Warning: Permanently added '10.128.1.61' (ED25519) to the list of known hosts. 1970/01/01 00:00:29 ignoring optional flag "sandboxArg"="0" 1970/01/01 00:00:29 parsed 1 programs [ 31.217461][ T6530] cgroup: Unknown subsys name 'net' [ 31.352394][ T6530] cgroup: Unknown subsys name 'cpuset' [ 31.354183][ T6530] cgroup: Unknown subsys name 'rlimit' [ 31.489272][ T6530] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SS [ 37.374588][ T6537] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 37.487472][ T2168] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.487519][ T2168] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.498783][ T630] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.498823][ T630] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.987075][ T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 37.987396][ T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 37.987554][ T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 37.987849][ T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 37.988069][ T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 38.558501][ T6596] chnl_net:caif_netlink_parms(): no params data found [ 38.580865][ T6596] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.581968][ T6596] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.582035][ T6596] bridge_slave_0: entered allmulticast mode [ 38.582481][ T6596] bridge_slave_0: entered promiscuous mode [ 38.583539][ T6596] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.583717][ T6596] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.583766][ T6596] bridge_slave_1: entered allmulticast mode [ 38.584157][ T6596] bridge_slave_1: entered promiscuous mode [ 38.595056][ T6596] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 38.595960][ T6596] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 38.614214][ T6596] team0: Port device team_slave_0 added [ 38.615152][ T6596] team0: Port device team_slave_1 added [ 38.621627][ T6596] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 38.621660][ T6596] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.621679][ T6596] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 38.622449][ T6596] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 38.622465][ T6596] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.622484][ T6596] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.637553][ T6596] hsr_slave_0: entered promiscuous mode [ 38.637868][ T6596] hsr_slave_1: entered promiscuous mode [ 38.949986][ T6596] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 38.954473][ T6596] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 38.957148][ T6596] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 38.959422][ T6596] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 38.973859][ T6596] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.973925][ T6596] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.974124][ T6596] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.974162][ T6596] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.992188][ T6596] 8021q: adding VLAN 0 to HW filter on device bond0 [ 38.997007][ T2168] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.998412][ T2168] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.005010][ T6596] 8021q: adding VLAN 0 to HW filter on device team0 [ 39.007231][ T2168] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.007292][ T2168] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.010142][ T2168] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.010185][ T2168] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.055629][ T6596] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 39.066634][ T6596] veth0_vlan: entered promiscuous mode [ 39.068747][ T6596] veth1_vlan: entered promiscuous mode [ 39.077910][ T6596] veth0_macvtap: entered promiscuous mode [ 39.078864][ T6596] veth1_macvtap: entered promiscuous mode [ 39.083468][ T6596] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 39.084545][ T6596] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 39.085306][ T6596] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.085343][ T6596] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.085360][ T6596] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.085374][ T6596] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.532380][ T14] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 39.592750][ T14] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 39.663047][ T14] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 39.732958][ T14] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 1970/01/01 00:00:39 executed programs: 0 [ 39.942287][ T6094] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 39.943631][ T6094] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 39.944386][ T6094] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 39.944720][ T6094] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 39.944906][ T6094] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 39.988428][ T6639] chnl_net:caif_netlink_parms(): no params data found [ 40.008257][ T6639] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.008332][ T6639] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.008407][ T6639] bridge_slave_0: entered allmulticast mode [ 40.008816][ T6639] bridge_slave_0: entered promiscuous mode [ 40.009766][ T6639] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.009811][ T6639] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.009861][ T6639] bridge_slave_1: entered allmulticast mode [ 40.010275][ T6639] bridge_slave_1: entered promiscuous mode [ 40.020094][ T6639] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 40.022380][ T6639] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 40.030270][ T6639] team0: Port device team_slave_0 added [ 40.031986][ T6639] team0: Port device team_slave_1 added [ 40.038018][ T6639] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 40.038403][ T6639] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.038434][ T6639] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 40.038960][ T6639] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 40.038975][ T6639] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.038991][ T6639] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 40.058151][ T6639] hsr_slave_0: entered promiscuous mode [ 40.058439][ T6639] hsr_slave_1: entered promiscuous mode [ 40.058625][ T6639] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 40.058706][ T6639] Cannot create hsr debugfs directory [ 42.001292][ T6094] Bluetooth: hci0: command tx timeout [ 42.699757][ T14] bridge_slave_1: left allmulticast mode [ 42.699819][ T14] bridge_slave_1: left promiscuous mode [ 42.700040][ T14] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.703351][ T14] bridge_slave_0: left allmulticast mode [ 42.703389][ T14] bridge_slave_0: left promiscuous mode [ 42.703465][ T14] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.081435][ T6094] Bluetooth: hci0: command tx timeout [ 44.142540][ T14] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 44.182716][ T14] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 44.231733][ T14] bond0 (unregistering): Released all slaves [ 44.296833][ T14] hsr_slave_0: left promiscuous mode [ 44.298134][ T14] hsr_slave_1: left promiscuous mode [ 44.299615][ T14] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 44.302496][ T14] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 44.304638][ T14] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 44.305851][ T14] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 44.313262][ T14] veth1_macvtap: left