Warning: Permanently added '10.128.1.160' (ED25519) to the list of known hosts.
1970/01/01 00:00:24 ignoring optional flag "sandboxArg"="0"
1970/01/01 00:00:25 parsed 1 programs
syzkaller login: [   26.670669][ T6529] cgroup: Unknown subsys name 'net'
[   26.805497][ T6529] cgroup: Unknown subsys name 'cpuset'
[   26.807587][ T6529] cgroup: Unknown subsys name 'rlimit'
[   26.948562][ T6529] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k SS
[   31.887141][ T6535] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   31.970436][ T6541] chnl_net:caif_netlink_parms(): no params data found
[   31.991769][ T6541] bridge0: port 1(bridge_slave_0) entered blocking state
[   31.991856][ T6541] bridge0: port 1(bridge_slave_0) entered disabled state
[   31.991923][ T6541] bridge_slave_0: entered allmulticast mode
[   31.992382][ T6541] bridge_slave_0: entered promiscuous mode
[   31.993495][ T6541] bridge0: port 2(bridge_slave_1) entered blocking state
[   31.993533][ T6541] bridge0: port 2(bridge_slave_1) entered disabled state
[   31.993583][ T6541] bridge_slave_1: entered allmulticast mode
[   31.995508][ T6541] bridge_slave_1: entered promiscuous mode
[   32.007700][ T6541] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   32.008916][ T6541] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   32.016578][ T6541] team0: Port device team_slave_0 added
[   32.017305][ T6541] team0: Port device team_slave_1 added
[   32.064626][ T6541] batman_adv: batadv0: Adding interface: batadv_slave_0
[   32.064666][ T6541] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   32.064697][ T6541] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   32.065475][ T6541] batman_adv: batadv0: Adding interface: batadv_slave_1
[   32.065503][ T6541] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   32.065523][ T6541] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   32.084814][ T6541] hsr_slave_0: entered promiscuous mode
[   32.085119][ T6541] hsr_slave_1: entered promiscuous mode
[   32.125613][ T6541] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   32.128072][ T6541] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   32.130143][ T6541] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   32.132383][ T6541] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   32.142009][ T6541] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.142082][ T6541] bridge0: port 2(bridge_slave_1) entered forwarding state
[   32.142240][ T6541] bridge0: port 1(bridge_slave_0) entered blocking state
[   32.142270][ T6541] bridge0: port 1(bridge_slave_0) entered forwarding state
[   32.155282][ T6541] 8021q: adding VLAN 0 to HW filter on device bond0
[   32.158465][  T550] bridge0: port 1(bridge_slave_0) entered disabled state
[   32.159870][  T550] bridge0: port 2(bridge_slave_1) entered disabled state
[   32.163854][ T6541] 8021q: adding VLAN 0 to HW filter on device team0
[   32.167825][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[   32.167885][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[   32.168725][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.168746][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[   32.218823][ T6541] 8021q: adding VLAN 0 to HW filter on device batadv0
[   32.231423][ T6541] veth0_vlan: entered promiscuous mode
[   32.232969][ T6541] veth1_vlan: entered promiscuous mode
[   32.239298][ T6541] veth0_macvtap: entered promiscuous mode
[   32.240176][ T6541] veth1_macvtap: entered promiscuous mode
[   32.243222][ T6541] batman_adv: batadv0: Interface activated: batadv_slave_0
[   32.244666][ T6541] batman_adv: batadv0: Interface activated: batadv_slave_1
[   32.245480][ T6541] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   32.245513][ T6541] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   32.245530][ T6541] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   32.245545][ T6541] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   32.595191][   T42] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   32.665540][   T42] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   32.701969][   T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   32.702542][   T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   32.702725][   T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   32.703026][   T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   32.703210][   T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   32.745104][   T42] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   32.825264][   T42] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   33.171393][  T208] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   33.171441][  T208] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   33.180343][  T208] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   33.180378][  T208] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
1970/01/01 00:00:33 executed programs: 0
[   33.696954][   T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   33.697953][   T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   33.698148][   T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   33.698485][   T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   33.698683][   T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   33.746707][ T6631] chnl_net:caif_netlink_parms(): no params data found
