Warning: Permanently added '10.128.0.104' (ED25519) to the list of known hosts. 2026/04/19 01:58:22 parsed 1 programs syzkaller login: [ 86.451129][ T4272] cgroup: Unknown subsys name 'net' [ 86.555514][ T4272] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 88.306105][ T4272] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 90.410629][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.420228][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.433738][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 90.464212][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.475282][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.489938][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 91.425677][ T4323] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 91.438254][ T4323] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 91.458400][ T4323] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 91.469712][ T4323] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 91.479407][ T4323] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 91.491938][ T4323] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 92.251774][ T27] cfg80211: failed to load regulatory.db [ 93.012747][ T4348] chnl_net:caif_netlink_parms(): no params data found [ 93.085112][ T4348] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.093625][ T4348] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.101977][ T4348] device bridge_slave_0 entered promiscuous mode [ 93.112169][ T4348] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.120466][ T4348] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.129633][ T4348] device bridge_slave_1 entered promiscuous mode [ 93.162743][ T4348] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.174243][ T4348] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.199975][ T4348] team0: Port device team_slave_0 added [ 93.218595][ T4348] team0: Port device team_slave_1 added [ 93.238027][ T4348] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.245112][ T4348] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.272094][ T4348] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.284799][ T4348] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.291970][ T4348] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.319072][ T4348] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.365519][ T4348] device hsr_slave_0 entered promiscuous mode [ 93.374133][ T4348] device hsr_slave_1 entered promiscuous mode [ 93.520054][ T4348] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 93.536648][ T4348] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 93.550526][ T4348] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 93.563825][ T4348] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 93.595095][ T4348] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.602664][ T4348] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.611801][ T4348] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.619159][ T4348] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.702521][ T4348] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.736605][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 93.747378][ T2955] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.756783][ T2955] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.774859][ T4348] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.787619][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 93.797053][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 93.808565][ T2955] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.815689][ T2955] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.830281][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 93.840403][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 93.850125][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.857453][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.882188][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 93.891991][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 93.901187][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 93.910675][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 93.919778][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 93.929903][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 93.939721][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 93.950749][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 93.960045][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 93.979142][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 93.989015][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 94.000751][ T4348] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 94.225889][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 94.234552][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 94.248286][ T4348] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.267183][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 