Warning: Permanently added '10.128.1.99' (ED25519) to the list of known hosts. 2026/01/16 13:17:54 parsed 1 programs syzkaller login: [ 62.745401][ T4188] cgroup: Unknown subsys name 'net' [ 62.876806][ T4188] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 64.230550][ T4188] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 66.900894][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.921705][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.933670][ T822] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 66.946382][ T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.955477][ T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.965534][ T822] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 67.486259][ T4242] chnl_net:caif_netlink_parms(): no params data found [ 67.577109][ T4242] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.586823][ T4242] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.595542][ T4242] device bridge_slave_0 entered promiscuous mode [ 67.604579][ T4242] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.612030][ T4242] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.619921][ T4242] device bridge_slave_1 entered promiscuous mode [ 67.640913][ T4242] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 67.653233][ T4242] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.673808][ T4242] team0: Port device team_slave_0 added [ 67.682043][ T4242] team0: Port device team_slave_1 added [ 67.697977][ T4242] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 67.705151][ T4242] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.732145][ T4242] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 67.744993][ T4242] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 67.752605][ T4242] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.779524][ T4242] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 67.810613][ T4242] device hsr_slave_0 entered promiscuous mode [ 67.818076][ T4242] device hsr_slave_1 entered promiscuous mode [ 67.899069][ T4242] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 67.913425][ T4242] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 67.923812][ T4242] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 67.933470][ T4242] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 67.996903][ T4242] 8021q: adding VLAN 0 to HW filter on device bond0 [ 68.008589][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 68.020392][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 68.032369][ T4242] 8021q: adding VLAN 0 to HW filter on device team0 [ 68.043948][ T822] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 68.053266][ T822] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 68.063111][ T822] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.070364][ T822] bridge0: port 1(bridge_slave_0) entered forwarding state [ 68.080079][ T822] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 68.115527][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 68.124393][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 68.133038][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.140257][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 68.153556][ T822] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 68.165217][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 68.191175][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 68.200723][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 68.209697][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 68.222200][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 68.232531][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 68.243046][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 68.252190][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 68.283363][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 68.292492][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 68.303614][ T4242] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 68.412831][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 68.420329][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 68.434798][ T4242] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 