Warning: Permanently added '10.128.1.131' (ED25519) to the list of known hosts. executing program [ 62.754440][ T5766] syz-executor146[5766]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 62.783682][ T5766] loop0: detected capacity change from 0 to 2048 [ 62.794835][ T5766] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=2362, location=2362 [ 62.806970][ T5766] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 62.818080][ T5766] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 62.830549][ T5766] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 62.851489][ T27] audit: type=1800 audit(1750567825.178:2): pid=5766 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor146" name="file1" dev="loop0" ino=1346 res=0 errno=0 executing program [ 63.124657][ T5771] loop0: detected capacity change from 0 to 2048 [ 63.134410][ T5771] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=2362, location=2362 [ 63.146256][ T5771] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 63.156916][ T5771] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 63.168564][ T5771] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 63.183643][ T27] audit: type=1800 audit(1750567825.518:3): pid=5771 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor146" name="file1" dev="loop0" ino=1346 res=0 errno=0 executing program [ 63.491491][ T5775] loop0: detected capacity change from 0 to 2048 [ 63.500894][ T5775] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=2362, location=2362 [ 63.514180][ T5775] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 63.530092][ T5775] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 63.561923][ T5775] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 63.582374][ T27] audit: type=1800 audit(1750567825.908:4): pid=5775 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor146" name="file1" dev="loop0" ino=1346 res=0 errno=0 executing program [ 63.856080][ T5779] loop0: detected capacity change from 0 to 2048 [ 63.865208][ T5779] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=2362, location=2362 [ 63.876005][ T5779] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 63.888316][ T5779] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 63.904224][ T5779] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 63.915638][ T27] audit: type=1800 audit(1750567826.248:5): pid=5779 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor146" name="file1" dev="loop0" ino=1346 res=0 errno=0 executing program [ 64.207605][ T5783] loop0: detected capacity change from 0 to 2048 [ 64.216495][ T5783] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=2362, location=2362 [ 64.227540][ T5783] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 64.238452][ T5783] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 64.250449][ T5783] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 64.261760][ T27] audit: type=1800 audit(1750567826.588:6): pid=5783 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor146" name="file1" dev="loop0" ino=1346 res=0 errno=0 executing program [ 64.541792][ T5787] loop0: detected capacity change from 0 to 2048 [ 64.550578][ T5787] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=2362, location=2362 [ 64.561818][ T5787] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 64.573168][ T5787] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 64.584682][ T5787] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 64.612461][ T27] audit: type=1800 audit(1750567826.928:7): pid=5787 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor146" name="file1" dev="loop0" ino=1346 res=0 errno=0 executing program [ 64.863162][ T5791] loop0: detected capacity change from 0 to 2048 [ 64.871479][ T5791] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=2362, location=2362 [ 64.883627][ T5791] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 64.894721][ T5791] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 64.908239][ T5791] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 64.919955][ T27] audit: type=1800 audit(1750567827.258:8): pid=5791 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor146" name="file1" dev="loop0" ino=1346 res=0 errno=0 [ 65.139357][ T5792] [ 65.141694][ T5792] ============================================ [ 65.147822][ T5792] WARNING: possible recursive locking detected [ 65.153981][ T5792] 6.6.94-syzkaller #0 Not tainted [ 65.159069][ T5792] -------------------------------------------- [ 65.165206][ T5792] syz-executor146/5792 is trying to acquire lock: [ 65.171602][ T5792] ffff88801db72528 (&sbi->s_alloc_mutex){+.+.}-{3:3}, at: udf_free_blocks+0x8ff/0x16e0 [ 65.181274][ T5792] [ 65.181274][ T5792] but task is already holding lock: [ 65.188615][ T5792] ffff88801db72528 (&sbi->s_alloc_mutex){+.+.}-{3:3}, at: udf_prealloc_blocks+0x7c3/0xef0 [ 65.198504][ T5792] [ 65.198504][ T5792] other info that might help us debug this: [ 65.206535][ T5792] Possible unsafe locking scenario: [ 65.206535][ T5792] [ 65.213965][ T5792] CPU0 [ 65.217218][ T5792] ---- [ 65.220471][ T5792] lock(&sbi->s_alloc_mutex); [ 65.225207][ T5792] lock(&sbi->s_alloc_mutex); [ 65.229951][ T5792] [ 65.229951][ T5792] *** DEADLOCK *** [ 65.229951][ T5792] [ 65.238070][ T5792] May be due to missing lock nesting notation [ 65.238070][ T5792] [ 65.246364][ T5792] 4 locks held by syz-executor146/5792: [ 65.251893][ T5792] #0: ffff88807b3e8418 (sb_writers#9){.+.+}-{0:0}, at: do_sendfile+0x5b9/0xf70 [ 65.261092][ T5792] #1: ffff8880736b8f88 (&sb->s_type->i_mutex_key#15){+.+.}-{3:3}, at: udf_file_write_iter+0x6e/0x620 [ 65.272571][ T5792] #2: ffff8880736b8da0 (&ei->i_data_sem#2){++++}-{3:3}, at: udf_map_block+0x284/0x4500 [ 65.282325][ T5792] #3: ffff88801db72528 (&sbi->s_alloc_mutex){+.+.}-{3:3}, at: udf_prealloc_blocks+0x7c3/0xef0 [ 65.292656][ T5792] [ 65.292656][ T5792] stack backtrace: [ 65.298534][ T5792] CPU: 0 PID: 5792 Comm: syz-executor146 Not tainted 6.6.94-syzkaller #0 [ 65.306928][ T5792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 65.316974][ T5792] Call Trace: [ 65.320235][ T5792] [ 65.323151][ T5792] dump_stack_lvl+0x16c/0x230 [ 65.327816][ T5792] ? show_regs_print_info+0x20/0x20 [ 65.333100][ T5792] ? print_deadlock_bug+0x435/0x5d0 [ 65.338286][ T5792] __lock_acquire+0x5d40/0x7c80 [ 65.343181][ T5792] ? verify_lock_unused+0x140/0x140 [ 65.349598][ T5792] ? verify_lock_unused+0x140/0x140 [ 65.354788][ T5792] lock_acquire+0x197/0x410 [ 65.359799][ T5792] ? udf_free_blocks+0x8ff/0x16e0 [ 65.365249][ T5792] ? __might_sleep+0xe0/0xe0 [ 65.370458][ T5792] ? __lock_acquire+0x1334/0x7c80 [ 65.375559][ T5792] ? read_lock_is_recursive+0x20/0x20 [ 65.380908][ T5792] ? mark_lock+0x94/0x320 [ 65.385213][ T5792] __mutex_lock+0x129/0xcc0 [ 65.389700][ T5792] ? udf_free_blocks+0x8ff/0x16e0 [ 65.394703][ T5792] ? folio_activate_fn+0x1f60/0x1f60 [ 65.399980][ T5792] ? udf_free_blocks+0x8ff/0x16e0 [ 65.404994][ T5792] ? mutex_lock_nested+0x20/0x20 [ 65.409958][ T5792] ? write_boundary_block+0xb0/0xb0 [ 65.415149][ T5792] ? __might_sleep+0xe0/0xe0 [ 65.419722][ T5792] udf_free_blocks+0x8ff/0x16e0 [ 65.424557][ T5792] ? verify_lock_unused+0x140/0x140 [ 65.429738][ T5792] ? __getblk_gfp+0x54/0x660 [ 65.434306][ T5792] ? udf_get_fileshortad+0x6e/0x1b0 [ 65.439487][ T5792] ? orangefs_cancel_op_in_progress+0x480/0x480 [ 65.445711][ T5792] udf_delete_aext+0x4e0/0xbc0 [ 65.450453][ T5792] ? udf_get_fileshortad+0xcb/0x1b0 [ 65.455636][ T5792] ? udf_next_aext+0x500/0x500 [ 65.460382][ T5792] udf_prealloc_blocks+0xa41/0xef0 [ 65.465469][ T5792] ? udf_prealloc_blocks+0xef0/0xef0 [ 65.470737][ T5792] ? udf_current_aext+0x660/0xad0 [ 65.475749][ T5792] ? udf_free_blocks+0x16e0/0x16e0 [ 65.480930][ T5792] ? udf_map_block+0x163e/0x4500 [ 65.485863][ T5792] udf_map_block+0x1f44/0x4500 [ 65.490615][ T5792] ? filemap_get_folios+0xe5/0x7b0 [ 65.495703][ T5792] ? udf_bread+0x3e0/0x3e0 [ 65.500098][ T5792] ? filemap_get_folios+0x58e/0x7b0 [ 65.505280][ T5792] ? filemap_get_folios+0xe5/0x7b0 [ 65.510459][ T5792] ? clean_bdev_aliases+0x55f/0x630 [ 65.515634][ T5792] ? create_empty_buffers+0x140/0x140 [ 65.520990][ T5792] __udf_get_block+0x53/0x250 [ 65.525662][ T5792] __block_write_begin_int+0x566/0x1ad0 [ 65.531207][ T5792] ? udf_adinicb_readpage+0x250/0x250 [ 65.536558][ T5792] ? folio_zero_new_buffers+0x550/0x550 [ 65.542086][ T5792] ? udf_adinicb_readpage+0x250/0x250 [ 65.547451][ T5792] block_write_begin+0x9a/0x1e0 [ 65.552285][ T5792] udf_write_begin+0x1c0/0x430 [ 65.557027][ T5792] generic_perform_write+0x2fb/0x5b0 [ 65.562294][ T5792] ? generic_file_direct_write+0x3e0/0x3e0 [ 65.568183][ T5792] ? __generic_file_write_iter+0xf7/0x230 [ 65.574054][ T5792] ? udf_file_write_iter+0x1a1/0x620 [ 65.579330][ T5792] udf_file_write_iter+0x2c0/0x620 [ 65.584436][ T5792] do_iter_write+0x79a/0xc70 [ 65.589050][ T5792] ? vfs_iter_write+0xa0/0xa0 [ 65.593744][ T5792] ? __asan_memset+0x22/0x40 [ 65.598324][ T5792] ? iov_iter_bvec+0xd4/0x1b0 [ 65.602978][ T5792] ? vfs_iter_write+0x6e/0xa0 [ 65.607633][ T5792] iter_file_splice_write+0x66f/0xc50 [ 65.612991][ T5792] ? splice_from_pipe+0x150/0x150 [ 65.618254][ T5792] ? splice_shrink_spd+0xc0/0xc0 [ 65.623172][ T5792] ? common_file_perm+0x198/0x1f0 [ 65.628184][ T5792] ? splice_from_pipe+0x150/0x150 [ 65.633184][ T5792] direct_splice_actor+0xe8/0x130 [ 65.638187][ T5792] splice_direct_to_actor+0x2f0/0x870 [ 65.643541][ T5792] ? direct_file_splice_eof+0xb0/0xb0 [ 65.648895][ T5792] ? warn_unsupported+0xc0/0xc0 [ 65.653733][ T5792] ? fsnotify_perm+0x5d/0x5e0 [ 65.658393][ T5792] ? security_file_permission+0x79/0xa0 [ 65.663920][ T5792] do_splice_direct+0x1b7/0x2c0 [ 65.668759][ T5792] ? splice_direct_to_actor+0x870/0x870 [ 65.674286][ T5792] ? rcu_read_lock_any_held+0xb4/0x120 [ 65.679727][ T5792] ? do_splice_direct+0x2c0/0x2c0 [ 65.684734][ T5792] do_sendfile+0x5dc/0xf70 [ 65.689132][ T5792] ? do_pwritev+0x340/0x340 [ 65.693617][ T5792] __se_sys_sendfile64+0x13f/0x190 [ 65.698703][ T5792] ? lock_chain_count+0x20/0x20 [ 65.703529][ T5792] ? __x64_sys_sendfile64+0xb0/0xb0 [ 65.708712][ T5792] ? lockdep_hardirqs_on+0x98/0x150 [ 65.714051][ T5792] do_syscall_64+0x55/0xb0 [ 65.718458][ T5792] ? clear_bhb_loop+0x40/0x90 [ 65.723108][ T5792] ? clear_bhb_loop+0x40/0x90 [ 65.727762][ T5792] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 65.733650][ T5792] RIP: 0033:0x7fad0826c699 [ 65.738236][ T5792] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 65.757849][ T5792] RSP: 002b:00007fad08207218 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 65.766248][ T5792] RAX: ffffffffffffffda RBX: 00007fad082f56d8 RCX: 00007fad0826c699 [ 65.774209][ T5792] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 65.782170][ T5792] RBP: 00007fad082f56d0 R08: 0000000000000000 R09: 0000000000000000 [ 65.790121][ T5792] R10: 0001000000201005 R11: 0000000000000246 R12: 00007fad082c1d48 [ 65.798165][ T5792] R13: 000000000000006e R14: 0031656c69662f2e R15: 00002000000013c0 [ 65.806118][ T5792]