no interfaces have a carrier [ 39.942183][ T5435] 8021q: adding VLAN 0 to HW filter on device bond0 [ 39.966720][ T5435] eql: remember to turn off Van-Jacobson compression on your slave devices Starting crond: OK Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.68' (ED25519) to the list of known hosts. executing program syzkaller login: [ 68.291554][ T5765] syz-executor360[5765]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 68.435483][ T5765] loop0: detected capacity change from 0 to 32768 [ 68.445972][ T5765] ======================================================= [ 68.445972][ T5765] WARNING: The mand mount option has been deprecated and [ 68.445972][ T5765] and is ignored by this kernel. Remove the mand [ 68.445972][ T5765] option from the mount to silence this warning. [ 68.445972][ T5765] ======================================================= [ 68.499145][ T5765] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 68.522342][ T5765] [ 68.524702][ T5765] ====================================================== [ 68.531718][ T5765] WARNING: possible circular locking dependency detected [ 68.538743][ T5765] 6.6.94-syzkaller #0 Not tainted [ 68.543768][ T5765] ------------------------------------------------------ [ 68.550787][ T5765] syz-executor360/5765 is trying to acquire lock: [ 68.557207][ T5765] ffff88807791b120 (&oi->ip_alloc_sem){+.+.}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xb7/0x320 [ 68.568054][ T5765] [ 68.568054][ T5765] but task is already holding lock: [ 68.575423][ T5765] ffff88807791b1b8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xa5/0x320 [ 68.586044][ T5765] [ 68.586044][ T5765] which lock already depends on the new lock. [ 68.586044][ T5765] [ 68.596425][ T5765] [ 68.596425][ T5765] the existing dependency chain (in reverse order) is: [ 68.605412][ T5765] [ 68.605412][ T5765] -> #4 (&oi->ip_xattr_sem){++++}-{3:3}: [ 68.613222][ T5765] down_read+0x46/0x2e0 [ 68.617901][ T5765] ocfs2_init_acl+0x2fa/0x720 [ 68.623077][ T5765] ocfs2_mknod+0x12e5/0x20f0 [ 68.628165][ T5765] ocfs2_create+0x196/0x410 [ 68.633170][ T5765] path_openat+0x1277/0x3190 [ 68.638264][ T5765] do_filp_open+0x1c5/0x3d0 [ 68.643280][ T5765] do_sys_openat2+0x12c/0x1c0 [ 68.648487][ T5765] __x64_sys_openat+0x139/0x160 [ 68.653844][ T5765] do_syscall_64+0x55/0xb0 [ 68.658763][ T5765] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 68.665160][ T5765] [ 68.665160][ T5765] -> #3 (jbd2_handle){.+.+}-{0:0}: [ 68.672438][ T5765] start_this_handle+0x1e9d/0x20c0 [ 68.678071][ T5765] jbd2__journal_start+0x2bb/0x5b0 [ 68.683698][ T5765] jbd2_journal_start+0x2a/0x40 [ 68.689063][ T5765] ocfs2_start_trans+0x376/0x6c0 [ 68.694501][ T5765] ocfs2_mknod+0xe47/0x20f0 [ 68.699504][ T5765] ocfs2_create+0x196/0x410 [ 68.704507][ T5765] path_openat+0x1277/0x3190 [ 68.709625][ T5765] do_filp_open+0x1c5/0x3d0 [ 68.714627][ T5765] do_sys_openat2+0x12c/0x1c0 [ 68.719806][ T5765] __x64_sys_openat+0x139/0x160 [ 68.725154][ T5765] do_syscall_64+0x55/0xb0 [ 68.730074][ T5765] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 68.736469][ T5765] [ 68.736469][ T5765] -> #2 (&journal->j_trans_barrier){.+.