68.450250][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 68.459994][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 68.497080][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 68.508919][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 68.518259][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 68.526998][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 68.537455][ T4242] device veth0_vlan entered promiscuous mode [ 68.572693][ T4242] device veth1_vlan entered promiscuous mode [ 68.595982][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 68.604673][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 68.614193][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 68.623760][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 68.640728][ T4242] device veth0_macvtap entered promiscuous mode [ 68.667563][ T4242] device veth1_macvtap entered promiscuous mode [ 68.682133][ T4242] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 68.690441][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 68.699196][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 68.709133][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 68.718260][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 68.734276][ T4242] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 68.745036][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 68.754201][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 68.779832][ T4242] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.789403][ T4242] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.798547][ T4242] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.807904][ T4242] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 2026/01/16 13:18:02 executed programs: 0 [ 69.638513][ T4301] chnl_net:caif_netlink_parms(): no params data found [ 69.699520][ T4301] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.709488][ T4301] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.718299][ T4301] device bridge_slave_0 entered promiscuous mode [ 69.731048][ T4301] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.738325][ T4301] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.748749][ T4301] device bridge_slave_1 entered promiscuous mode [ 69.777574][ T4301] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.789320][ T4301] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.824797][ T4301] team0: Port device team_slave_0 added [ 69.833878][ T4301] team0: Port device team_slave_1 added [ 69.856653][ T4301] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.864452][ T4301] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.894226][ T4301] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.909289][ T4301] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.918672][ T4301] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.947952][ T4301] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.996209][ T4301] device hsr_slave_0 entered promiscuous mode [ 70.005973][ T4301] device hsr_slave_1 entered promiscuous mode [ 70.013675][ T4301] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 70.024314][ T4301] Cannot create hsr debugfs directory [ 70.117484][ T4301] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.542354][ T4284] Bluetooth: hci0: command 0x0409 tx timeout [ 73.143752][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 73.150461][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 73.607414][ T4301] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.621676][ T21] Bluetooth: hci0: command 0x041b tx timeout [ 74.055495][ T4301] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.127050][ T4301] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.216738][ T4301] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 74.234962][ T4301] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 74.244424][ T4301] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 74.253677][ T4301] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 74.308759][ T4301] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.328487][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 74.336555][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 74.347384][ T4301] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.357408][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 74.366737][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 74.376238][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.383809][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.409168][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 74.418008][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 74.427726][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 74.437294][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.444519][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.454657][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 74.463510][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 74.472597][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 74.482479][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 74.491262][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 74.500508][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 74.509912][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 74.529833][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 74.539020][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 74.550295][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 74.561141][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 74.573372][ T4301] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 74.658776][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 74.666949][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 74.678224][ T4301] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.695644][ T390] device hsr_slave_0 left promiscuous mode [ 74.703303][ T390] device hsr_slave_1 left promiscuous mode [ 74.710343][ T390] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 74.718071][ T390] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 74.727002][ T390] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 74.735313][ T390] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 74.743341][ T390] device bridge_slave_1 left promiscuous mode [ 74.750295][ T390] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.764251][ T390] device bridge_slave_0 left promiscuous mode [ 74.770490][ T390] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.787164][ T390] device veth1_macvtap left promiscuous mode [ 74.794163][ T390] device veth0_macvtap left promiscuous mode [ 74.800200][ T390] device veth1_vlan left promiscuous mode [ 74.806960][ T390] device veth0_vlan left promiscuous mode [ 74.933220][ T390] team0 (unregistering): Port device team_slave_1 removed [ 74.944871][ T390] team0 (unregistering): Port device team_slave_0 removed [ 74.958395][ T390] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 74.972208][ T390] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 75.021212][ T390] bond0 (unregistering): Released all slaves [ 75.096463][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 75.106470][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 75.124177][ T822] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 75.132889][ T822] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 75.141176][ T822] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 75.150983][ T822] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 75.162392][ T4301] device veth0_vlan entered promiscuous mode [ 75.174740][ T4301] device veth1_vlan entered promiscuous mode [ 75.206523][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 75.214886][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 75.223706][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 75.232594][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 75.244225][ T4301] device veth0_macvtap entered promiscuous mode [ 75.259874][ T4301] device veth1_macvtap entered promiscuous mode [ 75.276486][ T4301] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.284656][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 75.294951][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 75.303620][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 75.312905][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 75.325210][ T4301] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.333883][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 