[   33.765866][ T6631] bridge0: port 1(bridge_slave_0) entered blocking state
[   33.765928][ T6631] bridge0: port 1(bridge_slave_0) entered disabled state
[   33.765992][ T6631] bridge_slave_0: entered allmulticast mode
[   33.766408][ T6631] bridge_slave_0: entered promiscuous mode
[   33.767129][ T6631] bridge0: port 2(bridge_slave_1) entered blocking state
[   33.767173][ T6631] bridge0: port 2(bridge_slave_1) entered disabled state
[   33.767229][ T6631] bridge_slave_1: entered allmulticast mode
[   33.767629][ T6631] bridge_slave_1: entered promiscuous mode
[   33.778661][ T6631] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   33.779609][ T6631] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   33.786858][ T6631] team0: Port device team_slave_0 added
[   33.787829][ T6631] team0: Port device team_slave_1 added
[   33.794615][ T6631] batman_adv: batadv0: Adding interface: batadv_slave_0
[   33.794645][ T6631] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   33.794668][ T6631] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   33.795169][ T6631] batman_adv: batadv0: Adding interface: batadv_slave_1
[   33.795184][ T6631] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   33.795199][ T6631] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   33.813036][ T6631] hsr_slave_0: entered promiscuous mode
[   33.813888][ T6631] hsr_slave_1: entered promiscuous mode
[   33.814692][ T6631] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   33.814763][ T6631] Cannot create hsr debugfs directory
[   35.714160][   T42] bridge_slave_1: left allmulticast mode
[   35.714562][   T42] bridge_slave_1: left promiscuous mode
[   35.714853][   T42] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.722245][   T42] bridge_slave_0: left allmulticast mode
[   35.722288][   T42] bridge_slave_0: left promiscuous mode
[   35.722375][   T42] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.725431][ T6101] Bluetooth: hci0: command tx timeout
[   37.275446][   T42] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   37.315451][   T42] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   37.364967][   T42] bond0 (unregistering): Released all slaves
[   37.435963][   T42] hsr_slave_0: left promiscuous mode
[   37.437361][   T42] hsr_slave_1: left promiscuous mode
[   37.438640][   T42] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   37.439819][   T42] batman_adv: batadv0: Removing interface: batadv_slave_0
[   37.445410][   T42] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   37.445450][   T42] batman_adv: batadv0: Removing interface: batadv_slave_1
[   37.452424][   T42] veth1_macvtap: left promiscuous mode
[   37.453545][   T42] veth0_macvtap: left promiscuous mode
[   37.457141][   T42] veth1_vlan: left promiscuous mode
[   37.458103][   T42] veth0_vlan: left promiscuous mode
[   37.804332][ T6101] Bluetooth: hci0: command tx timeout
[   39.155100][   T42] team0 (unregistering): Port device team_slave_1 removed
[   39.345005][   T42] team0 (unregistering): Port device team_slave_0 removed
[   39.884011][ T6101] Bluetooth: hci0: command tx timeout
[   41.964021][ T6101] Bluetooth: hci0: command tx timeout
[   41.988359][ T6631] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   41.990702][ T6631] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   41.992884][ T6631] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   41.997663][ T6631] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   42.041754][ T6631] 8021q: adding VLAN 0 to HW filter on device bond0
[   42.046179][ T6631] 8021q: adding VLAN 0 to HW filter on device team0
[   42.047692][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.047741][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[   42.051360][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   42.051406][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   42.293292][ T6631] 8021q: adding VLAN 0 to HW filter on device batadv0
[   42.305228][ T6631] veth0_vlan: entered promiscuous mode
[   42.306704][ T6631] veth1_vlan: entered promiscuous mode
[   42.313090][ T6631] veth0_macvtap: entered promiscuous mode
[   42.314418][ T6631] veth1_macvtap: entered promiscuous mode
[   42.319226][ T6631] batman_adv: batadv0: Interface activated: batadv_slave_0
[   42.320462][ T6631] batman_adv: batadv0: Interface activated: batadv_slave_1
[   42.321330][ T6631] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   42.321350][ T6631] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   42.321367][ T6631] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   42.321382][ T6631] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   42.353551][  T987] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   42.353590][  T987] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   42.361539][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   42.361572][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   42.494958][ T6718] loop0: detected capacity change from 0 to 32768
[   42.496588][ T6718] =======================================================
[   42.496588][ T6718] WARNING: The mand mount option has been deprecated and
[   42.496588][ T6718]          and is ignored by this kernel. Remove the mand
[   42.496588][ T6718]          option from the mount to silence this warning.
