Warning: Permanently added '10.128.1.80' (ED25519) to the list of known hosts. 2025/10/26 08:10:23 parsed 1 programs [ 72.962095][ T5832] cgroup: Unknown subsys name 'net' [ 73.129043][ T5832] cgroup: Unknown subsys name 'cpuset' [ 73.138427][ T5832] cgroup: Unknown subsys name 'rlimit' [ 74.564821][ T5832] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 77.152564][ T5839] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 77.703795][ T5853] chnl_net:caif_netlink_parms(): no params data found [ 77.814539][ T5853] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.822436][ T5853] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.829864][ T5853] bridge_slave_0: entered allmulticast mode [ 77.837023][ T5853] bridge_slave_0: entered promiscuous mode [ 77.845846][ T5853] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.853005][ T5853] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.861023][ T5853] bridge_slave_1: entered allmulticast mode [ 77.868304][ T5853] bridge_slave_1: entered promiscuous mode [ 77.897211][ T5853] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 77.909994][ T5853] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 77.943980][ T5853] team0: Port device team_slave_0 added [ 77.952398][ T5853] team0: Port device team_slave_1 added [ 77.976653][ T5853] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 77.983607][ T5853] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 78.010038][ T5853] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.022599][ T5853] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.029617][ T5853] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 78.055570][ T5853] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.096070][ T5853] hsr_slave_0: entered promiscuous mode [ 78.102463][ T5853] hsr_slave_1: entered promiscuous mode [ 78.227512][ T5853] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 78.239090][ T5853] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 78.249323][ T5853] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 78.258899][ T5853] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 78.286710][ T5853] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.293882][ T5853] bridge0: port 2(bridge_slave_1) entered forwarding state [ 78.301899][ T5853] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.309170][ T5853] bridge0: port 1(bridge_slave_0) entered forwarding state [ 78.372049][ T5853] 8021q: adding VLAN 0 to HW filter on device bond0 [ 78.390159][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.399044][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.414729][ T5853] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.430205][ T1007] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.437334][ T1007] bridge0: port 1(bridge_slave_0) entered forwarding state [ 78.451495][ T1007] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.458693][ T1007] bridge0: port 2(bridge_slave_1) entered forwarding state [ 78.611260][ T5853] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 78.655890][ T5853] veth0_vlan: entered promiscuous mode [ 78.667201][ T5853] veth1_vlan: entered promiscuous mode [ 78.696468][ T5853] veth0_macvtap: entered promiscuous mode [ 78.706017][ T5853] veth1_macvtap: entered promiscuous mode [ 78.724478][ T5853] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 78.741061][ T5853] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 78.757332][ T4469] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.767001][ T4469] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.782539][ T4469] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.791647][ T50] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.907475][ T4469] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 79.002092][ T4469] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 79.076572][ T4469] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 79.174591][ T4469] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 80.321479][ T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 80.330917][ T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 80.339283][ T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 