Warning: Permanently added '10.128.1.19' (ED25519) to the list of known hosts. 1970/01/01 00:00:25 parsed 1 programs [ 27.044852][ T4325] cgroup: Unknown subsys name 'net' [ 27.283833][ T4325] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 27.578781][ T4325] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 31.751275][ T4358] chnl_net:caif_netlink_parms(): no params data found [ 31.767857][ T4358] bridge0: port 1(bridge_slave_0) entered blocking state [ 31.768982][ T4358] bridge0: port 1(bridge_slave_0) entered disabled state [ 31.770453][ T4358] device bridge_slave_0 entered promiscuous mode [ 31.773130][ T4358] bridge0: port 2(bridge_slave_1) entered blocking state [ 31.774237][ T4358] bridge0: port 2(bridge_slave_1) entered disabled state [ 31.775630][ T4358] device bridge_slave_1 entered promiscuous mode [ 31.783869][ T4358] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 31.786193][ T4358] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 31.793218][ T4358] team0: Port device team_slave_0 added [ 31.795543][ T4358] team0: Port device team_slave_1 added [ 31.801336][ T4358] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 31.802461][ T4358] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 31.806371][ T4358] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 31.808877][ T4358] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 31.809855][ T4358] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 31.814071][ T4358] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 31.852582][ T4358] device hsr_slave_0 entered promiscuous mode [ 31.901601][ T4358] device hsr_slave_1 entered promiscuous mode [ 31.974704][ T4358] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 32.004140][ T4358] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 32.053319][ T4358] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 32.093422][ T4358] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 32.140756][ T4358] bridge0: port 2(bridge_slave_1) entered blocking state [ 32.142017][ T4358] bridge0: port 2(bridge_slave_1) entered forwarding state [ 32.143259][ T4358] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.144298][ T4358] bridge0: port 1(bridge_slave_0) entered forwarding state [ 32.160943][ T4358] 8021q: adding VLAN 0 to HW filter on device bond0 [ 32.165182][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 32.167539][ T39] bridge0: port 1(bridge_slave_0) entered disabled state [ 32.169408][ T39] bridge0: port 2(bridge_slave_1) entered disabled state [ 32.175645][ T4358] 8021q: adding VLAN 0 to HW filter on device team0 [ 32.178978][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 32.180418][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.181623][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 32.184591][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 32.186013][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 32.187116][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 32.235762][ T4358] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 32.237528][ T4358] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 32.242940][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 32.244714][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 32.246248][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 32.248333][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 32.249931][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 32.251329][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 32.298130][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 32.299491][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 32.302682][ T4358] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 32.307664][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 32.315449][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 32.317030][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 32.318293][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 32.319726][ T4358] device veth0_vlan entered promiscuous mode [ 32.323916][ T4358] device veth1_vlan entered promiscuous mode [ 32.329969][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 32.331480][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 