promiscuous mode [ 44.314312][ T14] veth0_macvtap: left promiscuous mode [ 44.315471][ T14] veth1_vlan: left promiscuous mode [ 44.316423][ T14] veth0_vlan: left promiscuous mode [ 46.160959][ T6094] Bluetooth: hci0: command tx timeout [ 46.232163][ T14] team0 (unregistering): Port device team_slave_1 removed [ 46.471504][ T14] team0 (unregistering): Port device team_slave_0 removed [ 48.240958][ T6094] Bluetooth: hci0: command tx timeout [ 49.142111][ T6639] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 49.145944][ T6639] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 49.148639][ T6639] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 49.154438][ T6639] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 49.245340][ T6639] 8021q: adding VLAN 0 to HW filter on device bond0 [ 49.248524][ T6639] 8021q: adding VLAN 0 to HW filter on device team0 [ 49.250308][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.250357][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.252843][ T630] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.252870][ T630] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.305530][ T6639] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 49.321794][ T6639] veth0_vlan: entered promiscuous mode [ 49.323677][ T6639] veth1_vlan: entered promiscuous mode [ 49.329146][ T6639] veth0_macvtap: entered promiscuous mode [ 49.330026][ T6639] veth1_macvtap: entered promiscuous mode [ 49.333665][ T6639] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.334559][ T6639] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.335287][ T6639] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.335314][ T6639] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.335331][ T6639] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.335345][ T6639] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.564337][ T630] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.564600][ T630] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.572939][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.572985][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.680488][ T6722] loop0: detected capacity change from 0 to 32768 [ 49.681352][ T6722] ======================================================= [ 49.681352][ T6722] WARNING: The mand mount option has been deprecated and [ 49.681352][ T6722] and is ignored by this kernel. Remove the mand [ 49.681352][ T6722] option from the mount to silence this warning. [ 49.681352][ T6722] ======================================================= [ 49.698435][ T6722] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 49.706418][ T6722] overlayfs: upper fs does not support tmpfile. [ 49.7 ** replaying previous printk message ** [ 49.707471][ T6722] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 49.707599][ T6722] [ 49.709489][ T6722] ====================================================== [ 49.710535][ T6722] WARNING: possible circular locking dependency detected [ 49.711553][ T6722] 6.16.0-rc7-syzkaller-g82af5ea7c611 #0 Not tainted [ 49.712488][ T6722] ------------------------------------------------------ [ 49.713540][ T6722] syz.0.17/6722 is trying to acquire lock: [ 49.714389][ T6722] ffff0000d700a640 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{4:4}, at: ocfs2_reserve_local_alloc_bits+0x104/0x26a0 [ 49.716437][ T6722] [ 49.716437][ T6722] but task is already holding lock: [ 49.717512][ T6722] ffff0000d700dc78 (&oi->ip_xattr_sem){+.+.}-{4:4}, at: ocfs2_xattr_set+0x330/0xe9c [ 49.719001][ T6722] [ 49.719001][ T6722] which lock already depends on the new lock. [ 49.719001][ T6722] [ 49.720727][ T6722] [ 49.720727][ T6722] the existing dependency chain (in reverse order) is: [ 49.722114][ T6722] [ 49.722114][ T6722] -> #4 (&oi->ip_xattr_sem){+.+.