80.347472][ T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 80.355560][ T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 81.065801][ T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.073687][ T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.103445][ T50] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.112555][ T50] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 2025/10/26 08:10:33 executed programs: 0 [ 81.602488][ T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 81.611110][ T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 81.620502][ T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 81.629240][ T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 81.636919][ T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 81.837926][ T4469] bridge_slave_1: left allmulticast mode [ 81.843728][ T4469] bridge_slave_1: left promiscuous mode [ 81.858429][ T4469] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.871565][ T4469] bridge_slave_0: left allmulticast mode [ 81.880026][ T4469] bridge_slave_0: left promiscuous mode [ 81.886232][ T4469] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.171112][ T4469] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 82.181959][ T4469] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 82.192624][ T4469] bond0 (unregistering): Released all slaves [ 82.309487][ T4469] hsr_slave_0: left promiscuous mode [ 82.317469][ T4469] hsr_slave_1: left promiscuous mode [ 82.323831][ T4469] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 82.332582][ T4469] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 82.346382][ T4469] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 82.353804][ T4469] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 82.374654][ T4469] veth1_macvtap: left promiscuous mode [ 82.385832][ T4469] veth0_macvtap: left promiscuous mode [ 82.391587][ T4469] veth1_vlan: left promiscuous mode [ 82.397331][ T4469] veth0_vlan: left promiscuous mode [ 82.834090][ T4469] team0 (unregistering): Port device team_slave_1 removed [ 82.864247][ T4469] team0 (unregistering): Port device team_slave_0 removed [ 83.085222][ T5942] chnl_net:caif_netlink_parms(): no params data found [ 83.194293][ T5942] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.201649][ T5942] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.209003][ T5942] bridge_slave_0: entered allmulticast mode [ 83.217609][ T5942] bridge_slave_0: entered promiscuous mode [ 83.226443][ T5942] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.233624][ T5942] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.241667][ T5942] bridge_slave_1: entered allmulticast mode [ 83.249435][ T5942] bridge_slave_1: entered promiscuous mode [ 83.288452][ T5942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 83.306399][ T5942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 83.348297][ T5942] team0: Port device team_slave_0 added [ 83.358094][ T5942] team0: Port device team_slave_1 added [ 83.410138][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 83.418146][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 83.447855][ T5942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 83.465305][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 83.472281][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 83.498703][ T5942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 83.686549][ T5149] Bluetooth: hci0: command tx timeout [ 84.057619][ T5942] hsr_slave_0: entered promiscuous mode [ 84.064357][ T5942] hsr_slave_1: entered promiscuous mode [ 84.819464][ T5942] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 84.856140][ T5942] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 84.875688][ T5942] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 84.891816][ T5942] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 85.039883][ T5942] 8021q: adding VLAN 0 to HW filter on device bond0 [ 85.063194][ T5942] 8021q: adding VLAN 0 to HW filter on device team0 [ 85.089979][ T50] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.097189][ T50] bridge0: port 1(bridge_slave_0) entered forwarding state [ 