32.333673][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 32.336087][ T4358] device veth0_macvtap entered promiscuous mode [ 32.338249][ T4358] device veth1_macvtap entered promiscuous mode [ 32.345754][ T4358] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 32.347603][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 32.351303][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 32.355968][ T4358] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 32.357955][ T4358] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.359348][ T4358] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.360646][ T4358] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.362905][ T4358] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.365442][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 32.609083][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 32.610370][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 32.612860][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 32.618627][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 32.619935][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 32.622922][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 32.734233][ T47] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 32.735786][ T47] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 32.737045][ T47] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 32.738442][ T47] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 32.739831][ T47] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 32.741072][ T47] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 1970/01/01 00:00:33 executed programs: 0 [ 33.303634][ T4400] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 33.305272][ T4400] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 33.306721][ T4400] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 33.308189][ T4400] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 33.309583][ T4400] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 33.310829][ T4400] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 33.571542][ T4423] chnl_net:caif_netlink_parms(): no params data found [ 33.586283][ T4423] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.587524][ T4423] bridge0: port 1(bridge_slave_0) entered disabled state [ 33.588904][ T4423] device bridge_slave_0 entered promiscuous mode [ 33.590905][ T4423] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.594921][ T4423] bridge0: port 2(bridge_slave_1) entered disabled state [ 33.596447][ T4423] device bridge_slave_1 entered promiscuous mode [ 33.604306][ T4423] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 33.606790][ T4423] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 33.623540][ T4423] team0: Port device team_slave_0 added [ 33.625412][ T4423] team0: Port device team_slave_1 added [ 33.633751][ T4423] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 33.634874][ T4423] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 33.638660][ T4423] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 33.640880][ T4423] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 33.642308][ T4423] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 33.646257][ T4423] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 33.682354][ T4423] device hsr_slave_0 entered promiscuous mode [ 33.721638][ T4423] device hsr_slave_1 entered promiscuous mode [ 33.761461][ T4423] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 33.762804][ T4423] Cannot create hsr debugfs directory [ 34.084843][ T9] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 35.371664][ T4400] Bluetooth: hci0: command 0x0409 tx timeout [ 37.412986][ T9] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 37.451612][ T4400] Bluetooth: hci0: command 0x041b tx timeout [ 38.162439][ T9] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 38.243154][ T9] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 39.155133][ T4423] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 39.202654][ T4423] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 39.252624][ T4423] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 39.302900][ T4423] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 39.482808][ T4423] 8021q: adding VLAN 0 to HW filter on device