75.342850][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 75.354222][ T4301] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.363699][ T4301] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.372955][ T4301] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.382124][ T4301] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.430373][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.440690][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.452468][ T822] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 75.468908][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.478650][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.489343][ T822] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 75.701503][ T1111] Bluetooth: hci0: command 0x040f tx timeout [ 75.759689][ T4319] loop0: detected capacity change from 0 to 32768 [ 75.812592][ T4319] ======================================================= [ 75.812592][ T4319] WARNING: The mand mount option has been deprecated and [ 75.812592][ T4319] and is ignored by this kernel. Remove the mand [ 75.812592][ T4319] option from the mount to silence this warning. [ 75.812592][ T4319] ======================================================= [ 75.955820][ T4319] JBD2: Ignoring recovery information on journal [ 76.004514][ T4319] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 76.040047][ T4319] [ 76.042404][ T4319] ====================================================== [ 76.049499][ T4319] WARNING: possible circular locking dependency detected [ 76.056516][ T4319] syzkaller #0 Not tainted [ 76.061008][ T4319] ------------------------------------------------------ [ 76.068011][ T4319] syz.0.17/4319 is trying to acquire lock: [ 76.073813][ T4319] ffff88805d916d88 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3){+.+.}-{3:3}, at: ocfs2_reserve_suballoc_bits+0x161/0x4350 [ 76.087257][ T4319] [ 76.087257][ T4319] but task is already holding lock: [ 76.094709][ T4319] ffff88805d9906f8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x40c/0x11e0 [ 76.104193][ T4319] [ 76.104193][ T4319] which lock already depends on the new lock. [ 76.104193][ T4319] [ 76.114766][ T4319] [ 76.114766][ T4319] the existing dependency chain (in reverse order) is: [ 76.123860][ T4319] [ 76.123860][ T4319] -> #5 (&oi->ip_xattr_sem){++++}-{3:3}: [ 76.131775][ T4319] down_read+0x44/0x2e0 [ 76.136446][ T4319] ocfs2_init_acl+0x2fb/0x720 [ 76.141630][ T4319] ocfs2_mknod+0x142f/0x22b0 [ 76.146805][ T4319] ocfs2_mkdir+0x192/0x410 [ 76.151717][ T4319] vfs_mkdir+0x387/0x570 [ 76.156460][ T4319] do_mkdirat+0x1d7/0x5a0 [ 76.161373][ T4319] __x64_sys_mkdirat+0x85/0x90 [ 76.166639][ T4319] do_syscall_64+0x4c/0xa0 [ 76.171554][ T4319] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 76.178158][ T4319] [ 76.178158][ T4319] -> #4 (jbd2_handle){++++}-{0:0}: [ 76.185639][ T4319] start_this_handle+0x1338/0x15a0 [ 76.191485][ T4319] jbd2__journal_start+0x2b7/0x5a0 [ 76.197186][ T4319] jbd2_journal_start+0x26/0x30 [ 76.202624][ T4319] ocfs2_start_trans+0x374/0x6c0 [ 76.208063][ T4319] ocfs2_mknod+0xe2f/0x22b0 [ 76.213067][ T4319] ocfs2_mkdir+0x192/0x410 [ 76.217982][ T4319] vfs_mkdir+0x387/0x570 [ 76.222908][ T4319] do_mkdirat+0x1d7/0x5a0 [ 76.227743][ T4319] __x64_sys_mkdirat+0x85/0x90 [ 76.233133][ T4319] do_syscall_64+0x4c/0xa0 [ 76.238156][ T4319] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 76.244552][ T4319] [ 76.244552][ T4319] -> #3 (&journal->j_trans_barrier){.+.+}-{3:3}: [ 76.253396][ T4319] down_read+0x44/0x2e0 [ 76.258441][ T4319] ocfs2_start_trans+0x368/0x6c0 [ 76.264055][ T4319] ocfs2_mknod+0xe2f/0x22b0 [ 76.269667][ T4319] ocfs2_mkdir+0x192/0x410 [ 76.274585][ T4319] vfs_mkdir+0x387/0x570 [ 76.279503][ T4319] do_mkdirat+0x1d7/0x5a0 [ 76.284506][ T4319] __x64_sys_mkdirat+0x85/0x90 [ 76.290040][ T4319] do_syscall_64+0x4c/0xa0 [ 76.294958][ T4319] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 76.301636][ T4319] [ 76.301636][ T4319] -> #2 (sb_internal#2){.+.