94.277281][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 94.302386][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 94.311340][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 94.323472][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 94.336488][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 94.348437][ T4348] device veth0_vlan entered promiscuous mode [ 94.365684][ T4348] device veth1_vlan entered promiscuous mode [ 94.389669][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 94.398319][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 94.408204][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 94.417453][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 94.430182][ T4348] device veth0_macvtap entered promiscuous mode [ 94.450443][ T4348] device veth1_macvtap entered promiscuous mode [ 94.467585][ T4348] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.475560][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 94.485513][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 94.495099][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 94.504354][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 94.518836][ T4348] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.526687][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 94.536603][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 94.551644][ T4348] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.561092][ T4348] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.571866][ T4348] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.581624][ T4348] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.718752][ T4348] syz-executor (4348) used greatest stack depth: 19952 bytes left [ 94.751909][ T9] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 2026/04/19 01:58:34 executed programs: 0 [ 95.601687][ T48] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 95.612046][ T48] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 95.622334][ T48] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 95.632567][ T48] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 95.643522][ T48] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 95.651088][ T48] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 95.803831][ T4369] chnl_net:caif_netlink_parms(): no params data found [ 95.868202][ T4369] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.877883][ T4369] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.887455][ T4369] device bridge_slave_0 entered promiscuous mode [ 95.898116][ T4369] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.907369][ T4369] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.917669][ T4369] device bridge_slave_1 entered promiscuous mode [ 95.944984][ T4369] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.958306][ T4369] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.983402][ T4369] team0: Port device team_slave_0 added [ 95.991745][ T4369] team0: Port device team_slave_1 added [ 96.016313][ T4369] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.023405][ T4369] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.052177][ T4369] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.066697][ T4369] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.075456][ T4369] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.103366][ T4369] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.141698][ T4369] device hsr_slave_0 entered promiscuous mode [ 96.148689][ T4369] device hsr_slave_1 entered promiscuous mode [ 96.155421][ T4369] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 96.164195][ T4369] Cannot create hsr debugfs directory [ 97.201617][ T9] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.686734][ T4323] Bluetooth: hci0: command 0x0409 tx timeout [ 99.468912][ T9] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.539073][ T9] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.767584][ T4323] Bluetooth: hci0: command 0x041b tx timeout [ 100.409557][ T4369] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 100.419934][ T4369] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 100.443063][ T9] device hsr_slave_0 left promiscuous mode [ 100.453694][ T9] device hsr_slave_1 left promiscuous mode [ 100.460929][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 100.471109][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 100.480546][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 100.490935][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 100.499561][ T9] device bridge_slave_1 left promiscuous mode [ 100.506832][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 100.523321][ T9] device bridge_slave_0 left promiscuous mode [ 100.530486][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 100.561453][ T9] device veth1_macvtap left promiscuous mode [ 100.568523][ T9] device veth0_macvtap left promiscuous mode [ 100.574784][ T9] device veth1_vlan left promiscuous mode [ 100.583819][ T9] device veth0_vlan left promiscuous mode [ 101.060457][ T9] team0 (unregistering): Port device team_slave_1 removed [ 101.090616][ T9] team0 (unregistering): Port device team_slave_0 removed [ 101.120112][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 101.151483][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 101.362382][ T9] bond0 (unregistering): Released all slaves [ 101.426364][ T4369] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 101.439655][ T4369] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 101.517723][ T4369] 8021q: adding VLAN 0 to HW filter on device bond0 [ 101.539267][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 101.555723][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 101.567650][ T4369] 8021q: adding VLAN 0 to HW filter on device team0 [ 101.578073][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 101.589203][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 101.598423][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 101.606215][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 101.614516][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 101.632685][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 101.646783][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 101.657148][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 101.667104][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 101.682582][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 101.699550][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 101.713685][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 101.723571][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 101.733610][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 101.745133][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 101.755830][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 101.774182][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 101.785590][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 101.807797][ T4369] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 101.821914][ T4369] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 101.833085][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 101.843462][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 101.847376][ T4323] Bluetooth: hci0: command 0x040f tx timeout [ 102.079007][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 102.089584][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 102.108795][ T4369] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 102.133058][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 102.143176][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 102.171549][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 102.182553][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 102.192497][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 102.200808][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 102.212262][ T4369] device veth0_vlan entered promiscuous mode [ 102.225638][ T4369] device veth1_vlan entered promiscuous mode [ 102.258292][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 102.270740][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 102.280281][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 102.290155][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 102.301580][ T4369] device veth0_macvtap entered promiscuous mode [ 102.318512][ T4369] device veth1_macvtap entered promiscuous mode [ 102.340237][ T4369] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 102.348700][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 102.358034][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 102.366994][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 102.375793][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 102.390245][ T4369] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 102.403337][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 102.418438][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 102.434861][ T4369] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.447718][ T4369] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.458754][ T4369] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.470777][ T4369] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.547666][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.564511][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.576997][ T2955] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 102.608558][ T39] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.617910][ T39] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.626427][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 2026/04/19 01:58:41 executed programs: 2 [ 102.898925][ T4412] loop0: detected capacity change from 0 to 32768 [ 102.907502][ T4412] ======================================================= [ 102.907502][ T4412] WARNING: The mand mount option has been deprecated and [ 102.907502][ T4412] and is ignored by this kernel. Remove the mand [ 102.907502][ T4412] option from the mount to silence this warning. [ 102.907502][ T4412] ======================================================= [ 102.973535][ T4412] JBD2: Ignoring recovery information on journal [ 103.010559][ T4412] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 103.036159][ T26] audit: type=1800 audit(1776563921.559:2): pid=4412 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.17" name="file1" dev="loop0" ino=17058 res=0 errno=0 [ 103.365875][ T4412] (syz.0.17,4412,0):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -5 [ 103.401997][ T4412] syz.0.17 (4412) used greatest stack depth: 18456 bytes left [ 103.433362][ T4369] ocfs2: Unmounting device (7,0) on (node local) [ 103.721456][ T4416] loop0: detected capacity change from 0 to 32768 [ 103.749517][ T4416] JBD2: Ignoring recovery information on journal [ 103.780879][ T4416] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 103.794047][ T26] audit: type=1800 audit(1776563922.319:3): pid=4416 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.18" name="file1" dev="loop0" ino=17058 res=0 errno=0 [ 103.926479][ T4323] Bluetooth: hci0: command 0x0419 tx timeout [ 104.128310][ T4416] (syz.0.18,4416,0):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -5 [ 104.153316][ T4416] syz.0.18 (4416) used greatest stack depth: 18392 bytes left [ 104.182444][ T4369] ocfs2: Unmounting device (7,0) on (node local) [ 104.457436][ T4420] loop0: detected capacity change from 0 to 32768 [ 104.493521][ T4420] JBD2: Ignoring recovery information on journal [ 104.529237][ T4420] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 104.543100][ T26] audit: type=1800 audit(1776563923.069:4): pid=4420 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.19" name="file1" dev="loop0" ino=17058 res=0 errno=0 [ 104.821804][ T4420] (syz.0.19,4420,1):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -5 [ 104.862929][ T4369] ocfs2: Unmounting device (7,0) on (node local) [ 105.146705][ T4424] loop0: detected capacity change from 0 to 32768 [ 105.168930][ T4424] JBD2: Ignoring recovery information on journal [ 105.198243][ T4424] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 105.213044][ T26] audit: type=1800 audit(1776563923.739:5): pid=4424 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.20" name="file1" dev="loop0" ino=17058 res=0 errno=0 [ 105.538164][ T4424] (syz.0.20,4424,1):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -5 [ 105.576242][ T4369] ocfs2: Unmounting device (7,0) on (node local) [ 105.850606][ T4428] loop0: detected capacity change from 0 to 32768 [ 105.883391][ T4428] JBD2: Ignoring recovery information on journal [ 105.914462][ T4428] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 105.938564][ T26] audit: type=1800 audit(1776563924.469:6): pid=4428 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.21" name="file1" dev="loop0" ino=17058 res=0 errno=0 [ 106.250257][ T4428] (syz.0.21,4428,0):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -5 [ 106.289534][ T4369] ocfs2: Unmounting device (7,0) on (node local) [ 106.570549][ T4432] loop0: detected capacity change from 0 to 32768 [ 106.596572][ T4432] JBD2: Ignoring recovery information on journal [ 106.632365][ T4432] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 106.649861][ T26] audit: type=1800 audit(1776563925.179:7): pid=4432 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.22" name="file1" dev="loop0" ino=17058 res=0 errno=0 [ 106.934320][ T4432] (syz.0.22,4432,0):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -5 [ 106.975845][ T4369] ocfs2: Unmounting device (7,0) on (node local) [ 107.273780][ T4436] loop0: detected capacity change from 0 to 32768 [ 107.299822][ T4436] JBD2: Ignoring recovery information on journal [ 107.331915][ T4436] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 107.349379][ T26] audit: type=1800 audit(1776563925.879:8): pid=4436 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.23" name="file1" dev="loop0" ino=17058 res=0 errno=0 2026/04/19 01:58:46 executed programs: 9 [ 107.700530][ T4436] (syz.0.23,4436,0):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -5 [ 107.748710][ T4369] ocfs2: Unmounting device (7,0) on (node local) [ 108.039135][ T4440] loop0: detected capacity change from 0 to 32768 [ 108.067762][ T4440] JBD2: Ignoring recovery information on journal [ 108.101627][ T4440] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 108.119313][ T26] audit: type=1800 audit(1776563926.649:9): pid=4440 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.24" name="file1" dev="loop0" ino=17058 res=0 errno=0 [ 108.426881][ T4440] (syz.0.24,4440,0):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -5 [ 108.465341][ T4369] ocfs2: Unmounting device (7,0) on (node local) [ 108.749386][ T4444] loop0: detected capacity change from 0 to 32768 [ 108.776071][ T4444] JBD2: Ignoring recovery information on journal [ 108.814714][ T4444] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 108.834399][ T26] audit: type=1800 audit(1776563927.359:10): pid=4444 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.25" name="file1" dev="loop0" ino=17058 res=0 errno=0 [ 109.145749][ T4444] (syz.0.25,4444,0):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -5 [ 109.183910][ T4369] ocfs2: Unmounting device (7,0) on (node local) [ 109.470134][ T4448] loop0: detected capacity change from 0 to 32768 [ 109.494930][ T4448] JBD2: Ignoring recovery information on journal [ 109.530902][ T4448] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 109.544814][ T26] audit: type=1800 audit(1776563928.069:11): pid=4448 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.26" name="file1" dev="loop0" ino=17058 res=0 errno=0 [ 109.855540][ T4448] (syz.0.26,4448,1):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -5 [ 109.892807][ T4369] ocfs2: Unmounting device (7,0) on (node local) [ 110.174090][ T4452] loop0: detected capacity change from 0 to 32768 [ 110.197969][ T4452] JBD2: Ignoring recovery information on journal [ 110.251093][ T4452] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 110.277444][ T26] audit: type=1800 audit(1776563928.809:12): pid=4452 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.27" name="file1" dev="loop0" ino=17058 res=0 errno=0 [ 110.573048][ T4452] (syz.0.27,4452,1):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -5 [ 110.609074][ T4369] ocfs2: Unmounting device (7,0) on (node local) [ 110.886473][ T4456] loop0: detected capacity change from 0 to 32768 [ 110.913300][ T4456] JBD2: Ignoring recovery information on journal [ 110.945272][ T4456] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 110.959689][ T26] audit: type=1800 audit(1776563929.489:13): pid=4456 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.28" name="file1" dev="loop0" ino=17058 res=0 errno=0 [ 111.270760][ T4456] (syz.0.28,4456,0):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -5 [ 111.307609][ T4369] ocfs2: Unmounting device (7,0) on (node local) [ 111.591533][ T4460] loop0: detected capacity change from 0 to 32768 [ 111.617437][ T4460] JBD2: Ignoring recovery information on journal [ 111.651660][ T4460] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 111.670148][ T26] audit: type=1800 audit(1776563930.199:14): pid=4460 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.29" name="file1" dev="loop0" ino=17058 res=0 errno=0 [ 112.025668][ T4460] (syz.0.29,4460,1):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -5 [ 112.064195][ T4369] ocfs2: Unmounting device (7,0) on (node local) [ 112.352261][ T4464] loop0: detected capacity change from 0 to 32768 [ 112.378058][ T4464] JBD2: Ignoring recovery information on journal [ 112.408778][ T4464] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 112.424012][ T26] audit: type=1800 audit(1776563930.949:15): pid=4464 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.30" name="file1" dev="loop0" ino=17058 res=0 errno=0 2026/04/19 01:58:51 executed programs: 16 [ 112.740786][ T4464] (syz.0.30,4464,1):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -5 [ 112.778734][ T4369] ocfs2: Unmounting device (7,0) on (node local) [ 113.072460][ T4468] loop0: detected capacity change from 0 to 32768 [ 113.104862][ T4468] JBD2: Ignoring recovery information on journal [ 113.135353][ T4468] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 113.150089][ T26] audit: type=1800 audit(1776563931.679:16): pid=4468 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.31" name="file1" dev="loop0" ino=17058 res=0 errno=0 [ 113.458680][ T4468] (syz.0.31,4468,1):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -5 [ 113.495402][ T4369] ocfs2: Unmounting device (7,0) on (node local) [ 113.781884][ T4472] loop0: detected capacity change from 0 to 32768 [ 113.809914][ T4472] JBD2: Ignoring recovery information on journal [ 113.841580][ T4472] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 113.863294][ T26] audit: type=1800 audit(1776563932.389:17): pid=4472 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.32" name="file1" dev="loop0" ino=17058 res=0 errno=0 [ 114.169514][ T4472] (syz.0.32,4472,1):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -5 [ 114.205525][ T4369] ocfs2: Unmounting device (7,0) on (node local) [ 114.488005][ T4476] loop0: detected capacity change from 0 to 32768 [ 114.513928][ T4476] JBD2: Ignoring recovery information on journal [ 114.543446][ T4476] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 114.558033][ T26] audit: type=1800 audit(1776563933.089:18): pid=4476 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.33" name="file1" dev="loop0" ino=17058 res=0 errno=0 [ 114.885963][ T4476] (syz.0.33,4476,0):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -5 [ 114.930710][ T4369] ocfs2: Unmounting device (7,0) on (node local) [ 115.216817][ T4480] loop0: detected capacity change from 0 to 32768 [ 115.244180][ T4480] JBD2: Ignoring recovery information on journal [ 115.271841][ T4480] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 115.291918][ T26] audit: type=1800 audit(1776563933.819:19): pid=4480 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.34" name="file1" dev="loop0" ino=17058 res=0 errno=0 [ 115.606480][ T4480] (syz.0.34,4480,0):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -5 [ 115.645703][ T4369] ocfs2: Unmounting device (7,0) on (node local) [ 115.932284][ T4484] loop0: detected capacity change from 0 to 32768 [ 115.950902][ T4484] JBD2: Ignoring recovery information on journal [ 115.985625][ T4484] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 116.007530][ T26] audit: type=1800 audit(1776563934.539:20): pid=4484 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.35" name="file1" dev="loop0" ino=17058 res=0 errno=0 [ 116.282543][ T4484] (syz.0.35,4484,0):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -5 [ 116.327155][ T4369] ocfs2: Unmounting device (7,0) on (node local) [ 116.617249][ T4488] loop0: detected capacity change from 0 to 32768 [ 116.652763][ T4488] JBD2: Ignoring recovery information on journal [ 116.687499][ T4488] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 116.701516][ T26] audit: type=1800 audit(1776563935.229:21): pid=4488 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.36" name="file1" dev="loop0" ino=17058 res=0 errno=0 [ 117.019899][ T4488] (syz.0.36,4488,1):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -5 [ 117.060021][ T4369] ocfs2: Unmounting device (7,0) on (node local) [ 117.367449][ T4492] loop0: detected capacity change from 0 to 32768 [ 117.397173][ T4492] JBD2: Ignoring recovery information on journal [ 117.451528][ T4492] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 117.468686][ T26] audit: type=1800 audit(1776563935.999:22): pid=4492 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.37" name="file1" dev="loop0" ino=17058 res=0 errno=0 2026/04/19 01:58:56 executed programs: 23 [ 117.794110][ T4492] (syz.0.37,4492,0):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -5 [ 117.819799][ T4492] syz.0.37 (4492) used greatest stack depth: 17912 bytes left [ 117.847735][ T4369] ocfs2: Unmounting device (7,0) on (node local) [ 118.137737][ T4496] loop0: detected capacity change from 0 to 32768 [ 118.161273][ T4496] JBD2: Ignoring recovery information on journal [ 118.191472][ T4496] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 118.216656][ T26] audit: type=1800 audit(1776563936.749:23): pid=4496 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.38" name="file1" dev="loop0" ino=17058 res=0 errno=0 [ 118.533559][ T4496] (syz.0.38,4496,0):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -5 [ 118.570310][ T4369] ocfs2: Unmounting device (7,0) on (node local) [ 118.859342][ T4500] loop0: detected capacity change from 0 to 32768 [ 118.893448][ T4500] JBD2: Ignoring recovery information on journal [ 118.929876][ T4500] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 118.948645][ T26] audit: type=1800 audit(1776563937.479:24): pid=4500 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.39" name="file1" dev="loop0" ino=17058 res=0 errno=0 [ 119.265140][ T4500] (syz.0.39,4500,1):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -5 [ 119.301718][ T4369] ocfs2: Unmounting device (7,0) on (node local) [ 119.589194][ T4504] loop0: detected capacity change from 0 to 32768 [ 119.617350][ T4504] JBD2: Ignoring recovery information on journal [ 119.646289][ T4504] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 119.660968][ T26] audit: type=1800 audit(1776563938.189:25): pid=4504 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.40" name="file1" dev="loop0" ino=17058 res=0 errno=0 [ 119.670228][ T4504] [ 119.684178][ T4504] ====================================================== [ 119.691409][ T4504] WARNING: possible circular locking dependency detected [ 119.698658][ T4504] syzkaller #0 Not tainted [ 119.703230][ T4504] ------------------------------------------------------ [ 119.710546][ T4504] syz.0.40/4504 is trying to acquire lock: [ 119.716388][ T4504] ffff88807e3fd488 (&osb->system_file_mutex){+.+.}-{3:3}, at: ocfs2_get_system_file_inode+0x1b2/0x850 [ 119.727573][ T4504] [ 119.727573][ T4504] but task is already holding lock: [ 119.735076][ T4504] ffff88806f196a20 (&ocfs2_file_ip_alloc_sem_key){++++}-{3:3}, at: ocfs2_dio_wr_get_block+0x904/0x1820 [ 119.746555][ T4504] [ 119.746555][ T4504] which lock already depends on the new lock. [ 119.746555][ T4504] [ 119.757310][ T4504] [ 119.757310][ T4504] the existing dependency chain (in reverse order) is: [ 119.766449][ T4504] [ 119.766449][ T4504] -> #1 (&ocfs2_file_ip_alloc_sem_key){++++}-{3:3}: [ 119.776342][ T4504] down_read+0x42/0x2d0 [ 119.781466][ T4504] ocfs2_read_virt_blocks+0x25d/0x970 [ 119.787957][ T4504] ocfs2_find_entry+0x3c1/0x2180 [ 119.793537][ T4504] ocfs2_find_files_on_disk+0x102/0x390 [ 119.799726][ T4504] ocfs2_lookup_ino_from_name+0x4f/0xf0 [ 119.805909][ T4504] ocfs2_get_system_file_inode+0x36a/0x850 [ 119.812267][ T4504] ocfs2_init_global_system_inodes+0x2f3/0x6d0 [ 119.819789][ T4504] ocfs2_fill_super+0x2bc2/0x5090 [ 119.826585][ T4504] mount_bdev+0x287/0x3c0 [ 119.831667][ T4504] legacy_get_tree+0xe6/0x180 [ 119.837168][ T4504] vfs_get_tree+0x88/0x270 [ 119.842256][ T4504] do_new_mount+0x24a/0xa40 [ 119.847302][ T4504] __se_sys_mount+0x2e3/0x3d0 [ 119.852616][ T4504] do_syscall_64+0x4c/0xa0 [ 119.857935][ T4504] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 119.864658][ T4504] [ 119.864658][ T4504] -> #0 (&osb->system_file_mutex){+.