 added
[  253.395423][ T5454] team0: Port device team_slave_1 added
[  253.469753][ T5454] batman_adv: batadv0: Adding interface: batadv_slave_0
[  253.472725][ T5454] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  253.492190][ T5454] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  253.510122][ T5454] batman_adv: batadv0: Adding interface: batadv_slave_1
[  253.513207][ T5454] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  253.543882][ T5454] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  253.676366][ T5454] hsr_slave_0: entered promiscuous mode
[  253.688975][ T5454] hsr_slave_1: entered promiscuous mode
[  254.256929][ T5454] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  254.278255][ T5454] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  254.291128][ T5454] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  254.309168][ T5454] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  254.454670][ T5454] 8021q: adding VLAN 0 to HW filter on device bond0
[  254.485675][ T5454] 8021q: adding VLAN 0 to HW filter on device team0
[  254.515540][ T1042] bridge0: port 1(bridge_slave_0) entered blocking state
[  254.518826][ T1042] bridge0: port 1(bridge_slave_0) entered forwarding state
[  254.538816][   T56] bridge0: port 2(bridge_slave_1) entered blocking state
[  254.542173][   T56] bridge0: port 2(bridge_slave_1) entered forwarding state
[  254.905239][ T5454] 8021q: adding VLAN 0 to HW filter on device batadv0
[  254.989962][ T5454] veth0_vlan: entered promiscuous mode
[  255.010961][ T5454] veth1_vlan: entered promiscuous mode
[  255.063774][ T5454] veth0_macvtap: entered promiscuous mode
[  255.081332][ T5454] veth1_macvtap: entered promiscuous mode
[  255.113616][ T5454] batman_adv: batadv0: Interface activated: batadv_slave_0
[  255.128816][ T5415] Bluetooth: hci0: command tx timeout
[  255.135116][ T5454] batman_adv: batadv0: Interface activated: batadv_slave_1
[  255.159387][   T56] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  255.180359][   T56] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  255.202238][   T56] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  255.206219][   T56] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  255.290924][ T1039] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  255.294730][ T1039] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  255.365305][ T1048] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  255.380778][ T1048] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  255.864633][ T5520] loop0: detected capacity change from 0 to 32768
[  257.207495][ T5415] Bluetooth: hci0: command tx timeout
[  259.287627][ T5415] Bluetooth: hci0: command tx timeout
[  260.895187][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[  260.898375][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[  270.525800][ T4667] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  270.531335][ T4667] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  270.535361][ T4667] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  270.539881][ T4667] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  270.543726][ T4667] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  271.247153][ T5525] chnl_net:caif_netlink_parms(): no params data found
[  271.379753][ T5525] bridge0: port 1(bridge_slave_0) entered blocking state
[  271.387649][ T5525] bridge0: port 1(bridge_slave_0) entered disabled state
[  271.390970][ T5525] bridge_slave_0: entered allmulticast mode
[  271.407608][ T5525] bridge_slave_0: entered promiscuous mode
[  271.411989][ T5525] bridge0: port 2(bridge_slave_1) entered blocking state
[  271.415182][ T5525] bridge0: port 2(bridge_slave_1) entered disabled state
[  271.427758][ T5525] bridge_slave_1: entered allmulticast mode
[  271.432215][ T5525] bridge_slave_1: entered promiscuous mode
[  271.482797][ T5525] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  271.500229][ T5525] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  271.545232][ T5525] team0: Port device team_slave_0 added
[  271.559842][ T5525] team0: Port device team_slave_1 added
[  271.603988][ T5525] batman_adv: batadv0: Adding interface: batadv_slave_0
[  271.617473][ T5525] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  271.637379][ T5525] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  271.648082][ T5525] batman_adv: batadv0: Adding interface: batadv_slave_1
[  271.651204][ T5525] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  271.677423][ T5525] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  271.746688][ T5525] hsr_slave_0: entered promiscuous mode
[  271.758795][ T5525] hsr_slave_1: entered promiscuous mode