85.109539][ T50] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.116767][ T50] bridge0: port 2(bridge_slave_1) entered forwarding state [ 85.372649][ T5942] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 85.438458][ T5942] veth0_vlan: entered promiscuous mode [ 85.452805][ T5942] veth1_vlan: entered promiscuous mode [ 85.490827][ T5942] veth0_macvtap: entered promiscuous mode [ 85.501488][ T5942] veth1_macvtap: entered promiscuous mode [ 85.533115][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 85.552686][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 85.570709][ T4469] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.583653][ T4469] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.603429][ T4469] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.621405][ T4469] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.697771][ T1007] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.716510][ T1007] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.749547][ T4469] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.762680][ T4469] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.770582][ T5149] Bluetooth: hci0: command tx timeout [ 86.074645][ T6031] loop0: detected capacity change from 0 to 32768 [ 86.119911][ T6031] JBD2: Ignoring recovery information on journal [ 86.157982][ T6031] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 86.269697][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 86.617292][ T6048] loop0: detected capacity change from 0 to 32768 [ 86.657027][ T6048] JBD2: Ignoring recovery information on journal 2025/10/26 08:10:39 executed programs: 4 [ 86.685398][ T6048] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 86.722048][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 86.815426][ T43] cfg80211: failed to load regulatory.db [ 86.972643][ T6055] loop0: detected capacity change from 0 to 32768 [ 87.004731][ T6055] JBD2: Ignoring recovery information on journal [ 87.038851][ T6055] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 87.077516][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 87.322953][ T6060] loop0: detected capacity change from 0 to 32768 [ 87.354066][ T6060] JBD2: Ignoring recovery information on journal [ 87.419581][ T6060] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 87.459820][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 87.698945][ T6065] loop0: detected capacity change from 0 to 32768 [ 87.721139][ T6065] JBD2: Ignoring recovery information on journal [ 87.755664][ T6065] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 87.787585][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 87.845288][ T5149] Bluetooth: hci0: command tx timeout [ 88.034553][ T6070] loop0: detected capacity change from 0 to 32768 [ 88.051458][ T6070] JBD2: Ignoring recovery information on journal [ 88.078490][ T6070] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 88.112718][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 88.339991][ T6075] loop0: detected capacity change from 0 to 32768 [ 88.359972][ T6075] JBD2: Ignoring recovery information on journal [ 88.391405][ T6075] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 88.432461][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 88.669917][ T6080] loop0: detected capacity change from 0 to 32768 [ 88.695188][ T6080] JBD2: Ignoring recovery information on journal [ 88.730596][ T6080] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 88.760441][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 88.996188][ T6085] loop0: detected capacity change from 0 to 32768 [ 89.018028][ T6085] JBD2: Ignoring recovery information on journal [ 89.074541][ T6085] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 89.103632][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 89.408288][ T6090] loop0: detected capacity change from 0 to 32768 [ 89.450153][ T6090] JBD2: Ignoring recovery information on journal [ 89.506372][ T6090] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 89.562578][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 89.797681][ T6095] loop0: detected capacity change from 0 to 32768 [ 89.821622][ T6095] JBD2: Ignoring recovery information on journal [ 89.850174][ T6095] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 89.877218][ T6095] [ 89.879580][ T6095] ====================================================== [ 89.886694][ T6095] WARNING: possible circular locking dependency detected [ 89.893809][ T6095] syzkaller #0 Not tainted [ 89.898228][ T6095] ------------------------------------------------------ [ 89.905260][ T6095] syz.0.27/6095 is trying to acquire lock: [ 89.911065][ T6095] ffff888059f222e0 (&oi->ip_alloc_sem){+.