[   42.496588][ T6718] =======================================================
[   42.509451][ T6718] JBD2: Ignoring recovery information on journal
[   42.525448][ T6718] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[   42.533708][ T6718] 
[   42.534081][ T6718] ======================================================
[   42.535141][ T6718] WARNING: possible circular locking dependency detected
[   42.536165][ T6718] 6.16.0-rc7-syzkaller-g82af5ea7c611 #0 Not tainted
[   42.537177][ T6718] ------------------------------------------------------
[   42.538269][ T6718] syz.0.17/6718 is trying to acquire lock:
[   42.539262][ T6718] ffff0000c2fe67d0 (&mm->mmap_lock){++++}-{4:4}, at: __might_fault+0x9c/0x124
[   42.540781][ T6718] 
[   42.540781][ T6718] but task is already holding lock:
[   42.541880][ T6718] ffff0000ee713f60 (&oi->ip_alloc_sem){++++}-{4:4}, at: ocfs2_fiemap+0x26c/0x9c4
[   42.543357][ T6718] 
[   42.543357][ T6718] which lock already depends on the new lock.
[   42.543357][ T6718] 
[   42.544979][ T6718] 
[   42.544979][ T6718] the existing dependency chain (in reverse order) is:
[   42.546463][ T6718] 
[   42.546463][ T6718] -> #2 (&oi->ip_alloc_sem){++++}-{4:4}:
[   42.547710][ T6718]        down_write+0x50/0xc0
[   42.548480][ T6718]        ocfs2_page_mkwrite+0x340/0xbf4
[   42.549364][ T6718]        do_page_mkwrite+0x138/0x2b8
[   42.550234][ T6718]        handle_mm_fault+0x1aa0/0x4d38
[   42.551057][ T6718]        do_page_fault+0x8a0/0x13cc
[   42.551893][ T6718]        do_translation_fault+0xc4/0x114
[   42.552747][ T6718]        do_mem_abort+0x70/0x194
[   42.553513][ T6718]        el0_da+0x64/0x164
[   42.554199][ T6718]        el0t_64_sync_handler+0x90/0x12c
[   42.555046][ T6718]        el0t_64_sync+0x198/0x19c
[   42.555834][ T6718] 
[   42.555834][ T6718] -> #1 (sb_pagefaults#2){.+.+}-{0:0}:
[   42.556964][ T6718]        ocfs2_page_mkwrite+0x1b0/0xbf4
[   42.557867][ T6718]        do_page_mkwrite+0x138/0x2b8
[   42.558680][ T6718]        handle_mm_fault+0x1aa0/0x4d38
[   42.559535][ T6718]        do_page_fault+0x8a0/0x13cc
[   42.560326][ T6718]        do_translation_fault+0xc4/0x114
[   42.561165][ T6718]        do_mem_abort+0x70/0x194
[   42.561971][ T6718]        el0_da+0x64/0x164
[   42.562675][ T6718]        el0t_64_sync_handler+0x90/0x12c
[   42.563564][ T6718]        el0t_64_sync+0x198/0x19c
[   42.564353][ T6718] 
[   42.564353][ T6718] -> #0 (&mm->mmap_lock){++++}-{4:4}:
[   42.565548][ T6718]        __lock_acquire+0x1774/0x30a4
[   42.566407][ T6718]        lock_acquire+0x14c/0x2e0
[   42.567178][ T6718]        __might_fault+0xc4/0x124
[   42.567963][ T6718]        fiemap_fill_next_extent+0x17c/0x3f0