[  271.761937][ T5525] debugfs: 'hsr0' already exists in 'hsr'
[  271.764313][ T5525] Cannot create hsr debugfs directory
[  272.061828][ T5525] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  272.079002][ T5525] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  272.094817][ T5525] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  272.109051][ T5525] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  272.158401][ T5525] bridge0: port 2(bridge_slave_1) entered blocking state
[  272.161835][ T5525] bridge0: port 2(bridge_slave_1) entered forwarding state
[  272.165205][ T5525] bridge0: port 1(bridge_slave_0) entered blocking state
[  272.168188][ T5525] bridge0: port 1(bridge_slave_0) entered forwarding state
[  272.250204][ T1039] bridge0: port 1(bridge_slave_0) entered disabled state
[  272.253403][ T1039] bridge0: port 2(bridge_slave_1) entered disabled state
[  272.270420][ T5525] 8021q: adding VLAN 0 to HW filter on device bond0
[  272.299384][ T5525] 8021q: adding VLAN 0 to HW filter on device team0
[  272.311720][   T56] bridge0: port 1(bridge_slave_0) entered blocking state
[  272.314368][   T56] bridge0: port 1(bridge_slave_0) entered forwarding state
[  272.338459][ T1048] bridge0: port 2(bridge_slave_1) entered blocking state
[  272.341854][ T1048] bridge0: port 2(bridge_slave_1) entered forwarding state
[  272.386667][ T5525] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  272.397715][ T5525] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  272.568417][ T4667] Bluetooth: hci1: command tx timeout
[  272.670272][ T5525] 8021q: adding VLAN 0 to HW filter on device batadv0
[  272.731769][ T5525] veth0_vlan: entered promiscuous mode
[  272.751636][ T5525] veth1_vlan: entered promiscuous mode
[  272.793473][ T5525] veth0_macvtap: entered promiscuous mode
[  272.810445][ T5525] veth1_macvtap: entered promiscuous mode
[  272.849239][ T5525] batman_adv: batadv0: Interface activated: batadv_slave_0
[  272.860148][ T5525] batman_adv: batadv0: Interface activated: batadv_slave_1
[  272.882859][   T56] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  272.886797][   T56] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  272.899249][   T56] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  272.903256][   T56] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  272.993752][ T1039] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  272.997164][ T1039] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  273.051796][ T1048] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  273.055213][ T1048] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/10/29 16:50:03 executed programs: 3
[  274.649278][ T4667] Bluetooth: hci1: command tx timeout
[  276.730096][ T4667] Bluetooth: hci1: command tx timeout
2025/10/29 16:50:08 executed programs: 13
[  278.807788][ T4667] Bluetooth: hci1: command tx timeout
2025/10/29 16:50:13 executed programs: 24
2025/10/29 16:50:19 executed programs: 35
2025/10/29 16:50:24 executed programs: 46
2025/10/29 16:50:29 executed programs: 57
2025/10/29 16:50:34 executed programs: 68
2025/10/29 16:50:40 executed programs: 79
2025/10/29 16:50:45 executed programs: 90
2025/10/29 16:50:50 executed programs: 101
[  322.339196][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[  322.341669][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
2025/10/29 16:50:55 executed programs: 112
2025/10/29 16:51:01 executed programs: 123
2025/10/29 16:51:06 executed programs: 134
2025/10/29 16:51:11 executed programs: 145
2025/10/29 16:51:16 executed programs: 156
2025/10/29 16:51:21 executed programs: 167
2025/10/29 16:51:27 executed programs: 178
2025/10/29 16:51:32 executed programs: 189
2025/10/29 16:51:37 executed programs: 200
2025/10/29 16:51:42 executed programs: 211
[  375.607423][ T5415] Bluetooth: hci0: command 0x0406 tx timeout
2025/10/29 16:51:48 executed programs: 222
2025/10/29 16:51:53 executed programs: 233
[  383.773219][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[  383.775498][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
2025/10/29 16:51:58 executed programs: 244
2025/10/29 16:52:03 executed programs: 255
[  396.089608][ T5415] Bluetooth: hci1: command 0x0406 tx timeout
2025/10/29 16:52:08 executed programs: 266
2025/10/29 16:52:13 executed programs: 277
2025/10/29 16:52:18 executed programs: 288
2025/10/29 16:52:23 executed programs: 299
2025/10/29 16:52:29 executed programs: 310
2025/10/29 16:52:34 executed programs: 321
2025/10/29 16:52:39 executed programs: 332
2025/10/29 16:52:44 executed programs: 343
2025/10/29 16:52:49 executed programs: 354
2025/10/29 16:52:54 executed programs: 365
[  445.209036][   T26] INFO: task kworker/u4:4:56 blocked for more than 143 seconds.