}-{4:4}: [ 49.723416][ T6722] down_write+0x50/0xc0 [ 49.724182][ T6722] ocfs2_xattr_set_handle+0x2a8/0x5e4 [ 49.725172][ T6722] ocfs2_init_security_set+0xb4/0xd8 [ 49.726148][ T6722] ocfs2_mknod+0x106c/0x1cf0 [ 49.726962][ T6722] ocfs2_mkdir+0x190/0x474 [ 49.727759][ T6722] vfs_mkdir+0x284/0x424 [ 49.728515][ T6722] do_mkdirat+0x1f8/0x4c8 [ 49.729264][ T6722] __arm64_sys_mkdirat+0x8c/0xa4 [ 49.730103][ T6722] invoke_syscall+0x98/0x2b8 [ 49.730945][ T6722] el0_svc_common+0x130/0x23c [ 49.731791][ T6722] do_el0_svc+0x48/0x58 [ 49.732574][ T6722] el0_svc+0x58/0x180 [ 49.733352][ T6722] el0t_64_sync_handler+0x84/0x12c [ 49.734270][ T6722] el0t_64_sync+0x198/0x19c [ 49.735056][ T6722] [ 49.735056][ T6722] -> #3 (jbd2_handle){++++}-{0:0}: [ 49.736196][ T6722] start_this_handle+0xe74/0x10dc [ 49.737120][ T6722] jbd2__journal_start+0x288/0x51c [ 49.738018][ T6722] jbd2_journal_start+0x3c/0x4c [ 49.738857][ T6722] ocfs2_start_trans+0x368/0x6b0 [ 49.739746][ T6722] ocfs2_reserve_suballoc_bits+0x630/0x3b9c [ 49.740775][ T6722] ocfs2_reserve_new_metadata_blocks+0x368/0x810 [ 49.741856][ T6722] ocfs2_mknod+0xbd8/0x1cf0 [ 49.742623][ T6722] ocfs2_mkdir+0x190/0x474 [ 49.743426][ T6722] vfs_mkdir+0x284/0x424 [ 49.744144][ T6722] do_mkdirat+0x1f8/0x4c8 [ 49.744949][ T6722] __arm64_sys_mkdirat+0x8c/0xa4 [ 49.745789][ T6722] invoke_syscall+0x98/0x2b8 [ 49.746597][ T6722] el0_svc_common+0x130/0x23c [ 49.747399][ T6722] do_el0_svc+0x48/0x58 [ 49.748053][ T6722] el0_svc+0x58/0x180 [ 49.748738][ T6722] el0t_64_sync_handler+0x84/0x12c [ 49.749702][ T6722] el0t_64_sync+0x198/0x19c [ 49.750571][ T6722] [ 49.750571][ T6722] -> #2 (&journal->j_trans_barrier){.+.+}-{4:4}: [ 49.751870][ T6722] down_read+0x58/0x2f8 [ 49.752604][ T6722] ocfs2_start_trans+0x35c/0x6b0 [ 49.753493][ T6722] ocfs2_reserve_suballoc_bits+0x630/0x3b9c [ 49.754487][ T6722] ocfs2_reserve_new_metadata_blocks+0x368/0x810 [ 49.755556][ T6722] ocfs2_mknod+0xbd8/0x1cf0 [ 49.756353][ T6722] ocfs2_mkdir+0x190/0x474 [ 49.757125][ T6722] vfs_mkdir+0x284/0x424 [ 49.757890][ T6722] do_mkdirat+0x1f8/0x4c8 [ 49.758610][ T6722] __arm64_sys_mkdirat+0x8c/0xa4 [ 49.759516][ T6722] invoke_syscall+0x98/0x2b8 [ 49.760362][ T6722] el0_svc_common+0x130/0x23c [ 49.761252][ T6722] do_el0_svc+0x48/0x58 [ 49.762032][ T6722] el0_svc+0x58/0x180 [ 49.762743][ T6722] el0t_64_sync_handler+0x84/0x12c [ 49.763611][ T6722] el0t_64_sync+0x198/0x19c [ 49.764377][ T6722] [ 49.764377][ T6722] -> #1 (sb_internal#2){.+.+}-{0:0}: [ 49.765546][ T6722] ocfs2_start_trans+0x1f4/0x6b0 [ 49.766415][ T6722] ocfs2_mknod+0xc50/0x1cf0 [ 49.767186][ T6722] ocfs2_mkdir+0x190/0x474 [ 49.767981][ T6722] vfs_mkdir+0x284/0x424 [ 49.768769][ T6722] do_mkdirat+0x1f8/0x4c8 [ 49.769530][ T6722] __arm64_sys_mkdirat+0x8c/0xa4 [ 49.770440][ T6722] invoke_syscall+0x98/0x2b8 [ 49.771240][ T6722] el0_svc_common+0x130/0x23c [ 49.772040][ T6722] do_el0_svc+0x48/0x58 [ 49.772759][ T6722] el0_svc+0x58/0x180 [ 49.773454][ T6722] el0t_64_sync_handler+0x84/0x12c [ 49.774371][ T6722] el0t_64_sync+0x198/0x19c [ 49.775129][ T6722] [ 49.775129][ T6722] -> #0 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{4:4}: [ 49.776739][ T6722] __lock_acquire+0x1774/0x30a4 [ 49.777503][ T6722] lock_acquire+0x14c/0x2e0 [ 49.778236][ T6722] down_write+0x50/0xc0 [ 49.779019][ T6722] ocfs2_reserve_local_alloc_bits+0x104/0x26a0 [ 49.780108][ T6722] ocfs2_reserve_clusters_with_limit+0x198/0x9e0 [ 49.781159][ T6722] ocfs2_reserve_clusters+0x3c/0x50 [ 49.782100][ T6722] ocfs2_init_xattr_set_ctxt+0x37c/0x774 [ 49.783032][ T6722] ocfs2_xattr_set+0x920/0xe9c [ 49.783899][ T6722] ocfs2_xattr_trusted_set+0x4c/0x64 [ 49.784836][ T6722] __vfs_setxattr+0x3d8/0x400 [ 49.785664][ T6722] __vfs_setxattr_noperm+0x120/0x5c4 [ 49.786536][ T6722] __vfs_setxattr_locked+0x1ec/0x218 [ 49.787398][ T6722] vfs_setxattr+0x158/0x2ac [ 49.788145][ T6722] ovl_get_workdir+0x958/0x11f4 [ 