bond0 [ 39.487583][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 39.489174][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 39.492093][ T4423] 8021q: adding VLAN 0 to HW filter on device team0 [ 39.494384][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 39.495911][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 39.497211][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.498355][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.500092][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 39.531412][ T4400] Bluetooth: hci0: command 0x040f tx timeout [ 39.544741][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 39.546456][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 39.547946][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.549023][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.552678][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 39.555301][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 39.557837][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 39.559774][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 39.561345][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 39.564107][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 39.565621][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 39.568176][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 39.569711][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 39.573673][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 39.575203][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 39.577691][ T4423] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 39.646294][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 39.647493][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 39.650244][ T4423] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 39.656096][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 39.657625][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 39.724773][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 39.726333][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 39.727891][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 39.729282][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 39.732173][ T4423] device veth0_vlan entered promiscuous mode [ 39.735233][ T4423] device veth1_vlan entered promiscuous mode [ 39.741023][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 39.742825][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 39.744142][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 39.745581][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 39.747853][ T4423] device veth0_macvtap entered promiscuous mode [ 39.750016][ T4423] device veth1_macvtap entered promiscuous mode [ 39.754885][ T4423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 39.756467][ T4423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.758379][ T4423] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 39.759500][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 39.760978][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 39.762710][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 39.764190][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 39.766436][ T4423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 39.768047][ T4423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.769993][ T4423] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 39.771195][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 39.773474][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 39.776080][ T4423] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.777407][ T4423] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.778742][ T4423] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.779987][ T4423] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.848257][ T39] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.854639][ T39] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.855395][ T4391] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.856397][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 39.857032][ T4391] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.859807][ T4391] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 39.970784][ T4484] loop0: detected capacity change from 0 to 32768 [ 39.974983][ T4484] (syz.0.17,4484,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 39.977511][ T4484] (syz.0.17,4484,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 39.989790][ T4484] JBD2: Ignoring recovery information on journal [ 40.001886][ T4484] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 40.012602][ T4484] [ 40.013004][ T4484] ====================================================== [ 40.013955][ T4484] WARNING: possible circular locking dependency detected [ 40.014982][ T4484] syzkaller #0 Not tainted [ 40.015665][ T4484] ------------------------------------------------------ [ 40.016697][ T4484] syz.0.17/4484 is trying to acquire lock: [ 40.017475][ T4484] ffff0000e536dbe0 (&oi->ip_alloc_sem){+.+.}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xb4/0x2d8 [ 40.019095][ T4484] [ 40.019095][ T4484] but task is already holding lock: [ 40.020077][ T4484] ffff0000e536dc78 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xa8/0x2d8 [ 40.021668][ T4484] [ 40.021668][ T4484] which lock already depends on the new lock. [ 40.021668][ T4484] [ 40.023209][ T4484] [ 40.023209][ T4484] the existing dependency chain (in reverse order) is: [ 40.024521][ T4484] [ 40.024521][ T4484] -> #4 (&oi->ip_xattr_sem){++++}-{3:3}: [ 40.025582][ T4484] down_read+0x64/0x304 [ 40.026231][ T4484] ocfs2_init_acl+0x258/0x5f0 [ 40.027005][ T4484] ocfs2_mknod+0x1168/0x1f18 [ 40.027674][ T4484] ocfs2_create+0x19c/0x4f0 [ 40.028346][ T4484] path_openat+0x112c/0x2680 [ 40.029006][ T4484] do_filp_open+0x174/0x344 [ 40.029823][ T4484] do_sys_openat2+0x128/0x3d8 [ 40.030594][ T4484] __arm64_sys_openat+0x120/0x154 [ 40.031394][ T4484] invoke_syscall+0x98/0x2bc [ 40.032184][ T4484] el0_svc_common+0x138/0x258 [ 40.033020][ T4484] do_el0_svc+0x58/0x13c [ 40.033706][ T4484] el0_svc+0x58/0x138 [ 40.034360][ T4484] el0t_64_sync_handler+0x84/0xf0 [ 40.035251][ T4484] el0t_64_sync+0x18c/0x190 [ 40.035971][ T4484] [ 40.035971][ T4484] -> #3 (jbd2_handle){++++}-{0:0}: [ 40.037097][ T4484] start_this_handle+0xfe0/0x122c [ 40.037921][ T4484] jbd2__journal_start+0x288/0x51c [ 40.038755][ T4484] jbd2_journal_start+0x3c/0x4c [ 40.039510][ T4484] ocfs2_start_trans+0x380/0x6c4 [ 40.040341][ T4484] ocfs2_modify_bh+0xe4/0x43c [ 40.041174][ T4484] ocfs2_local_read_info+0x102c/0x131c [ 40.042010][ T4484] dquot_load_quota_sb+0x6c4/0xa24 [ 40.042836][ T4484] dquot_load_quota_inode+0x274/0x4e4 [ 40.043652][ T4484] ocfs2_enable_quotas+0x17c/0x3b4 [ 40.044478][ T4484] ocfs2_fill_super+0x3060/0x3e98 [ 40.045286][ T4484] mount_bdev+0x264/0x358 [ 40.045979][ T4484] ocfs2_mount+0x44/0x58 [ 40.046682][ T4484] legacy_get_tree+0xd4/0x16c [ 40.047501][ T4484] vfs_get_tree+0x90/0x274 [ 40.048224][ T4484] do_new_mount+0x228/0x810 [ 40.048990][ T4484] path_mount+0x5b4/0xe78 [ 40.049715][ T4484] __arm64_sys_mount+0x49c/0x584 [ 40.050504][ T4484] invoke_syscall+0x98/0x2bc [ 40.051324][ T4484] el0_svc_common+0x138/0x258 [ 40.052082][ T4484] do_el0_svc+0x58/0x13c [ 40.052776][ T4484] el0_svc+0x58/0x138 [ 40.053440][ T4484] el0t_64_sync_handler+0x84/0xf0 [ 40.054226][ T4484] el0t_64_sync+0x18c/0x190 [ 40.054930][ T4484] [ 40.054930][ T4484] -> #2 (&journal->j_trans_barrier){.+.+}-{3:3}: [ 40.056160][ T4484] down_read+0x64/0x304 [ 40.056850][ T4484] ocfs2_start_trans+0x374/0x6c4 [ 40.057622][ T4484] ocfs2_modify_bh+0xe4/0x43c [ 40.058387][ T4484] ocfs2_local_read_info+0x102c/0x131c [ 40.059232][ T4484] dquot_load_quota_sb+0x6c4/0xa24 [ 40.060067][ T4484] dquot_load_quota_inode+0x274/0x4e4 [ 40.060926][ T4484] ocfs2_enable_quotas+0x17c/0x3b4 [ 40.061767][ T4484] ocfs2_fill_super+0x3060/0x3e98 [ 40.062543][ T4484] mount_bdev+0x264/0x358 [ 40.063316][ T4484] ocfs2_mount+0x44/0x58 [ 40.064026][ T4484] legacy_get_tree+0xd4/0x16c [ 40.064707][ T4484] vfs_get_tree+0x90/0x274 [ 40.065380][ T4484] do_new_mount+0x228/0x810 [ 40.066094][ T4484] path_mount+0x5b4/0xe78 [ 40.066798][ T4484] __arm64_sys_mount+0x49c/0x584 [ 40.067595][ T4484] invoke_syscall+0x98/0x2bc [ 40.068376][ T4484] el0_svc_common+0x138/0x258 [ 40.069131][ T4484] do_el0_svc+0x58/0x13c [ 40.069868][ T4484] el0_svc+0x58/0x138 [ 40.070552][ T4484] el0t_64_sync_handler+0x84/0xf0 [ 40.071413][ T4484] el0t_64_sync+0x18c/0x190 [ 40.072272][ T4484] [ 40.072272][ T4484] -> #1 (sb_internal#2){.