+.}-{4:4}, at: ocfs2_try_remove_refcount_tree+0xb6/0x320 [ 89.922236][ T6095] [ 89.922236][ T6095] but task is already holding lock: [ 89.929602][ T6095] ffff888059f22378 (&oi->ip_xattr_sem){++++}-{4:4}, at: ocfs2_try_remove_refcount_tree+0xa4/0x320 [ 89.940292][ T6095] [ 89.940292][ T6095] which lock already depends on the new lock. [ 89.940292][ T6095] [ 89.950802][ T6095] [ 89.950802][ T6095] the existing dependency chain (in reverse order) is: [ 89.959892][ T6095] [ 89.959892][ T6095] -> #4 (&oi->ip_xattr_sem){++++}-{4:4}: [ 89.967695][ T6095] lock_acquire+0x120/0x360 [ 89.972713][ T6095] down_read+0x46/0x2e0 [ 89.977389][ T6095] ocfs2_init_acl+0x2f9/0x720 [ 89.982658][ T6095] ocfs2_mknod+0x1321/0x2050 [ 89.987749][ T6095] ocfs2_create+0x1a5/0x440 [ 89.992785][ T6095] path_openat+0x14f4/0x3830 [ 89.997880][ T6095] do_filp_open+0x1fa/0x410 [ 90.002887][ T6095] do_sys_openat2+0x121/0x1c0 [ 90.008070][ T6095] __x64_sys_openat+0x138/0x170 [ 90.013425][ T6095] do_syscall_64+0xfa/0xfa0 [ 90.018430][ T6095] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.024824][ T6095] [ 90.024824][ T6095] -> #3 (jbd2_handle){++++}-{0:0}: [ 90.032098][ T6095] lock_acquire+0x120/0x360 [ 90.037116][ T6095] start_this_handle+0x1fa7/0x21c0 [ 90.042795][ T6095] jbd2__journal_start+0x2c1/0x5b0 [ 90.048420][ T6095] jbd2_journal_start+0x2a/0x40 [ 90.053778][ T6095] ocfs2_start_trans+0x376/0x6d0 [ 90.059219][ T6095] ocfs2_mknod+0xe93/0x2050 [ 90.064222][ T6095] ocfs2_create+0x1a5/0x440 [ 90.069223][ T6095] path_openat+0x14f4/0x3830 [ 90.074320][ T6095] do_filp_open+0x1fa/0x410 [ 90.079337][ T6095] do_sys_openat2+0x121/0x1c0 [ 90.084734][ T6095] __x64_sys_openat+0x138/0x170 [ 90.090088][ T6095] do_syscall_64+0xfa/0xfa0 [ 90.095100][ T6095] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.101499][ T6095] [ 90.101499][ T6095] -> #2 (&journal->j_trans_barrier){.+.+}-{4:4}: [ 90.110085][ T6095] lock_acquire+0x120/0x360 [ 90.115094][ T6095] down_read+0x46/0x2e0 [ 90.119757][ T6095] ocfs2_start_trans+0x36a/0x6d0 [ 90.125229][ T6095] ocfs2_mknod+0xe93/0x2050 [ 90.130229][ T6095] ocfs2_create+0x1a5/0x440 [ 90.135237][ T6095] path_openat+0x14f4/0x3830 [ 90.140350][ T6095] do_filp_open+0x1fa/0x410 [ 90.145371][ T6095] do_sys_openat2+0x121/0x1c0 [ 90.150557][ T6095] __x64_sys_openat+0x138/0x170 [ 90.155919][ T6095] do_syscall_64+0xfa/0xfa0 [ 90.160931][ T6095] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.167327][ T6095] [ 90.167327][ T6095] -> #1 (sb_internal#2){.+.+}-{0:0}: [ 90.174782][ T6095] lock_acquire+0x120/0x360 [ 90.179885][ T6095] ocfs2_start_trans+0x26b/0x6d0 [ 90.185335][ T6095] ocfs2_truncate_file+0x643/0x1420 [ 90.191063][ T6095] ocfs2_setattr+0x1520/0x1b40 [ 90.196356][ T6095] notify_change+0xc1a/0xf40 [ 90.201455][ T6095] do_truncate+0x1a4/0x220 [ 90.206383][ T6095] path_openat+0x306c/0x3830 [ 90.211484][ T6095] do_filp_open+0x1fa/0x410 [ 90.216493][ T6095] do_sys_openat2+0x121/0x1c0 [ 90.221680][ T6095] __x64_sys_openat+0x138/0x170 [ 90.227032][ T6095] do_syscall_64+0xfa/0xfa0 [ 90.232040][ T6095] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.238443][ T6095] [ 90.238443][ T6095] -> #0 (&oi->ip_alloc_sem){+.+.