[ 86.856769][ T14] cfg80211: failed to load regulatory.db Warning: Permanently added '10.128.1.44' (ED25519) to the list of known hosts. 2025/07/06 01:02:13 ignoring optional flag "sandboxArg"="0" 2025/07/06 01:02:14 parsed 1 programs [ 92.476335][ T4279] cgroup: Unknown subsys name 'net' [ 92.583545][ T4279] cgroup: Unknown subsys name 'rlimit' [ 94.129202][ T4279] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 96.742430][ T4305] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 96.752293][ T4305] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 96.760683][ T4305] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 96.768651][ T4307] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 96.776919][ T4307] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 96.784225][ T4307] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 97.007764][ T2884] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.025499][ T2884] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.044048][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 97.057811][ T2884] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.065931][ T2884] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.074517][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 98.190697][ T4340] chnl_net:caif_netlink_parms(): no params data found [ 98.321117][ T4340] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.328951][ T4340] bridge0: port 1(bridge_slave_0) entered disabled state [ 98.337520][ T4340] device bridge_slave_0 entered promiscuous mode [ 98.351074][ T4340] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.358515][ T4340] bridge0: port 2(bridge_slave_1) entered disabled state [ 98.366827][ T4340] device bridge_slave_1 entered promiscuous mode [ 98.392641][ T4340] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 98.404037][ T4340] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 98.430643][ T4340] team0: Port device team_slave_0 added [ 98.438216][ T4340] team0: Port device team_slave_1 added [ 98.460913][ T4340] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 98.467978][ T4340] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 98.494246][ T4340] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 98.508014][ T4340] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 98.515122][ T4340] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 98.541518][ T4340] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 98.585070][ T4340] device hsr_slave_0 entered promiscuous mode [ 98.591886][ T4340] device hsr_slave_1 entered promiscuous mode [ 98.738079][ T4340] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 98.750126][ T4340] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 98.769264][ T4340] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 98.780230][ T4340] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 98.809194][ T4340] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.816478][ T4340] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.824505][ T4340] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.831809][ T4340] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.893020][ T4340] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.922993][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 98.933477][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 98.943674][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 98.959551][ T4340] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.972276][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 98.982175][ T75] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.989555][ T75] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.018113][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 99.027294][ T75] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.034428][ T75] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.057504][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 99.071220][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 99.082801][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 99.093137][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 99.101991][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 99.149610][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 99.158887][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 99.170878][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 99.179467][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 99.204082][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 99.212933][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 99.252485][ T4340] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 99.503956][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 99.512004][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 99.526958][ T4340] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.544373][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 99.554407][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 99.574688][ T4340] device veth0_vlan entered promiscuous mode [ 99.583867][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 99.592756][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 99.602356][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 99.610358][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 99.624366][ T4340] device veth1_vlan entered promiscuous mode [ 99.647631][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 99.657352][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 99.666212][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 