+}-{0:0}: [ 76.309088][ T4319] ocfs2_start_trans+0x269/0x6c0 [ 76.314539][ T4319] ocfs2_mknod+0xe2f/0x22b0 [ 76.319541][ T4319] ocfs2_mkdir+0x192/0x410 [ 76.324634][ T4319] vfs_mkdir+0x387/0x570 [ 76.329549][ T4319] do_mkdirat+0x1d7/0x5a0 [ 76.334377][ T4319] __x64_sys_mkdirat+0x85/0x90 [ 76.339726][ T4319] do_syscall_64+0x4c/0xa0 [ 76.344644][ T4319] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 76.351119][ T4319] [ 76.351119][ T4319] -> #1 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#4){+.+.}-{3:3}: [ 76.361607][ T4319] down_write+0x38/0x60 [ 76.366438][ T4319] ocfs2_reserve_local_alloc_bits+0x122/0x24c0 [ 76.373448][ T4319] ocfs2_reserve_clusters_with_limit+0x1bb/0xba0 [ 76.380363][ T4319] ocfs2_mknod+0xddd/0x22b0 [ 76.385541][ T4319] ocfs2_mkdir+0x192/0x410 [ 76.390630][ T4319] vfs_mkdir+0x387/0x570 [ 76.395370][ T4319] do_mkdirat+0x1d7/0x5a0 [ 76.400197][ T4319] __x64_sys_mkdirat+0x85/0x90 [ 76.405470][ T4319] do_syscall_64+0x4c/0xa0 [ 76.410471][ T4319] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 76.416955][ T4319] [ 76.416955][ T4319] -> #0 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3){+.+.}-{3:3}: [ 76.427452][ T4319] __lock_acquire+0x2c33/0x7c60 [ 76.432806][ T4319] lock_acquire+0x197/0x3f0 [ 76.438252][ T4319] down_write+0x38/0x60 [ 76.443082][ T4319] ocfs2_reserve_suballoc_bits+0x161/0x4350 [ 76.449474][ T4319] ocfs2_reserve_new_metadata_blocks+0x400/0x940 [ 76.456396][ T4319] ocfs2_init_xattr_set_ctxt+0x2e1/0x6c0 [ 76.463135][ T4319] ocfs2_xattr_set+0xb69/0x11e0 [ 76.468487][ T4319] __vfs_setxattr+0x3e0/0x420 [ 76.473752][ T4319] __vfs_setxattr_noperm+0x129/0x5e0 [ 76.479813][ T4319] vfs_setxattr+0x168/0x2f0 [ 76.485147][ T4319] setxattr+0x2da/0x300 [ 76.489904][ T4319] path_setxattr+0x142/0x280 [ 76.495090][ T4319] __x64_sys_lsetxattr+0xb4/0xd0 [ 76.500538][ T4319] do_syscall_64+0x4c/0xa0 [ 76.505545][ T4319] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 76.511937][ T4319] [ 76.511937][ T4319] other info that might help us debug this: [ 76.511937][ T4319] [ 76.522142][ T4319] Chain exists of: [ 76.522142][ T4319] &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3 --> jbd2_handle --> &oi->ip_xattr_sem [ 76.522142][ T4319] [ 76.537932][ T4319] Possible unsafe locking scenario: [ 76.537932][ T4319] [ 76.545636][ T4319] CPU0 CPU1 [ 76.551288][ T4319] ---- ---- [ 76.556874][ T4319] lock(&oi->ip_xattr_sem); [ 76.561645][ T4319] lock(jbd2_handle); [ 76.568400][ T4319] lock(&oi->ip_xattr_sem); [ 76.575584][ T4319] lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3); [ 76.583030][ T4319] [ 76.583030][ T4319] *** DEADLOCK *** [ 76.583030][ T4319] [ 76.591418][ T4319] 3 locks held by syz.0.17/4319: [ 76.596595][ T4319] #0: ffff888025450460 (sb_writers#13){.+.+}-{0:0}, at: mnt_want_write+0x3d/0x90 [ 76.606187][ T4319] #1: ffff88805d9909c8 (&sb->s_type->i_mutex_key#21){+.+.}-{3:3}, at: vfs_setxattr+0x141/0x2f0 [ 76.616620][ T4319] #2: ffff88805d9906f8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x40c/0x11e0 [ 76.626699][ T4319] [ 76.626699][ T4319] stack backtrace: [ 76.632928][ T4319] CPU: 1 PID: 4319 Comm: syz.0.17 Not tainted syzkaller #0 [ 76.640223][ T4319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 76.650362][ T4319] Call Trace: [ 76.653624][ T4319] [ 76.656537][ T4319] dump_stack_lvl+0x168/0x230 [ 76.661200][ T4319] ? load_image+0x3b0/0x3b0 [ 76.665862][ T4319] ? show_regs_print_info+0x20/0x20 [ 76.671310][ T4319] ? print_circular_bug+0x12b/0x1a0 [ 76.676625][ T4319] check_noncircular+0x274/0x310 [ 76.681544][ T4319] ? add_chain_block+0x940/0x940 [ 76.686462][ T4319] ? lockdep_lock+0xdc/0x1e0 [ 76.691038][ T4319] ? verify_lock_unused+0x140/0x140 [ 76.696320][ T4319] ? mark_lock+0x94/0x320 [ 76.700732][ T4319] __lock_acquire+0x2c33/0x7c60 [ 76.705586][ T4319] ? verify_lock_unused+0x140/0x140 [ 76.710990][ T4319] ? __mutex_unlock_slowpath+0x19e/0x6a0 [ 76.716619][ T4319] ? do_raw_spin_lock+0x11d/0x280 [ 76.721625][ T4319] ? mutex_unlock+0x10/0x10 [ 76.726220][ T4319] ? __rwlock_init+0x140/0x140 [ 76.730962][ T4319] ? __rwlock_init+0x140/0x140 [ 76.735706][ T4319] ? do_raw_spin_unlock+0x11d/0x230 [ 76.740979][ T4319] lock_acquire+0x197/0x3f0 [ 76.745471][ T4319] ? ocfs2_reserve_suballoc_bits+0x161/0x4350 [ 76.751611][ T4319] ? __might_sleep+0xf0/0xf0 [ 76.756178][ T4319] ? __bfs+0x2a3/0x5c0 [ 76.760227][ T4319] ? read_lock_is_recursive+0x10/0x10 [ 