}-{4:4}: [ 90.246242][ T6095] validate_chain+0xb9b/0x2140 [ 90.251517][ T6095] __lock_acquire+0xab9/0xd20 [ 90.256704][ T6095] lock_acquire+0x120/0x360 [ 90.261732][ T6095] down_write+0x96/0x1f0 [ 90.266474][ T6095] ocfs2_try_remove_refcount_tree+0xb6/0x320 [ 90.272963][ T6095] ocfs2_truncate_file+0xda0/0x1420 [ 90.278671][ T6095] ocfs2_setattr+0x1520/0x1b40 [ 90.283979][ T6095] notify_change+0xc1a/0xf40 [ 90.289089][ T6095] do_truncate+0x1a4/0x220 [ 90.294028][ T6095] path_openat+0x306c/0x3830 [ 90.299133][ T6095] do_filp_open+0x1fa/0x410 [ 90.304143][ T6095] do_sys_openat2+0x121/0x1c0 [ 90.309370][ T6095] __x64_sys_openat+0x138/0x170 [ 90.314724][ T6095] do_syscall_64+0xfa/0xfa0 [ 90.319733][ T6095] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.326218][ T6095] [ 90.326218][ T6095] other info that might help us debug this: [ 90.326218][ T6095] [ 90.336567][ T6095] Chain exists of: [ 90.336567][ T6095] &oi->ip_alloc_sem --> jbd2_handle --> &oi->ip_xattr_sem [ 90.336567][ T6095] [ 90.349692][ T6095] Possible unsafe locking scenario: [ 90.349692][ T6095] [ 90.357154][ T6095] CPU0 CPU1 [ 90.362514][ T6095] ---- ---- [ 90.368129][ T6095] lock(&oi->ip_xattr_sem); [ 90.372926][ T6095] lock(jbd2_handle); [ 90.379500][ T6095] lock(&oi->ip_xattr_sem); [ 90.386613][ T6095] lock(&oi->ip_alloc_sem); [ 90.391274][ T6095] [ 90.391274][ T6095] *** DEADLOCK *** [ 90.391274][ T6095] [ 90.399399][ T6095] 3 locks held by syz.0.27/6095: [ 90.404312][ T6095] #0: ffff888034932420 (sb_writers#12){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 [ 90.413526][ T6095] #1: ffff888059f22640 (&sb->s_type->i_mutex_key#20){+.+.}-{4:4}, at: do_truncate+0x171/0x220 [ 90.423870][ T6095] #2: ffff888059f22378 (&oi->ip_xattr_sem){++++}-{4:4}, at: ocfs2_try_remove_refcount_tree+0xa4/0x320 [ 90.434905][ T6095] [ 90.434905][ T6095] stack backtrace: [ 90.440796][ T6095] CPU: 0 UID: 0 PID: 6095 Comm: syz.0.27 Not tainted syzkaller #0 PREEMPT(full) [ 90.440811][ T6095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 90.440823][ T6095] Call Trace: [ 90.440828][ T6095] [ 90.440833][ T6095] dump_stack_lvl+0x189/0x250 [ 90.440850][ T6095] ? __pfx_dump_stack_lvl+0x10/0x10 [ 90.440862][ T6095] ? __pfx__printk+0x10/0x10 [ 90.440873][ T6095] ? print_lock_name+0xde/0x100 [ 90.440882][ T6095] print_circular_bug+0x2ee/0x310 [ 90.440896][ T6095] check_noncircular+0x134/0x160 [ 90.440909][ T6095] validate_chain+0xb9b/0x2140 [ 90.440924][ T6095] __lock_acquire+0xab9/0xd20 [ 90.440935][ T6095] ? ocfs2_try_remove_refcount_tree+0xb6/0x320 [ 90.440946][ T6095] lock_acquire+0x120/0x360 [ 90.440955][ T6095] ? ocfs2_try_remove_refcount_tree+0xb6/0x320 [ 90.440968][ T6095] down_write+0x96/0x1f0 [ 90.440978][ T6095] ? ocfs2_try_remove_refcount_tree+0xb6/0x320 [ 90.440988][ T6095] ? __pfx_down_write+0x10/0x10 [ 90.440998][ T6095] ocfs2_try_remove_refcount_tree+0xb6/0x320 [ 90.441009][ T6095] ? __pfx_ocfs2_try_remove_refcount_tree+0x10/0x10 [ 90.441020][ T6095] ? up_write+0x1c4/0x420 [ 90.441032][ T6095] ocfs2_truncate_file+0xda0/0x1420 [ 90.441048][ T6095] ? __pfx_ocfs2_truncate_file+0x10/0x10 [ 90.441060][ T6095] ? do_raw_spin_unlock+0x122/0x240 [ 90.441073][ T6095] ? _raw_spin_unlock+0x28/0x50 [ 90.441084][ T6095] ? ocfs2_inode_lock_tracker+0x3ec/0x660 [ 90.441095][ T6095] ? __pfx_ocfs2_inode_lock_tracker+0x10/0x10 [ 90.441104][ T6095] ? ocfs2_rw_lock+0x13a/0x240 [ 90.441112][ T6095] ? __pfx___dquot_initialize+0x10/0x10 [ 90.441123][ T6095] ? __pfx_ocfs2_rw_lock+0x10/0x10 [ 90.441130][ T6095] ? setattr_prepare+0x1e7/0xac0 [ 90.441142][ T6095] ? jbd2_journal_begin_ordered_truncate+0xbb/0x150 [ 90.441154][ T6095] ocfs2_setattr+0x1520/0x1b40 [ 90.441168][ T6095] ? __pfx_ocfs2_setattr+0x10/0x10 [ 90.441180][ T6095] ? ktime_get_coarse_real_ts64_mg+0x59/0x1e0 [ 90.441189][ T6095] ? seqcount_lockdep_reader_access+0x174/0x1c0 [ 90.441205][ T6095] ? ktime_get_coarse_real_ts64_mg+0x1c5/0x1e0 [ 90.441214][ T6095] ? current_time+0x222/0x370 [ 90.441223][ T6095] ? evm_inode_setattr+0x1b6/0x7d0 [ 90.441233][ T6095] ? __pfx_current_time+0x10/0x10 [ 90.441243][ T6095] ? try_break_deleg+0x79/0x130 [ 90.441253][ T6095] ? __pfx_ocfs2_setattr+0x10/0x10 [ 90.441265][ T6095] notify_change+0xc1a/0xf40 [ 90.441278][ T6095] do_truncate+0x1a4/0x220 [ 90.441291][ T6095] ? __pfx_do_truncate+0x10/0x10 [ 90.441301][ T6095] ? apparmor_file_truncate+0x23e/0x2d0 [ 90.441315][ T6095] path_openat+0x306c/0x3830 [ 90.441333][ T6095] ? __pfx_path_openat+0x10/0x10 [ 90.441347][ T6095] do_filp_open+0x1fa/0x410 [ 90.441357][ T6095] ? __lock_acquire+0xab9/0xd20 [ 90.441366][ T6095] ? __pfx_do_filp_open+0x10/0x10 [ 90.441380][ T6095] ? _raw_spin_unlock+0x28/0x50 [ 90.441390][ T6095] ? alloc_fd+0x64c/0x6c0 [ 90.441405][ T6095] do_sys_openat2+0x121/0x1c0 [ 90.441415][ T6095] ? __pfx_do_sys_openat2+0x10/0x10 [ 90.441426][ T6095] ? rcu_is_watching+0x15/0xb0 [ 90.441438][ T6095] __x64_sys_openat+0x138/0x170 [ 90.441449][ T6095] do_syscall_64+0xfa/0xfa0 [ 90.441462][ T6095] ? lockdep_hardirqs_on+0x9c/0x150 [ 90.441474][ T6095] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.441483][ T6095] ? clear_bhb_loop+0x60/0xb0 [ 90.441493][ T6095] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.441502][ T6095] RIP: 0033:0x7f894c58efc9 [ 90.441515][ T6095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 90.441523][ T6095] RSP: 002b:00007f894d362038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 90.441534][ T6095] RAX: ffffffffffffffda RBX: 00007f894c7e5fa0 RCX: 00007f894c58efc9 [ 90.441541][ T6095] RDX: 0000000000103642 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 90.441552][ T6095] RBP: 00007f894c611f91 R08: 0000000000000000 R09: 0000000000000000 [ 90.441557][ T6095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 90.441563][ T6095] R13: 00007f894c7e6038 R14: 00007f894c7e5fa0 R15: 00007ffc80bb78a8 [ 90.441572][ T6095] [ 90.851079][ T5149] Bluetooth: hci0: command tx timeout [ 90.863791][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 91.025896][ T6100] loop0: detected capacity change from 0 to 32768 [ 91.053036][ T6100] JBD2: Ignoring recovery information on journal [ 91.083505][ T6100] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 91.109964][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 91.264970][ T6105] loop0: detected capacity change from 0 to 32768 [ 91.277136][ T6105] JBD2: Ignoring recovery information on journal [ 91.297650][ T6105] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 91.320081][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 91.477717][ T6110] loop0: detected capacity change from 0 to 32768 [ 91.495099][ T6110] JBD2: Ignoring recovery information on journal [ 91.514488][ T6110] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 91.539642][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 91.690178][ T6115] loop0: detected capacity change from 0 to 32768 [ 91.701705][ T6115] JBD2: Ignoring recovery information on journal [ 91.721072][ T6115] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. 2025/10/26 08:10:44 executed programs: 17 [ 91.740732][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 91.888450][ T6120] loop0: detected capacity change from 0 to 32768 [ 91.904802][ T6120] JBD2: Ignoring recovery information on journal [ 91.924618][ T6120] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 91.947639][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 92.111607][ T6125] loop0: detected capacity change from 0 to 32768 [ 92.133193][ T6125] JBD2: Ignoring recovery information on journal [ 92.156696][ T6125] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 92.178564][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 92.331674][ T6130] loop0: detected capacity change from 0 to 32768 [ 92.348830][ T6130] JBD2: Ignoring recovery information on journal [ 92.368711][ T6130] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 92.395919][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 92.552119][ T6135] loop0: detected capacity change from 0 to 32768 [ 92.570364][ T6135] JBD2: Ignoring recovery information on journal [ 92.589937][ T6135] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 92.618878][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 92.770293][ T6140] loop0: detected capacity change from 0 to 32768 [ 92.784422][ T6140] JBD2: Ignoring recovery information on journal [ 92.804193][ T6140] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 92.824136][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 92.988166][ T6145] loop0: detected capacity change from 0 to 32768 [ 93.019867][ T6145] JBD2: Ignoring recovery information on journal [ 93.063907][ T6145] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 93.083845][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 93.239633][ T6150] loop0: detected capacity change from 