+.}-{3:3}: [ 119.873126][ T4504] __lock_acquire+0x2d07/0x7d10 [ 119.878565][ T4504] lock_acquire+0x1bb/0x4a0 [ 119.883617][ T4504] __mutex_lock+0x12d/0xaf0 [ 119.888789][ T4504] ocfs2_get_system_file_inode+0x1b2/0x850 [ 119.895162][ T4504] ocfs2_reserve_local_alloc_bits+0xfd/0x2700 [ 119.901786][ T4504] ocfs2_reserve_clusters_with_limit+0x1b6/0xc10 [ 119.909621][ T4504] ocfs2_lock_allocators+0x2d5/0x5f0 [ 119.916156][ T4504] ocfs2_write_begin_nolock+0x1b70/0x44f0 [ 119.922800][ T4504] ocfs2_dio_wr_get_block+0xbb6/0x1820 [ 119.928821][ T4504] __blockdev_direct_IO+0x1749/0x3570 [ 119.935020][ T4504] ocfs2_direct_IO+0x233/0x2a0 [ 119.940426][ T4504] generic_file_direct_write+0x10f/0x330 [ 119.946701][ T4504] __generic_file_write_iter+0x15f/0x2a0 [ 119.952986][ T4504] ocfs2_file_write_iter+0x1660/0x1f00 [ 119.959021][ T4504] do_iter_write+0x642/0xb10 [ 119.964171][ T4504] iter_file_splice_write+0x699/0xcc0 [ 119.970355][ T4504] direct_splice_actor+0xe1/0x130 [ 119.976216][ T4504] splice_direct_to_actor+0x48b/0xb90 [ 119.982669][ T4504] do_splice_direct+0x1ce/0x2f0 [ 119.988091][ T4504] do_sendfile+0x5f3/0xea0 [ 119.993150][ T4504] __se_sys_sendfile64+0x141/0x1a0 [ 119.998902][ T4504] do_syscall_64+0x4c/0xa0 [ 120.004063][ T4504] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 120.011531][ T4504] [ 120.011531][ T4504] other info that might help us debug this: [ 120.011531][ T4504] [ 120.022362][ T4504] Possible unsafe locking scenario: [ 120.022362][ T4504] [ 120.030891][ T4504] CPU0 CPU1 [ 120.036296][ T4504] ---- ---- [ 120.041785][ T4504] lock(&ocfs2_file_ip_alloc_sem_key); [ 120.047573][ T4504] lock(&osb->system_file_mutex); [ 120.055502][ T4504] lock(&ocfs2_file_ip_alloc_sem_key); [ 120.063693][ T4504] lock(&osb->system_file_mutex); [ 120.068844][ T4504] [ 120.068844][ T4504] *** DEADLOCK *** [ 120.068844][ T4504] [ 120.077197][ T4504] 3 locks held by syz.0.40/4504: [ 120.083256][ T4504] #0: ffff88805bfe6460 (sb_writers#13){.+.+}-{0:0}, at: do_sendfile+0x5d0/0xea0 [ 120.093635][ T4504] #1: ffff88806f196d88 (&sb->s_type->i_mutex_key#21){+.+.}-{3:3}, at: ocfs2_file_write_iter+0x448/0x1f00 [ 120.105455][ T4504] #2: ffff88806f196a20 (&ocfs2_file_ip_alloc_sem_key){++++}-{3:3}, at: ocfs2_dio_wr_get_block+0x904/0x1820 [ 120.117714][ T4504] [ 120.117714][ T4504] stack backtrace: [ 120.123654][ T4504] CPU: 1 PID: 4504 Comm: syz.0.40 Not tainted syzkaller #0 [ 120.131145][ T4504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 120.141608][ T4504] Call Trace: [ 120.145020][ T4504] [ 120.148005][ T4504] dump_stack_lvl+0x188/0x24e [ 120.153016][ T4504] ? load_image+0x400/0x400 [ 120.157558][ T4504] ? show_regs_print_info+0x12/0x12 [ 120.162891][ T4504] ? print_circular_bug+0x12b/0x1a0 [ 120.168518][ T4504] check_noncircular+0x296/0x330 [ 120.173652][ T4504] ? add_chain_block+0x940/0x940 [ 120.178649][ T4504] ? lockdep_lock+0xf1/0x1f0 [ 120.183370][ T4504] ? _find_first_zero_bit+0xcf/0x100 [ 120.188697][ T4504] __lock_acquire+0x2d07/0x7d10 [ 120.193616][ T4504] ? mark_lock+0x94/0x320 [ 120.198174][ T4504] ? verify_lock_unused+0x140/0x140 [ 120.203613][ T4504] ? __lock_acquire+0x13cf/0x7d10 [ 120.209416][ T4504] ? hlock_conflict+0x59/0x1f0 [ 120.214232][ T4504] ? rcu_is_watching+0x11/0xa0 [ 120.219083][ T4504] lock_acquire+0x1bb/0x4a0 [ 120.224373][ T4504] ? ocfs2_get_system_file_inode+0x1b2/0x850 [ 120.231012][ T4504] ? __might_sleep+0xd0/0xd0 [ 120.236171][ T4504] ? read_lock_is_recursive+0x10/0x10 [ 120.242116][ T4504] __mutex_lock+0x12d/0xaf0 [ 120.247281][ T4504] ? ocfs2_get_system_file_inode+0x1b2/0x850 [ 120.253577][ T4504] ? ocfs2_get_system_file_inode+0x151/0x850 [ 120.259984][ T4504] ? ocfs2_get_system_file_inode+0x1b2/0x850 [ 120.266012][ T4504] ? mutex_lock_nested+0x10/0x10 [ 120.271009][ T4504] ? do_raw_spin_lock+0x128/0x2f0 [ 120.276164][ T4504] ? __rwlock_init+0x140/0x140 [ 120.281239][ T4504] ? do_raw_spin_unlock+0x11d/0x230 [ 120.286489][ T4504] ocfs2_get_system_file_inode+0x1b2/0x850 [ 120.292342][ T4504] ? ocfs2_fast_symlink_read_folio+0x550/0x550 [ 120.298916][ T4504] ? lockdep_unlock+0x142/0x2e0 [ 120.303830][ T4504] ? lockdep_lock+0x1f0/0x1f0 [ 120.308834][ T4504] ? add_lock_to_list+0x191/0x280 [ 120.315050][ T4504] ? __lock_acquire+0x28c4/0x7d10 [ 120.320554][ T4504] ? kernel_text_address+0x9c/0xd0 [ 