99.674767][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 99.686994][ T4340] device veth0_macvtap entered promiscuous mode [ 99.698453][ T4340] device veth1_macvtap entered promiscuous mode [ 99.715111][ T4340] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.722730][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 99.731986][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 99.740632][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 99.749582][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 99.762388][ T4340] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.770068][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 99.779081][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 99.790625][ T4340] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.799742][ T4340] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.808691][ T4340] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.817899][ T4340] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.933636][ T75] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 2025/07/06 01:02:24 executed programs: 0 [ 100.223536][ T48] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 100.232217][ T48] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 100.240740][ T48] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 100.251365][ T48] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 100.259673][ T48] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 100.267990][ T48] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 100.406321][ T4371] chnl_net:caif_netlink_parms(): no params data found [ 100.454596][ T4371] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.462083][ T4371] bridge0: port 1(bridge_slave_0) entered disabled state [ 100.470415][ T4371] device bridge_slave_0 entered promiscuous mode [ 100.480256][ T4371] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.487564][ T4371] bridge0: port 2(bridge_slave_1) entered disabled state [ 100.496189][ T4371] device bridge_slave_1 entered promiscuous mode [ 100.519510][ T4371] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 100.531096][ T4371] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 100.563335][ T4371] team0: Port device team_slave_0 added [ 100.573665][ T4371] team0: Port device team_slave_1 added [ 100.594136][ T4371] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 100.601240][ T4371] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.628446][ T4371] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 100.643731][ T4371] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 100.650949][ T4371] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.677318][ T4371] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 100.714561][ T4371] device hsr_slave_0 entered promiscuous mode [ 100.721973][ T4371] device hsr_slave_1 entered promiscuous mode [ 100.729104][ T4371] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 100.737639][ T4371] Cannot create hsr debugfs directory [ 102.157365][ T75] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 102.295587][ T48] Bluetooth: hci0: command 0x0409 tx timeout [ 104.376103][ T4307] Bluetooth: hci0: command 0x041b tx timeout [ 104.397110][ T75] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 104.476865][ T75] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.341251][ T4371] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 105.353884][ T4371] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 105.364463][ T4371] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 105.384097][ T75] device hsr_slave_0 left promiscuous mode [ 105.393980][ T75] device hsr_slave_1 left promiscuous mode [ 105.401289][ T75] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 105.411240][ T75] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 105.420432][ T75] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 105.431282][ T75] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 105.439880][ T75] device bridge_slave_1 left promiscuous mode [ 105.449367][ T75] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.462085][ T75] device bridge_slave_0 left promiscuous mode [ 105.471958][ T75] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.514529][ T75] device veth1_macvtap left promiscuous mode [ 105.521319][ T75] device veth0_macvtap left promiscuous mode [ 105.530263][ T75] device veth1_vlan left promiscuous mode [ 105.536588][ T75] device veth0_vlan left promiscuous mode [ 105.911670][ T75] team0 (unregistering): Port device team_slave_1 removed [ 105.942433][ T75] team0 (unregistering): Port device team_slave_0 removed [ 105.971454][ T75] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 106.003378][ T75] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 106.285465][ T75] bond0 (unregistering): Released all slaves [ 106.354869][ T4371] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 106.434816][ T4371] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.459520][ T48] Bluetooth: hci0: command 0x040f tx timeout [ 106.468107][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 106.476512][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 106.487349][ T4371] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.498857][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 106.508180][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 106.517146][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.524235][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.532402][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 106.546755][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 