49.788970][ T6722] ovl_fill_super+0x1028/0x2c80 [ 49.789790][ T6722] get_tree_nodev+0xb4/0x144 [ 49.790506][ T6722] ovl_get_tree+0x28/0x38 [ 49.791226][ T6722] vfs_get_tree+0x90/0x28c [ 49.791985][ T6722] do_new_mount+0x228/0x814 [ 49.792753][ T6722] path_mount+0x5b4/0xde0 [ 49.793513][ T6722] __arm64_sys_mount+0x3e8/0x468 [ 49.794330][ T6722] invoke_syscall+0x98/0x2b8 [ 49.795149][ T6722] el0_svc_common+0x130/0x23c [ 49.796003][ T6722] do_el0_svc+0x48/0x58 [ 49.796765][ T6722] el0_svc+0x58/0x180 [ 49.797479][ T6722] el0t_64_sync_handler+0x84/0x12c [ 49.798420][ T6722] el0t_64_sync+0x198/0x19c [ 49.799240][ T6722] [ 49.799240][ T6722] other info that might help us debug this: [ 49.799240][ T6722] [ 49.800795][ T6722] Chain exists of: [ 49.800795][ T6722] &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5 --> jbd2_handle --> &oi->ip_xattr_sem [ 49.800795][ T6722] [ 49.803177][ T6722] Possible unsafe locking scenario: [ 49.803177][ T6722] [ 49.804357][ T6722] CPU0 CPU1 [ 49.805204][ T6722] ---- ---- [ 49.805994][ T6722] lock(&oi->ip_xattr_sem); [ 49.806733][ T6722] lock(jbd2_handle); [ 49.807777][ T6722] lock(&oi->ip_xattr_sem); [ 49.808918][ T6722] lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5); [ 49.810071][ T6722] [ 49.810071][ T6722] *** DEADLOCK *** [ 49.810071][ T6722] [ 49.811356][ T6722] 4 locks held by syz.0.17/6722: [ 49.812127][ T6722] #0: ffff0000c9b600e0 (&type->s_umount_key#54/1){+.+.}-{4:4}, at: alloc_super+0x1a0/0x80c [ 49.813682][ T6722] #1: ffff0000cbeec428 (sb_writers#11){.+.+}-{0:0}, at: mnt_want_write+0x44/0x9c [ 49.815107][ T6722] #2: ffff0000d700df40 (&sb->s_type->i_mutex_key#22){++++}-{4:4}, at: vfs_setxattr+0x138/0x2ac [ 49.816714][ T6722] #3: ffff0000d700dc78 (&oi->ip_xattr_sem){+.+.}-{4:4}, at: ocfs2_xattr_set+0x330/0xe9c [ 49.818212][ T6722] [ 49.818212][ T6722] stack backtrace: [ 49.819044][ T6722] CPU: 1 UID: 0 PID: 6722 Comm: syz.0.17 Not tainted 6.16.0-rc7-syzkaller-g82af5ea7c611 #0 PREEMPT [ 49.820720][ T6722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/18/2025 [ 49.822323][ T6722] Call trace: [ 49.822869][ T6722] show_stack+0x2c/0x3c (C) [ 49.823637][ T6722] __dump_stack+0x30/0x40 [ 49.824306][ T6722] dump_stack_lvl+0xd8/0x12c [ 49.825067][ T6722] dump_stack+0x1c/0x28 [ 49.825728][ T6722] print_circular_bug+0x324/0x32c [ 49.826528][ T6722] check_noncircular+0x154/0x174 [ 49.827331][ T6722] __lock_acquire+0x1774/0x30a4 [ 49.828123][ T6722] lock_acquire+0x14c/0x2e0 [ 49.828847][ T6722] down_write+0x50/0xc0 [ 49.829541][ T6722] ocfs2_reserve_local_alloc_bits+0x104/0x26a0 [ 49.830532][ T6722] ocfs2_reserve_clusters_with_limit+0x198/0x9e0 [ 49.831502][ T6722] ocfs2_reserve_clusters+0x3c/0x50 [ 49.832330][ T6722] ocfs2_init_xattr_set_ctxt+0x37c/0x774 [ 49.833238][ T6722] ocfs2_xattr_set+0x920/0xe9c [ 49.833965][ T6722] ocfs2_xattr_trusted_set+0x4c/0x64 [ 49.834811][ T6722] __vfs_setxattr+0x3d8/0x400 [ 49.835549][ T6722] __vfs_setxattr_noperm+0x120/0x5c4 [ 49.836356][ T6722] __vfs_setxattr_locked+0x1ec/0x218 [ 49.837168][ T6722] vfs_setxattr+0x158/0x2ac [ 49.837888][ T6722] ovl_get_workdir+0x958/0x11f4 [ 49.838687][ T6722] ovl_fill_super+0x1028/0x2c80 [ 49.839457][ T6722] get_tree_nodev+0xb4/0x144 [ 49.840227][ T6722] ovl_get_tree+0x28/0x38 [ 49.840874][ T6722] vfs_get_tree+0x90/0x28c [ 49.841500][ T6722] do_new_mount+0x228/0x814 [ 49.842161][ T6722] path_mount+0x5b4/0xde0 [ 49.842828][ T6722] __arm64_sys_mount+0x3e8/0x468 [ 49.843564][ T6722] invoke_syscall+0x98/0x2b8 [ 49.844287][ T6722] el0_svc_common+0x130/0x23c [ 49.845029][ T6722] do_el0_svc+0x48/0x58 [ 49.845641][ T6722] el0_svc+0x58/0x180 [ 49.846259][ T6722] el0t_64_sync_handler+0x84/0x12c [ 49.846989][ T6722] el0t_64_sync+0x198/0x19c [ 49.850289][ T6722] overlayfs: upper fs missing required features. [ 49.858827][ T6639] ocfs2: Unmounting device (7,0) on (node local)