76.765580][ T4319] ? verify_lock_unused+0x140/0x140 [ 76.770764][ T4319] down_write+0x38/0x60 [ 76.774926][ T4319] ? ocfs2_reserve_suballoc_bits+0x161/0x4350 [ 76.781063][ T4319] ocfs2_reserve_suballoc_bits+0x161/0x4350 [ 76.787049][ T4319] ? __lock_acquire+0x7c60/0x7c60 [ 76.792193][ T4319] ? mark_lock+0x94/0x320 [ 76.796680][ T4319] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 76.802898][ T4319] ? lock_chain_count+0x20/0x20 [ 76.808261][ T4319] ? __rwlock_init+0x140/0x140 [ 76.813095][ T4319] ? _raw_spin_lock_irqsave+0x7f/0xf0 [ 76.818624][ T4319] ? ocfs2_block_group_search+0x470/0x470 [ 76.824640][ T4319] ? _raw_spin_unlock_irqrestore+0x82/0x100 [ 76.830793][ T4319] ? lockdep_hardirqs_on+0x94/0x140 [ 76.836151][ T4319] ? _raw_spin_unlock_irqrestore+0xaa/0x100 [ 76.842217][ T4319] ? _raw_spin_unlock+0x40/0x40 [ 76.847164][ T4319] ? stack_trace_save+0x98/0xe0 [ 76.852000][ T4319] ? stack_trace_snprint+0xf0/0xf0 [ 76.857105][ T4319] ? stack_depot_save+0x404/0x440 [ 76.862284][ T4319] ? __kasan_kmalloc+0xcc/0xf0 [ 76.867030][ T4319] ? __kasan_kmalloc+0xb5/0xf0 [ 76.871957][ T4319] ? ocfs2_reserve_new_metadata_blocks+0x110/0x940 [ 76.878528][ T4319] ? ocfs2_init_xattr_set_ctxt+0x2e1/0x6c0 [ 76.884459][ T4319] ? ocfs2_xattr_set+0xb69/0x11e0 [ 76.889462][ T4319] ? __vfs_setxattr+0x3e0/0x420 [ 76.894291][ T4319] ? __vfs_setxattr_noperm+0x129/0x5e0 [ 76.899727][ T4319] ? vfs_setxattr+0x168/0x2f0 [ 76.904378][ T4319] ? setxattr+0x2da/0x300 [ 76.908693][ T4319] ? path_setxattr+0x142/0x280 [ 76.913605][ T4319] ? __x64_sys_lsetxattr+0xb4/0xd0 [ 76.918700][ T4319] ? do_syscall_64+0x4c/0xa0 [ 76.923399][ T4319] ? entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 76.929727][ T4319] ocfs2_reserve_new_metadata_blocks+0x400/0x940 [ 76.936043][ T4319] ? ocfs2_init_steal_slots+0x150/0x150 [ 76.941917][ T4319] ? ocfs2_xattr_block_set+0x2b00/0x2b00 [ 76.947623][ T4319] ocfs2_init_xattr_set_ctxt+0x2e1/0x6c0 [ 76.953255][ T4319] ? ocfs2_prepare_refcount_xattr+0xf20/0xf20 [ 76.959477][ T4319] ? ocfs2_truncate_log_needs_flush+0x131/0x2e0 [ 76.965798][ T4319] ? ocfs2_remove_btree_range+0x1480/0x1480 [ 76.971933][ T4319] ? preempt_count_add+0x8d/0x190 [ 76.977123][ T4319] ? up_write+0x1bb/0x420 [ 76.981617][ T4319] ocfs2_xattr_set+0xb69/0x11e0 [ 76.986552][ T4319] ? __ocfs2_xattr_set_handle+0xf10/0xf10 [ 76.992257][ T4319] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 76.998311][ T4319] ? evm_protected_xattr_common+0x170/0x190 [ 77.004357][ T4319] ? evm_protect_xattr+0x76f/0x970 [ 77.009449][ T4319] ? ocfs2_xattr_security_get+0x40/0x40 [ 77.015154][ T4319] __vfs_setxattr+0x3e0/0x420 [ 77.019905][ T4319] __vfs_setxattr_noperm+0x129/0x5e0 [ 77.025269][ T4319] vfs_setxattr+0x168/0x2f0 [ 77.029760][ T4319] ? xattr_permission+0x500/0x500 [ 77.034768][ T4319] ? strncpy_from_user+0x1fb/0x360 [ 77.040063][ T4319] setxattr+0x2da/0x300 [ 77.044463][ T4319] ? path_setxattr+0x280/0x280 [ 77.049217][ T4319] ? __mnt_want_write+0x1e2/0x260 [ 77.054232][ T4319] path_setxattr+0x142/0x280 [ 77.058809][ T4319] ? simple_xattr_list_add+0xf0/0xf0 [ 77.064072][ T4319] ? lock_chain_count+0x20/0x20 [ 77.068901][ T4319] ? vtime_user_exit+0x2dc/0x400 [ 77.073817][ T4319] __x64_sys_lsetxattr+0xb4/0xd0 [ 77.078845][ T4319] do_syscall_64+0x4c/0xa0 [ 77.083355][ T4319] ? clear_bhb_loop+0x30/0x80 [ 77.088011][ T4319] ? clear_bhb_loop+0x30/0x80 [ 77.092667][ T4319] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 77.098727][ T4319] RIP: 0033:0x7fad9d813749 [ 77.103318][ T4319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 77.123275][ T4319] RSP: 002b:00007ffff92083c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 77.131948][ T4319] RAX: ffffffffffffffda RBX: 00007fad9da69fa0 RCX: 00007fad9d813749 [ 77.140085][ T4319] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000200000000080 [ 77.148039][ T4319] RBP: 00007fad9d897f91 R08: 0000000000000000 R09: 0000000000000000 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 77.156069][ T4319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 77.164194][ T4319] R13: 00007fad9da69fa0 R14: 00007fad9da69fa0 R15: 0000000000000005 [ 77.172150][ T4319] [ 77.224835][ T4301] ocfs2: Unmounting device (7,0) on (node local)