106.556375][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 106.565386][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.572518][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.593104][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 106.608016][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 106.620280][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 106.629555][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 106.638516][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 106.657217][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 106.666792][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 106.675967][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 106.684522][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 106.696882][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 106.706088][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 106.721436][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 106.936489][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 106.944018][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 106.959842][ T4371] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 106.977810][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 106.986719][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 107.008156][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 107.016771][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 107.026976][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 107.035189][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 107.044078][ T4371] device veth0_vlan entered promiscuous mode [ 107.058744][ T4371] device veth1_vlan entered promiscuous mode [ 107.080357][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 107.089541][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 107.098045][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 107.107667][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 107.120816][ T4371] device veth0_macvtap entered promiscuous mode [ 107.131200][ T4371] device veth1_macvtap entered promiscuous mode [ 107.147159][ T4371] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 107.154612][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 107.163324][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 107.172241][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 107.181565][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 107.193112][ T4371] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 107.205441][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 107.214161][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 107.226072][ T4371] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.234796][ T4371] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.243747][ T4371] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.253159][ T4371] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.314768][ T2884] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.324366][ T2884] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.345758][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 107.358085][ T2884] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.367083][ T2884] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.379045][ T2884] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 107.441799][ T4417] loop0: detected capacity change from 0 to 2048 [ 107.452885][ T4417] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=2362, location=2362 [ 107.470921][ T4417] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 107.500131][ T4417] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 107.525486][ T4417] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 107.557194][ T27] audit: type=1800 audit(1751763752.256:2): pid=4417 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.16" name="file1" dev="loop0" ino=1346 res=0 errno=0 [ 107.824348][ T4418] [ 107.826716][ T4418] ============================================ [ 107.832866][ T4418] WARNING: possible recursive locking detected [ 107.839026][ T4418] 6.1.142-syzkaller #0 Not tainted [ 107.844157][ T4418] -------------------------------------------- [ 107.850320][ T4418] syz.0.16/4418 is trying to acquire lock: [ 107.856328][ T4418] ffff88802fbc1d28 (&sbi->s_alloc_mutex){+.+.}-{3:3}, at: udf_free_blocks+0x8f6/0x16c0 [ 107.866052][ T4418] [ 107.866052][ T4418] but task is already holding lock: [ 107.873424][ T4418] ffff88802fbc1d28 (&sbi->s_alloc_mutex){+.+.}-{3:3}, at: udf_new_block+0xe73/0x1a20 [ 107.882948][ T4418] [ 107.882948][ T4418] other info that might help us debug this: [ 107.891011][ T4418] Possible unsafe locking scenario: [ 107.891011][ T4418] [ 107.898475][ T4418] CPU0 [ 107.901764][ T4418] ---- [ 107.905048][ T4418] lock(&sbi->s_alloc_mutex); [ 107.909824][ T4418] lock(&sbi->s_alloc_mutex); [ 107.914596][ T4418] [ 107.914596][ T4418] *** DEADLOCK *** [ 107.914596][ T4418] [ 107.922747][ T4418] May be due to missing lock nesting notation [ 107.922747][ T4418] [ 107.931069][ T4418] 4 locks held by syz.0.16/4418: [ 107.936010][ T4418] #0: ffff88805cf16460 (sb_writers#13){.+.+}-{0:0}, at: do_sendfile+0x5a9/0xeb0 [ 107.945179][ T4418] #1: ffff88805c6d02a8 (&sb->s_type->i_mutex_key#21){+.+.}-{3:3}, at: udf_file_write_iter+0x6e/0x650 [ 107.956947][ T4418] #2: ffff88805c6d00d0 (&ei->i_data_sem#2){++++}-{3:3}, at: udf_get_block+0xf6/0x3cd0 [ 107.966725][ T4418] #3: ffff88802fbc1d28 (&sbi->s_alloc_mutex){+.+.