[  445.212044][   T26]       Not tainted syzkaller #0
[  445.213932][   T26] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  445.219807][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[  445.222487][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[  445.236199][   T26] task:kworker/u4:4    state:D stack:19944 pid:56    tgid:56    ppid:2      task_flags:0x4208060 flags:0x00080000
[  445.247530][   T26] Workqueue: writeback wb_workfn (flush-7:0)
[  445.250250][   T26] Call Trace:
[  445.251678][   T26]  <TASK>
[  445.264191][   T26]  __schedule+0x1798/0x4cc0
[  445.266127][   T26]  ? blk_mq_flush_plug_list+0x48b/0x550
[  445.277349][   T26]  ? __pfx_blk_mq_flush_plug_list+0x10/0x10
[  445.287374][   T26]  ? __lock_acquire+0xab9/0xd20
[  445.289672][   T26]  ? __pfx___schedule+0x10/0x10
[  445.291431][   T26]  ? schedule+0x91/0x360
[  445.293138][   T26]  schedule+0x165/0x360
[  445.294936][   T26]  schedule_preempt_disabled+0x13/0x30
[  445.317353][   T26]  __mutex_lock+0x7e6/0x1350
[  445.319402][   T26]  ? __mutex_lock+0x5bb/0x1350
[  445.321405][   T26]  ? jfs_commit_inode+0x1ca/0x530
[  445.323420][   T26]  ? __pfx___mutex_lock+0x10/0x10
[  445.325478][   T26]  ? __lock_acquire+0xab9/0xd20
[  445.347372][   T26]  jfs_commit_inode+0x1ca/0x530
[  445.349586][   T26]  ? __pfx_jfs_commit_inode+0x10/0x10
[  445.352017][   T26]  jfs_write_inode+0x145/0x220
[  445.354118][   T26]  __writeback_single_inode+0x6f1/0xff0
[  445.387896][   T26]  writeback_sb_inodes+0x6c7/0x1010
[  445.397419][   T26]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  445.399809][   T26]  ? __pfx_down_read_trylock+0x10/0x10
[  445.402464][   T26]  ? __pfx___up_read+0x10/0x10
[  445.404472][   T26]  __writeback_inodes_wb+0x111/0x240
[  445.406628][   T26]  wb_writeback+0x44f/0xaf0
[  445.427923][   T26]  ? queue_io+0x3a1/0x590
[  445.430254][   T26]  ? __pfx_wb_writeback+0x10/0x10
[  445.437375][   T26]  wb_workfn+0xaef/0xef0
[  445.439318][   T26]  ? __pfx_wb_workfn+0x10/0x10
[  445.441466][   T26]  ? __lock_acquire+0xab9/0xd20
[  445.443633][   T26]  ? process_scheduled_works+0x9ef/0x17b0
[  445.446110][   T26]  ? _raw_spin_unlock_irq+0x23/0x50
[  445.477325][   T26]  ? process_scheduled_works+0x9ef/0x17b0
[  445.487348][   T26]  ? process_scheduled_works+0x9ef/0x17b0
[  445.489867][   T26]  process_scheduled_works+0xae1/0x17b0
[  445.492382][   T26]  ? __pfx_process_scheduled_works+0x10/0x10
[  445.494995][   T26]  worker_thread+0x8a0/0xda0
[  445.496953][   T26]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  445.517685][   T26]  ? __kthread_parkme+0x7b/0x200
[  445.519931][   T26]  kthread+0x711/0x8a0
[  445.521690][   T26]  ? __pfx_worker_thread+0x10/0x10
[  445.523805][   T26]  ? __pfx_kthread+0x10/0x10
[  445.525860][   T26]  ? _raw_spin_unlock_irq+0x23/0x50
[  445.557403][   T26]  ? lockdep_hardirqs_on+0x9c/0x150
[  445.567357][   T26]  ? __pfx_kthread+0x10/0x10
[  445.569472][   T26]  ret_from_fork+0x4bc/0x870
[  445.571757][   T26]  ? __pfx_ret_from_fork+0x10/0x10
[  445.573867][   T26]  ? __pfx_kthread+0x10/0x10
[  445.575884][   T26]  ret_from_fork_asm+0x1a/0x30
[  445.598218][   T26]  </TASK>
[  445.600366][   T26] 
[  445.600366][   T26] Showing all locks held in the system:
[  445.603175][   T26] 1 lock held by khungtaskd/26:
[  445.605182][   T26]  #0: ffffffff8df3d2e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  445.627502][   T26] 4 locks held by kworker/u4:4/56:
[  445.638547][   T26]  #0: ffff888030f6e948 ((wq_completion)writeback){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  445.643472][   T26]  #1: ffffc9000102fba0 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  445.662947][   T26]  #2: ffff8880339cc0e0 (&type->s_umount_key#54){.+.+}-{4:4}, at: super_trylock_shared+0x20/0xf0