0 to 32768 [ 93.266669][ T6150] JBD2: Ignoring recovery information on journal [ 93.299172][ T6150] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 93.320833][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 93.476181][ T6155] loop0: detected capacity change from 0 to 32768 [ 93.493044][ T6155] JBD2: Ignoring recovery information on journal [ 93.521606][ T6155] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 93.542728][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 93.693503][ T6160] loop0: detected capacity change from 0 to 32768 [ 93.713349][ T6160] JBD2: Ignoring recovery information on journal [ 93.733706][ T6160] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 93.752798][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 93.920939][ T6165] loop0: detected capacity change from 0 to 32768 [ 93.933852][ T6165] JBD2: Ignoring recovery information on journal [ 93.951853][ T6165] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 93.972734][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 94.133344][ T6170] loop0: detected capacity change from 0 to 32768 [ 94.145659][ T6170] JBD2: Ignoring recovery information on journal [ 94.166308][ T6170] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 94.188098][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 94.342464][ T6175] loop0: detected capacity change from 0 to 32768 [ 94.359844][ T6175] JBD2: Ignoring recovery information on journal [ 94.379483][ T6175] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 94.407177][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 94.558902][ T6180] loop0: detected capacity change from 0 to 32768 [ 94.597760][ T6180] JBD2: Ignoring recovery information on journal [ 94.624076][ T6180] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 94.649967][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 94.802705][ T6185] loop0: detected capacity change from 0 to 32768 [ 94.819737][ T6185] JBD2: Ignoring recovery information on journal [ 94.838937][ T6185] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 94.859831][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 95.018187][ T6190] loop0: detected capacity change from 0 to 32768 [ 95.030193][ T6190] JBD2: Ignoring recovery information on journal [ 95.051291][ T6190] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 95.070983][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 95.229196][ T6195] loop0: detected capacity change from 0 to 32768 [ 95.244841][ T6195] JBD2: Ignoring recovery information on journal [ 95.262767][ T6195] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 95.282575][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 95.440676][ T6200] loop0: detected capacity change from 0 to 32768 [ 95.452587][ T6200] JBD2: Ignoring recovery information on journal [ 95.479017][ T6200] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 95.500420][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 95.663939][ T6205] loop0: detected capacity change from 0 to 32768 [ 95.679166][ T6205] JBD2: Ignoring recovery information on journal [ 95.696837][ T6205] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 95.718048][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 95.892197][ T6210] loop0: detected capacity change from 0 to 32768 [ 95.908886][ T6210] JBD2: Ignoring recovery information on journal [ 95.935490][ T6210] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 95.958619][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 96.116452][ T6215] loop0: detected capacity change from 0 to 32768 [ 96.131946][ T6215] JBD2: Ignoring recovery information on journal [ 96.149525][ T6215] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 96.171526][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 96.338570][ T6220] loop0: detected capacity change from 0 to 32768 [ 96.356111][ T6220] JBD2: Ignoring recovery information on journal [ 96.386894][ T6220] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 96.412910][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 96.562391][ T6225] loop0: detected capacity change from 0 to 32768 [ 96.579931][ T6225] JBD2: Ignoring recovery information on journal [ 96.606045][ T6225] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 96.632365][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 96.784295][ T6230] loop0: detected capacity change from 0 to 32768 [ 96.799138][ T6230] JBD2: Ignoring recovery information on journal [ 96.818769][ T6230] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. 