+.+}-{0:0}: [ 40.073457][ T4484] ocfs2_start_trans+0x20c/0x6c4 [ 40.074320][ T4484] ocfs2_truncate_file+0x5f4/0x149c [ 40.075172][ T4484] ocfs2_setattr+0x1234/0x18d4 [ 40.075964][ T4484] notify_change+0xb0c/0xdcc [ 40.076706][ T4484] do_truncate+0x178/0x1f0 [ 40.077449][ T4484] path_openat+0x20d0/0x2680 [ 40.078258][ T4484] do_filp_open+0x174/0x344 [ 40.078988][ T4484] do_sys_openat2+0x128/0x3d8 [ 40.079696][ T4484] __arm64_sys_openat+0x120/0x154 [ 40.080492][ T4484] invoke_syscall+0x98/0x2bc [ 40.081312][ T4484] el0_svc_common+0x138/0x258 [ 40.082101][ T4484] do_el0_svc+0x58/0x13c [ 40.082796][ T4484] el0_svc+0x58/0x138 [ 40.083438][ T4484] el0t_64_sync_handler+0x84/0xf0 [ 40.084229][ T4484] el0t_64_sync+0x18c/0x190 [ 40.084955][ T4484] [ 40.084955][ T4484] -> #0 (&oi->ip_alloc_sem){+.+.}-{3:3}: [ 40.086146][ T4484] __lock_acquire+0x293c/0x6544 [ 40.086982][ T4484] lock_acquire+0x20c/0x644 [ 40.087702][ T4484] down_write+0x5c/0x88 [ 40.088406][ T4484] ocfs2_try_remove_refcount_tree+0xb4/0x2d8 [ 40.089437][ T4484] ocfs2_truncate_file+0xce8/0x149c [ 40.090249][ T4484] ocfs2_setattr+0x1234/0x18d4 [ 40.091068][ T4484] notify_change+0xb0c/0xdcc [ 40.091780][ T4484] do_truncate+0x178/0x1f0 [ 40.092470][ T4484] path_openat+0x20d0/0x2680 [ 40.093246][ T4484] do_filp_open+0x174/0x344 [ 40.093996][ T4484] do_sys_openat2+0x128/0x3d8 [ 40.094763][ T4484] __arm64_sys_openat+0x120/0x154 [ 40.095650][ T4484] invoke_syscall+0x98/0x2bc [ 40.096398][ T4484] el0_svc_common+0x138/0x258 [ 40.097161][ T4484] do_el0_svc+0x58/0x13c [ 40.097904][ T4484] el0_svc+0x58/0x138 [ 40.098577][ T4484] el0t_64_sync_handler+0x84/0xf0 [ 40.099397][ T4484] el0t_64_sync+0x18c/0x190 [ 40.100213][ T4484] [ 40.100213][ T4484] other info that might help us debug this: [ 40.100213][ T4484] [ 40.101886][ T4484] Chain exists of: [ 40.101886][ T4484] &oi->ip_alloc_sem --> jbd2_handle --> &oi->ip_xattr_sem [ 40.101886][ T4484] [ 40.103901][ T4484] Possible unsafe locking scenario: [ 40.103901][ T4484] [ 40.105051][ T4484] CPU0 CPU1 [ 40.105861][ T4484] ---- ---- [ 40.106631][ T4484] lock(&oi->ip_xattr_sem); [ 40.107340][ T4484] lock(jbd2_handle); [ 40.108330][ T4484] lock(&oi->ip_xattr_sem); [ 40.109364][ T4484] lock(&oi->ip_alloc_sem); [ 40.110053][ T4484] [ 40.110053][ T4484] *** DEADLOCK *** [ 40.110053][ T4484] [ 40.111238][ T4484] 3 locks held by syz.0.17/4484: [ 40.111970][ T4484] #0: ffff0000d322a460 (sb_writers#12){.+.+}-{0:0}, at: mnt_want_write+0x44/0x9c [ 40.113370][ T4484] #1: ffff0000e536df48 (&sb->s_type->i_mutex_key#20){+.+.}-{3:3}, at: do_truncate+0x164/0x1f0 [ 40.114952][ T4484] #2: ffff0000e536dc78 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xa8/0x2d8 [ 40.116684][ T4484] [ 40.116684][ T4484] stack backtrace: [ 40.117587][ T4484] CPU: 1 PID: 4484 Comm: syz.0.17 Not tainted syzkaller #0 [ 40.118704][ T4484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 40.120231][ T4484] Call trace: [ 40.120737][ T4484] dump_backtrace+0x1c8/0x1f4 [ 40.121446][ T4484] show_stack+0x2c/0x3c [ 40.122098][ T4484] __dump_stack+0x30/0x40 [ 40.122772][ T4484] dump_stack_lvl+0xf8/0x160 [ 40.123492][ T4484] dump_stack+0x1c/0x5c [ 40.124150][ T4484] print_circular_bug+0x148/0x1b0 [ 40.124924][ T4484] check_noncircular+0x240/0x2d4 [ 40.125680][ T4484] __lock_acquire+0x293c/0x6544 [ 40.126408][ T4484] lock_acquire+0x20c/0x644 [ 40.127069][ T4484] down_write+0x5c/0x88 [ 40.127710][ T4484] ocfs2_try_remove_refcount_tree+0xb4/0x2d8 [ 40.128664][ T4484] ocfs2_truncate_file+0xce8/0x149c [ 40.129432][ T4484] ocfs2_setattr+0x1234/0x18d4 [ 40.130141][ T4484] notify_change+0xb0c/0xdcc [ 40.130855][ T4484] do_truncate+0x178/0x1f0 [ 40.131473][ T4484] path_openat+0x20d0/0x2680 [ 40.132127][ T4484] do_filp_open+0x174/0x344 [ 40.132771][ T4484] do_sys_openat2+0x128/0x3d8 [ 40.133426][ T4484] __arm64_sys_openat+0x120/0x154 [ 40.134141][ T4484] invoke_syscall+0x98/0x2bc [ 40.134764][ T4484] el0_svc_common+0x138/0x258 [ 40.135454][ T4484] do_el0_svc+0x58/0x13c [ 40.136049][ T4484] el0_svc+0x58/0x138 [ 40.136661][ T4484] el0t_64_sync_handler+0x84/0xf0 [ 40.137374][ T4484] el0t_64_sync+0x18c/0x190 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 40.196683][ T4423] ocfs2: Unmounting device (7,0) on (node local)