[  445.667194][   T26]  #3: ffff888041022f90 (&jfs_ip->commit_mutex){+.+.}-{4:4}, at: jfs_commit_inode+0x1ca/0x530
[  445.692022][   T26] 2 locks held by getty/5107:
[  445.694117][   T26]  #0: ffff8880337640a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  445.717363][   T26]  #1: ffffc9000282b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  445.722018][   T26] 4 locks held by syz.0.17/5520:
[  445.737473][   T26] 
[  445.738642][   T26] =============================================
[  445.738642][   T26] 
[  445.742475][   T26] NMI backtrace for cpu 0
[  445.742488][   T26] CPU: 0 UID: 0 PID: 26 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  445.742500][   T26] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  445.742506][   T26] Call Trace:
[  445.742514][   T26]  <TASK>
[  445.742519][   T26]  dump_stack_lvl+0x189/0x250
[  445.742541][   T26]  ? __pfx_dump_stack_lvl+0x10/0x10
[  445.742554][   T26]  ? __pfx__printk+0x10/0x10
[  445.742571][   T26]  nmi_cpu_backtrace+0x39e/0x3d0
[  445.742589][   T26]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  445.742604][   T26]  ? __pfx__printk+0x10/0x10
[  445.742615][   T26]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  445.742632][   T26]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  445.742648][   T26]  watchdog+0xf60/0xfa0
[  445.742661][   T26]  ? watchdog+0x1e2/0xfa0
[  445.742674][   T26]  kthread+0x711/0x8a0
[  445.742689][   T26]  ? __pfx_watchdog+0x10/0x10
[  445.742699][   T26]  ? __pfx_kthread+0x10/0x10
[  445.742712][   T26]  ? _raw_spin_unlock_irq+0x23/0x50
[  445.742723][   T26]  ? lockdep_hardirqs_on+0x9c/0x150
[  445.742734][   T26]  ? __pfx_kthread+0x10/0x10
[  445.742747][   T26]  ret_from_fork+0x4bc/0x870
[  445.742760][   T26]  ? __pfx_ret_from_fork+0x10/0x10
[  445.742775][   T26]  ? __pfx_kthread+0x10/0x10
[  445.742788][   T26]  ret_from_fork_asm+0x1a/0x30
[  445.742806][   T26]  </TASK>
2025/10/29 16:52:59 executed programs: 375
2025/10/29 16:53:05 executed programs: 386

VM DIAGNOSIS:
16:52:55  Registers:
info registers vcpu 0

CPU#0
RAX=000000000000003e RBX=000000000000003e RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc900004d7690
R8 =ffff888033a40237 R9 =1ffff11006748046 R10=dffffc0000000000 R11=ffffffff851664a0
R12=dffffc0000000000 R13=ffffffff997e1900 R14=ffffffff99af5320 R15=0000000000000000
RIP=ffffffff8516651c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88808d733000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f7c33b58000 CR3=0000000059a04000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000080040001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc11098140 00007ffc11098120
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc11098280 00007ffc11098100
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc11098140
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc11098280
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc11098280 00007ffc11098100
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc11098140 00007ffc11098120
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7c3c41307c
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7c3c41315a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 02810949c49a5297 969b90844aa87ab5 3425fabedff0071d 671c6fcdddec9c78
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0063696e61703d73 726f727265006f72 2d746e756f6d6572 3d73726f72726500
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00464c4b44551856 574a575740004a57 08514b504a484057 1856574a57574000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000