2025/10/26 08:10:49 executed programs: 40 [ 96.840521][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 97.002689][ T6235] loop0: detected capacity change from 0 to 32768 [ 97.015803][ T6235] JBD2: Ignoring recovery information on journal [ 97.037299][ T6235] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 97.062030][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 97.222487][ T6240] loop0: detected capacity change from 0 to 32768 [ 97.240871][ T6240] JBD2: Ignoring recovery information on journal [ 97.261978][ T6240] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 97.292261][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 97.444702][ T6245] loop0: detected capacity change from 0 to 32768 [ 97.456261][ T6245] JBD2: Ignoring recovery information on journal [ 97.474794][ T6245] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 97.494829][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 97.646588][ T6250] loop0: detected capacity change from 0 to 32768 [ 97.660074][ T6250] JBD2: Ignoring recovery information on journal [ 97.686238][ T6250] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 97.705960][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 97.870650][ T6255] loop0: detected capacity change from 0 to 32768 [ 97.885288][ T6255] JBD2: Ignoring recovery information on journal [ 97.903557][ T6255] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 97.923665][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 98.080408][ T6260] loop0: detected capacity change from 0 to 32768 [ 98.098437][ T6260] JBD2: Ignoring recovery information on journal [ 98.115658][ T6260] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 98.139676][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 98.299672][ T6265] loop0: detected capacity change from 0 to 32768 [ 98.313722][ T6265] JBD2: Ignoring recovery information on journal [ 98.335926][ T6265] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 98.357754][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 98.519801][ T6270] loop0: detected capacity change from 0 to 32768 [ 98.531997][ T6270] JBD2: Ignoring recovery information on journal [ 98.551394][ T6270] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 98.572365][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 98.733995][ T6275] loop0: detected capacity change from 0 to 32768 [ 98.749814][ T6275] JBD2: Ignoring recovery information on journal [ 98.767370][ T6275] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 98.787632][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 98.947050][ T6280] loop0: detected capacity change from 0 to 32768 [ 98.972038][ T6280] JBD2: Ignoring recovery information on journal [ 98.999386][ T6280] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 99.020176][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 99.184544][ T6285] loop0: detected capacity change from 0 to 32768 [ 99.203455][ T6285] JBD2: Ignoring recovery information on journal [ 99.224068][ T6285] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 99.249255][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 99.404523][ T6290] loop0: detected capacity change from 0 to 32768 [ 99.421795][ T6290] JBD2: Ignoring recovery information on journal [ 99.449685][ T6290] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 99.474259][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 99.625914][ T6295] loop0: detected capacity change from 0 to 32768 [ 99.641729][ T6295] JBD2: Ignoring recovery information on journal [ 99.670811][ T6295] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 99.692839][ T5942] ocfs2: Unmounting device (7,0) on (node local) [ 99.848558][ T6300] loop0: detected capacity change from 0 to 32768 [ 99.864952][ T6300] JBD2: Ignoring recovery information on journal