[   42.568857][ T6718]        ocfs2_fiemap+0x648/0x9c4
[   42.569622][ T6718]        do_vfs_ioctl+0x1560/0x1cd8
[   42.570346][ T6718]        __arm64_sys_ioctl+0xe4/0x1c4
[   42.571163][ T6718]        invoke_syscall+0x98/0x2b8
[   42.571995][ T6718]        el0_svc_common+0x130/0x23c
[   42.572793][ T6718]        do_el0_svc+0x48/0x58
[   42.573521][ T6718]        el0_svc+0x58/0x180
[   42.574205][ T6718]        el0t_64_sync_handler+0x84/0x12c
[   42.575041][ T6718]        el0t_64_sync+0x198/0x19c
[   42.575867][ T6718] 
[   42.575867][ T6718] other info that might help us debug this:
[   42.575867][ T6718] 
[   42.577457][ T6718] Chain exists of:
[   42.577457][ T6718]   &mm->mmap_lock --> sb_pagefaults#2 --> &oi->ip_alloc_sem
[   42.577457][ T6718] 
[   42.579571][ T6718]  Possible unsafe locking scenario:
[   42.579571][ T6718] 
[   42.580729][ T6718]        CPU0                    CPU1
[   42.581541][ T6718]        ----                    ----
[   42.582455][ T6718]   rlock(&oi->ip_alloc_sem);
[   42.583188][ T6718]                                lock(sb_pagefaults#2);
[   42.584231][ T6718]                                lock(&oi->ip_alloc_sem);
[   42.585325][ T6718]   rlock(&mm->mmap_lock);
[   42.586036][ T6718] 
[   42.586036][ T6718]  *** DEADLOCK ***
[   42.586036][ T6718] 
[   42.587214][ T6718] 1 lock held by syz.0.17/6718:
[   42.587949][ T6718]  #0: ffff0000ee713f60 (&oi->ip_alloc_sem){++++}-{4:4}, at: ocfs2_fiemap+0x26c/0x9c4
[   42.589447][ T6718] 
[   42.589447][ T6718] stack backtrace:
[   42.590432][ T6718] CPU: 0 UID: 0 PID: 6718 Comm: syz.0.17 Not tainted 6.16.0-rc7-syzkaller-g82af5ea7c611 #0 PREEMPT 
[   42.592114][ T6718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/18/2025
[   42.593695][ T6718] Call trace:
[   42.594232][ T6718]  show_stack+0x2c/0x3c (C)
[   42.594882][ T6718]  __dump_stack+0x30/0x40
[   42.595549][ T6718]  dump_stack_lvl+0xd8/0x12c
[   42.596271][ T6718]  dump_stack+0x1c/0x28
[   42.596897][ T6718]  print_circular_bug+0x324/0x32c
[   42.597677][ T6718]  check_noncircular+0x154/0x174
[   42.598389][ T6718]  __lock_acquire+0x1774/0x30a4
[   42.599111][ T6718]  lock_acquire+0x14c/0x2e0
[   42.599757][ T6718]  __might_fault+0xc4/0x124
[   42.600453][ T6718]  fiemap_fill_next_extent+0x17c/0x3f0
[   42.601232][ T6718]  ocfs2_fiemap+0x648/0x9c4
[   42.601935][ T6718]  do_vfs_ioctl+0x1560/0x1cd8
[   42.602652][ T6718]  __arm64_sys_ioctl+0xe4/0x1c4
[   42.603399][ T6718]  invoke_syscall+0x98/0x2b8
[   42.604117][ T6718]  el0_svc_common+0x130/0x23c
[   42.604823][ T6718]  do_el0_svc+0x48/0x58
[   42.605441][ T6718]  el0_svc+0x58/0x180
[   42.605998][ T6718]  el0t_64_sync_handler+0x84/0x12c
[   42.606795][ T6718]  el0t_64_sync+0x198/0x19c