}-{3:3}, at: udf_new_block+0xe73/0x1a20 [ 107.976663][ T4418] [ 107.976663][ T4418] stack backtrace: [ 107.982576][ T4418] CPU: 1 PID: 4418 Comm: syz.0.16 Not tainted 6.1.142-syzkaller #0 [ 107.990479][ T4418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 108.000558][ T4418] Call Trace: [ 108.003853][ T4418] [ 108.006795][ T4418] dump_stack_lvl+0x168/0x22e [ 108.011496][ T4418] ? show_regs_print_info+0x12/0x12 [ 108.016712][ T4418] ? load_image+0x3b0/0x3b0 [ 108.021232][ T4418] __lock_acquire+0x122f/0x7c50 [ 108.026110][ T4418] ? verify_lock_unused+0x140/0x140 [ 108.031328][ T4418] ? mark_lock+0x94/0x320 [ 108.035682][ T4418] ? __lock_acquire+0x13c0/0x7c50 [ 108.040728][ T4418] lock_acquire+0x1b4/0x490 [ 108.045251][ T4418] ? udf_free_blocks+0x8f6/0x16c0 [ 108.050306][ T4418] ? __might_sleep+0xd0/0xd0 [ 108.054983][ T4418] ? read_lock_is_recursive+0x10/0x10 [ 108.060385][ T4418] ? mark_lock+0x94/0x320 [ 108.064735][ T4418] ? mark_lock+0x94/0x320 [ 108.069082][ T4418] __mutex_lock+0x120/0xaf0 [ 108.073610][ T4418] ? udf_free_blocks+0x8f6/0x16c0 [ 108.078646][ T4418] ? folio_activate_fn+0x1ff0/0x1ff0 [ 108.083957][ T4418] ? udf_free_blocks+0x8f6/0x16c0 [ 108.089000][ T4418] ? mutex_lock_nested+0x10/0x10 [ 108.093960][ T4418] ? mark_lock+0x94/0x320 [ 108.098309][ T4418] ? write_boundary_block+0xb0/0xb0 [ 108.103549][ T4418] ? __might_sleep+0xd0/0xd0 [ 108.108175][ T4418] ? folio_mark_accessed+0x317/0x1440 [ 108.113580][ T4418] udf_free_blocks+0x8f6/0x16c0 [ 108.118456][ T4418] ? __getblk_gfp+0x4f/0xb20 [ 108.123069][ T4418] ? udf_get_fileshortad+0x6a/0x1a0 [ 108.128289][ T4418] ? orangefs_cancel_op_in_progress+0x470/0x470 [ 108.134554][ T4418] ? udf_next_aext+0x38f/0x450 [ 108.139346][ T4418] udf_delete_aext+0x4cd/0xbb0 [ 108.144130][ T4418] ? udf_next_aext+0x450/0x450 [ 108.148928][ T4418] udf_new_block+0x129b/0x1a20 [ 108.153727][ T4418] ? __getblk_gfp+0x4f/0xb20 [ 108.158347][ T4418] ? udf_get_filelongad+0x6a/0x1a0 [ 108.163486][ T4418] ? udf_prealloc_blocks+0xed0/0xed0 [ 108.168785][ T4418] ? udf_next_aext+0x38f/0x450 [ 108.173569][ T4418] udf_get_block+0x105b/0x3cd0 [ 108.178357][ T4418] ? filemap_get_folios+0xe6/0x750 [ 108.183492][ T4418] ? udf_bread+0x470/0x470 [ 108.187955][ T4418] ? do_raw_spin_unlock+0x11d/0x230 [ 108.193175][ T4418] ? create_page_buffers+0x24f/0x4a0 [ 108.198484][ T4418] __block_write_begin_int+0x54b/0x1a70 [ 108.204061][ T4418] ? udf_bread+0x470/0x470 [ 108.208492][ T4418] ? page_zero_new_buffers+0x650/0x650 [ 108.213978][ T4418] ? udf_bread+0x470/0x470 [ 108.218408][ T4418] block_write_begin+0x96/0x1e0 [ 108.223281][ T4418] udf_write_begin+0x31/0x70 [ 108.227889][ T4418] generic_perform_write+0x2db/0x560 [ 108.233202][ T4418] ? __mark_inode_dirty+0x414/0xf40 [ 108.238445][ T4418] ? generic_file_direct_write+0x660/0x660 [ 108.244288][ T4418] ? __file_remove_privs+0x5b0/0x5b0 [ 108.249602][ T4418] ? kasan_set_track+0x60/0x70 [ 108.254387][ T4418] ? read_lock_is_recursive+0x10/0x10 [ 108.259776][ T4418] ? preempt_count_add+0x8d/0x190 [ 108.264814][ T4418] ? rwsem_write_trylock+0x12f/0x1b0 [ 108.270124][ T4418] __generic_file_write_iter+0x172/0x430 [ 108.275787][ T4418] ? up_write+0x1bb/0x420 [ 108.280129][ T4418] udf_file_write_iter+0x28c/0x650 [ 108.285255][ T4418] do_iter_write+0x62d/0xaf0 [ 108.289859][ T4418] ? vfs_iter_write+0xa0/0xa0 [ 108.294560][ T4418] ? vfs_iter_write+0x67/0xa0 [ 108.299255][ T4418] iter_file_splice_write+0x665/0xc50 [ 108.304657][ T4418] ? splice_from_pipe+0x150/0x150 [ 108.309703][ T4418] ? generic_file_splice_read+0x223/0x4e0 [ 108.315447][ T4418] ? splice_shrink_spd+0xc0/0xc0 [ 108.320414][ T4418] ? splice_from_pipe+0x150/0x150 [ 108.325465][ T4418] direct_splice_actor+0xe1/0x130 [ 108.330504][ T4418] splice_direct_to_actor+0x480/0xb60 [ 108.335910][ T4418] ? direct_file_splice_eof+0xa0/0xa0 [ 108.341293][ T4418] ? pipe_to_sendpage+0x310/0x310 [ 108.346342][ T4418] ? common_file_perm+0x171/0x1c0 [ 108.351383][ T4418] ? fsnotify_perm+0x5a/0x550 [ 108.356077][ T4418] ? security_file_permission+0x75/0xa0 [ 108.361647][ T4418] do_splice_direct+0x1b0/0x2b0 [ 108.366512][ T4418] ? splice_direct_to_actor+0xb60/0xb60 [ 108.372081][ T4418] ? rcu_read_lock_any_held+0xb0/0x120 [ 108.377557][ T4418] ? do_splice_direct+0x2b0/0x2b0 [ 108.382602][ T4418] ? common_file_perm+0x171/0x1c0 [ 108.387642][ T4418] do_sendfile+0x5cc/0xeb0 [ 108.392071][ T4418] ? preempt_count_add+0x8d/0x190 [ 108.397200][ T4418] ? do_pwritev+0x340/0x340 [ 108.401729][ T4418] ? __se_sys_futex+0x14a/0x440 [ 108.406608][ T4418] __se_sys_sendfile64+0x13b/0x190 [ 108.411735][ T4418] ? lock_chain_count+0x20/0x20 [ 108.416609][ T4418] ? __x64_sys_sendfile64+0xa0/0xa0 [ 108.421824][ T4418] ? lockdep_hardirqs_on+0x94/0x140 [ 108.427043][ T4418] do_syscall_64+0x4c/0xa0 [ 108.431479][ T4418] ? clear_bhb_loop+0x60/0xb0 [ 108.436170][ T4418] ? clear_bhb_loop+0x60/0xb0 [ 108.440861][ T4418] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 108.446778][ T4418] RIP: 0033:0x7f46c218e929 [ 108.451221][ T4418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 108.471731][ T4418] RSP: 002b:00007f46c1fff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 108.480180][ T4418] RAX: ffffffffffffffda RBX: 00007f46c23b6080 RCX: 00007f46c218e929 [ 108.488170][ T4418] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 108.496155][ T4418] RBP: 00007f46c2210b39 R08: 0000000000000000 R09: 0000000000000000 [ 108.504139][ T4418] R10: 0001000000201005 R11: 0000000000000246 R12: 0000000000000000 [ 108.512122][ T4418] R13: 0000000000000000 R14: 00007f46c23b6080 R15: 00007ffc03da8138 [ 108.520117][ T4418] [ 108.535029][ T4307] Bluetooth: hci0: command 0x0419 tx timeout