+}-{3:3}: [ 68.744957][ T5765] down_read+0x46/0x2e0 [ 68.749630][ T5765] ocfs2_start_trans+0x36a/0x6c0 [ 68.755073][ T5765] ocfs2_mknod+0xe47/0x20f0 [ 68.760077][ T5765] ocfs2_create+0x196/0x410 [ 68.765078][ T5765] path_openat+0x1277/0x3190 [ 68.770164][ T5765] do_filp_open+0x1c5/0x3d0 [ 68.775167][ T5765] do_sys_openat2+0x12c/0x1c0 [ 68.780341][ T5765] __x64_sys_openat+0x139/0x160 [ 68.785698][ T5765] do_syscall_64+0x55/0xb0 [ 68.790613][ T5765] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 68.797007][ T5765] [ 68.797007][ T5765] -> #1 (sb_internal#2){.+.+}-{0:0}: [ 68.804452][ T5765] ocfs2_start_trans+0x26b/0x6c0 [ 68.809885][ T5765] ocfs2_truncate_file+0x611/0x13a0 [ 68.815588][ T5765] ocfs2_setattr+0x150d/0x1b20 [ 68.820852][ T5765] notify_change+0xb0d/0xe10 [ 68.825942][ T5765] do_truncate+0x19b/0x220 [ 68.830862][ T5765] path_openat+0x298c/0x3190 [ 68.835948][ T5765] do_filp_open+0x1c5/0x3d0 [ 68.840949][ T5765] do_sys_openat2+0x12c/0x1c0 [ 68.846122][ T5765] __x64_sys_openat+0x139/0x160 [ 68.851471][ T5765] do_syscall_64+0x55/0xb0 [ 68.856386][ T5765] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 68.862778][ T5765] [ 68.862778][ T5765] -> #0 (&oi->ip_alloc_sem){+.+.}-{3:3}: [ 68.870570][ T5765] __lock_acquire+0x2ddb/0x7c80 [ 68.875929][ T5765] lock_acquire+0x197/0x410 [ 68.880925][ T5765] down_write+0x97/0x1f0 [ 68.885666][ T5765] ocfs2_try_remove_refcount_tree+0xb7/0x320 [ 68.892146][ T5765] ocfs2_truncate_file+0xd84/0x13a0 [ 68.897849][ T5765] ocfs2_setattr+0x150d/0x1b20 [ 68.903116][ T5765] notify_change+0xb0d/0xe10 [ 68.908213][ T5765] do_truncate+0x19b/0x220 [ 68.913124][ T5765] path_openat+0x298c/0x3190 [ 68.918258][ T5765] do_filp_open+0x1c5/0x3d0 [ 68.923276][ T5765] do_sys_openat2+0x12c/0x1c0 [ 68.928459][ T5765] __x64_sys_openat+0x139/0x160 [ 68.933810][ T5765] do_syscall_64+0x55/0xb0 [ 68.938725][ T5765] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 68.945120][ T5765] [ 68.945120][ T5765] other info that might help us debug this: [ 68.945120][ T5765] [ 68.955321][ T5765] Chain exists of: [ 68.955321][ T5765] &oi->ip_alloc_sem --> jbd2_handle --> &oi->ip_xattr_sem [ 68.955321][ T5765] [ 68.968329][ T5765] Possible unsafe locking scenario: [ 68.968329][ T5765] [ 68.975753][ T5765] CPU0 CPU1 [ 68.981088][ T5765] ---- ---- [ 68.986427][ T5765] lock(&oi->ip_xattr_sem); [ 68.990995][ T5765] lock(jbd2_handle); [ 68.997559][ T5765] lock(&oi->ip_xattr_sem); [ 69.004641][ T5765] lock(&oi->ip_alloc_sem); [ 69.009208][ T5765] [ 69.009208][ T5765] *** DEADLOCK *** [ 69.009208][ T5765] [ 69.017325][ T5765] 3 locks held by syz-executor360/5765: [ 69.022843][ T5765] #0: ffff88802f722418 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 [ 69.031955][ T5765] #1: ffff88807791b498 (&sb->s_type->i_mutex_key#15){+.+.}-{3:3}, at: do_truncate+0x187/0x220 [ 69.042278][ T5765] #2: ffff88807791b1b8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xa5/0x320 [ 69.053294][ T5765] [ 69.053294][ T5765] stack backtrace: [ 69.059174][ T5765] CPU: 0 PID: 5765 Comm: syz-executor360 Not tainted 6.6.94-syzkaller #0 [ 69.067580][ T5765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 69.077635][ T5765] Call Trace: [ 69.080896][ T5765] [ 69.083814][ T5765] dump_stack_lvl+0x16c/0x230 [ 69.088479][ T5765] ? load_image+0x3b0/0x3b0 [ 69.092973][ T5765] ? show_regs_print_info+0x20/0x20 [ 69.098167][ T5765] ? print_circular_bug+0x12b/0x1a0 [ 69.103349][ T5765] check_noncircular+0x2bd/0x3c0 [ 69.108269][ T5765] ? print_deadlock_bug+0x5d0/0x5d0 [ 69.113450][ T5765] ? lockdep_lock+0xe0/0x220 [ 69.118018][ T5765] ? lockdep_unlock+0x137/0x2d0 [ 69.122841][ T5765] ? _find_first_zero_bit+0xd3/0x100 [ 69.128128][ T5765] __lock_acquire+0x2ddb/0x7c80 [ 69.132981][ T5765] ? verify_lock_unused+0x140/0x140 [ 69.138170][ T5765] lock_acquire+0x197/0x410 [ 69.142666][ T5765] ? ocfs2_try_remove_refcount_tree+0xb7/0x320 [ 69.148804][ T5765] ? __might_sleep+0xe0/0xe0 [ 69.153390][ T5765] ? read_lock_is_recursive+0x20/0x20 [ 69.158765][ T5765] down_write+0x97/0x1f0 [ 69.163001][ T5765] ? ocfs2_try_remove_refcount_tree+0xb7/0x320 [ 69.169145][ T5765] ? down_read_killable+0x340/0x340 [ 69.174329][ T5765] ? ocfs2_truncate_file+0xcaa/0x13a0 [ 69.179708][ T5765] ? __lock_acquire+0x7c80/0x7c80 [ 69.184750][ T5765] ocfs2_try_remove_refcount_tree+0xb7/0x320 [ 69.190719][ T5765] ? ocfs2_remove_refcount_tree+0xd50/0xd50 [ 69.196613][ T5765] ? up_write+0x1c3/0x410 [ 69.200927][ T5765] ocfs2_truncate_file+0xd84/0x13a0 [ 69.206112][ T5765] ? ocfs2_inode_lock_tracker+0x3ec/0x660 [ 69.211817][ T5765] ? ocfs2_simple_size_update+0x470/0x470 [ 69.217521][ T5765] ? do_raw_spin_unlock+0x121/0x230 [ 69.222701][ T5765] ? _raw_spin_unlock+0x28/0x40 [ 69.227541][ T5765] ? ocfs2_inode_lock_tracker+0x3ec/0x660 [ 69.233242][ T5765] ? ocfs2_inode_lock_atime+0x4e0/0x4e0 [ 69.238766][ T5765] ? ocfs2_rw_lock+0x138/0x240 [ 69.243504][ T5765] ? dquot_initialize+0x20/0x20 [ 69.248360][ T5765] ? ocfs2_create_new_inode_locks+0x640/0x640 [ 69.254418][ T5765] ? setattr_prepare+0x1e6/0xac0 [ 69.259347][ T5765] ? jbd2_journal_begin_ordered_truncate+0xbb/0x150 [ 69.265925][ T5765] ocfs2_setattr+0x150d/0x1b20 [ 69.270678][ T5765] ? ocfs2_extend_allocation+0x1760/0x1760 [ 69.276465][ T5765] ? ktime_get_coarse_real_ts64+0x3a/0x120 [ 69.282250][ T5765] ? seqcount_lockdep_reader_access+0x176/0x1c0 [ 69.288495][ T5765] ? ktime_get_coarse_real_ts64+0x110/0x120 [ 69.294370][ T5765] ? current_time+0x18e/0x270 [ 69.299031][ T5765] ? inode_set_ctime_current+0x2d0/0x2d0 [ 69.304645][ T5765] ? evm_inode_setattr+0x94/0x6a0 [ 69.309643][ T5765] ? bpf_lsm_inode_setattr+0x9/0x10 [ 69.314830][ T5765] ? try_break_deleg+0x79/0x120 [ 69.319670][ T5765] ? ocfs2_extend_allocation+0x1760/0x1760 [ 69.325465][ T5765] notify_change+0xb0d/0xe10 [ 69.330042][ T5765] do_truncate+0x19b/0x220 [ 69.334439][ T5765] ? put_page_bootmem+0x2c0/0x2c0 [ 69.339438][ T5765] ? apparmor_file_truncate+0x23f/0x2d0 [ 69.344986][ T5765] ? ima_bprm_check+0x1f0/0x1f0 [ 69.349818][ T5765] path_openat+0x298c/0x3190 [ 69.354395][ T5765] ? do_filp_open+0x3d0/0x3d0 [ 69.359052][ T5765] do_filp_open+0x1c5/0x3d0 [ 69.363531][ T5765] ? vfs_tmpfile+0x490/0x490 [ 69.368103][ T5765] ? _raw_spin_unlock+0x28/0x40 [ 69.372935][ T5765] ? alloc_fd+0x58f/0x630 [ 69.377253][ T5765] do_sys_openat2+0x12c/0x1c0 [ 69.381909][ T5765] ? do_sys_open+0xe0/0xe0 [ 69.386303][ T5765] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 69.392286][ T5765] ? lock_chain_count+0x20/0x20 [ 69.397128][ T5765] __x64_sys_openat+0x139/0x160 [ 69.401988][ T5765] do_syscall_64+0x55/0xb0 [ 69.406398][ T5765] ? clear_bhb_loop+0x40/0x90 [ 69.411059][ T5765] ? clear_bhb_loop+0x40/0x90 [ 69.415716][ T5765] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 69.421596][ T5765] RIP: 0033:0x7f9d26e2b6b9 [ 69.426005][ T5765] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 69.445597][ T5765] RSP: 002b:00007ffc1c095b78 EFLAGS: 00000246 ORIG_RAX: 0000000000000101