120.325704][ T4504] ocfs2_reserve_local_alloc_bits+0xfd/0x2700 [ 120.331834][ T4504] ? stack_trace_save+0xa6/0xf0 [ 120.336881][ T4504] ? verify_lock_unused+0x140/0x140 [ 120.342210][ T4504] ? ocfs2_complete_local_alloc_recovery+0x580/0x580 [ 120.349007][ T4504] ? kasan_set_track+0x60/0x70 [ 120.353818][ T4504] ? ocfs2_direct_IO+0x233/0x2a0 [ 120.358835][ T4504] ? generic_file_direct_write+0x10f/0x330 [ 120.364934][ T4504] ? __generic_file_write_iter+0x15f/0x2a0 [ 120.370923][ T4504] ? ocfs2_file_write_iter+0x1660/0x1f00 [ 120.376620][ T4504] ? do_iter_write+0x642/0xb10 [ 120.381500][ T4504] ? direct_splice_actor+0xe1/0x130 [ 120.386855][ T4504] ? splice_direct_to_actor+0x48b/0xb90 [ 120.392548][ T4504] ? do_splice_direct+0x1ce/0x2f0 [ 120.398214][ T4504] ? do_sendfile+0x5f3/0xea0 [ 120.402916][ T4504] ? ocfs2_alloc_should_use_local+0x16b/0x370 [ 120.409099][ T4504] ? __lock_acquire+0x7d10/0x7d10 [ 120.414202][ T4504] ? do_raw_spin_lock+0x128/0x2f0 [ 120.419365][ T4504] ? __rwlock_init+0x140/0x140 [ 120.424181][ T4504] ? do_raw_spin_unlock+0x11d/0x230 [ 120.429414][ T4504] ? ocfs2_alloc_should_use_local+0x16b/0x370 [ 120.435529][ T4504] ocfs2_reserve_clusters_with_limit+0x1b6/0xc10 [ 120.442534][ T4504] ? ocfs2_reserve_clusters+0x30/0x30 [ 120.447943][ T4504] ? kasan_set_track+0x60/0x70 [ 120.453006][ T4504] ? kasan_set_track+0x4b/0x70 [ 120.457808][ T4504] ? __kasan_kmalloc+0x8e/0xa0 [ 120.463033][ T4504] ? ocfs2_write_begin_nolock+0xebf/0x44f0 [ 120.470543][ T4504] ? ocfs2_dio_wr_get_block+0xbb6/0x1820 [ 120.476661][ T4504] ? __blockdev_direct_IO+0x1749/0x3570 [ 120.482888][ T4504] ? ocfs2_direct_IO+0x233/0x2a0 [ 120.487874][ T4504] ? rcu_is_watching+0x11/0xa0 [ 120.492836][ T4504] ? ocfs2_num_free_extents+0x307/0x630 [ 120.498449][ T4504] ? ocfs2_validate_extent_block+0x620/0x620 [ 120.504554][ T4504] ocfs2_lock_allocators+0x2d5/0x5f0 [ 120.509968][ T4504] ? _ocfs2_clear_bit+0x30/0x30 [ 120.515219][ T4504] ? do_raw_spin_lock+0x128/0x2f0 [ 120.520456][ T4504] ? __rwlock_init+0x140/0x140 [ 120.525535][ T4504] ? ocfs2_write_begin_nolock+0xf90/0x44f0 [ 120.531371][ T4504] ocfs2_write_begin_nolock+0x1b70/0x44f0 [ 120.537140][ T4504] ? ocfs2_size_fits_inline_data+0x90/0x90 [ 120.543072][ T4504] ? __lock_acquire+0x28c4/0x7d10 [ 120.548262][ T4504] ? ocfs2_read_inode_block_full+0x1a0/0x1a0 [ 120.555241][ T4504] ? ocfs2_allocate_extend_trans+0x670/0x670 [ 120.561260][ T4504] ? ocfs2_orphan_add+0x12d0/0x12d0 [ 120.566800][ T4504] ? rwsem_write_trylock+0x135/0x1c0 [ 120.572316][ T4504] ? clear_nonspinnable+0x60/0x60 [ 120.577386][ T4504] ocfs2_dio_wr_get_block+0xbb6/0x1820 [ 120.583671][ T4504] ? ocfs2_lock_get_block+0x50/0x50 [ 120.588909][ T4504] ? get_page+0xa0/0x1b0 [ 120.593368][ T4504] ? __iov_iter_get_pages_alloc+0x8eb/0xb00 [ 120.599573][ T4504] ? iov_iter_get_pages2+0x5b/0x90 [ 120.604812][ T4504] ? ocfs2_lock_get_block+0x50/0x50 [ 120.610571][ T4504] __blockdev_direct_IO+0x1749/0x3570 [ 120.616103][ T4504] ? sb_init_dio_done_wq+0x80/0x80 [ 120.621403][ T4504] ? ocfs2_lock_get_block+0x50/0x50 [ 120.626745][ T4504] ? filemap_read+0x3020/0x3020 [ 120.631692][ T4504] ? __mnt_drop_write_file+0xbc/0xf0 [ 120.637467][ T4504] ? ocfs2_lock_get_block+0x50/0x50 [ 120.642776][ T4504] ocfs2_direct_IO+0x233/0x2a0 [ 120.647717][ T4504] generic_file_direct_write+0x10f/0x330 [ 120.653840][ T4504] ? do_raw_spin_unlock+0x11d/0x230 [ 120.659222][ T4504] __generic_file_write_iter+0x15f/0x2a0 [ 120.665264][ T4504] ocfs2_file_write_iter+0x1660/0x1f00 [ 120.670945][ T4504] ? ocfs2_file_read_iter+0xbb0/0xbb0 [ 120.676574][ T4504] ? aa_file_perm+0x3ea/0xf00 [ 120.681395][ T4504] ? aa_file_perm+0x112/0xf00 [ 120.686130][ T4504] ? kasan_set_track+0x60/0x70 [ 120.691223][ T4504] ? aa_path_link+0x880/0x880 [ 120.695948][ T4504] ? iter_file_splice_write+0x19f/0xcc0 [ 120.701648][ T4504] ? direct_splice_actor+0xe1/0x130 [ 120.706995][ T4504] ? splice_direct_to_actor+0x48b/0xb90 [ 120.712768][ T4504] ? do_splice_direct+0x1ce/0x2f0 [ 120.717925][ T4504] ? do_sendfile+0x5f3/0xea0 [ 120.722711][ T4504] ? __se_sys_sendfile64+0x141/0x1a0 [ 120.728055][ T4504] ? do_syscall_64+0x4c/0xa0 [ 120.732770][ T4504] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 120.738891][ T4504] ? end_current_label_crit_section+0x14b/0x170 [ 120.745345][ T4504] ? common_file_perm+0x171/0x1c0 [ 120.750535][ T4504] do_iter_write+0x642/0xb10 [ 120.755196][ T4504] ? vfs_iter_write+0xa0/0xa0 [ 120.760104][ T4504] ? vfs_iter_write+0x67/0xa0 [ 120.765042][ T4504] iter_file_splice_write+0x699/0xcc0 [ 120.771153][ T4504] ? splice_from_pipe+0x180/0x180 [ 120.776243][ T4504] ? splice_shrink_spd+0xc0/0xc0 [ 120.781241][ T4504] ? fsnotify_set_children_dentry_flags+0x220/0x220 [ 120.788044][ T4504] ? splice_from_pipe+0x180/0x180 [ 120.793111][ T4504] direct_splice_actor+0xe1/0x130 [ 120.798180][ T4504] splice_direct_to_actor+0x48b/0xb90 [ 120.803596][ T4504] ? direct_file_splice_eof+0xa0/0xa0 [ 120.809273][ T4504] ? pipe_to_sendpage+0x320/0x320 [ 120.814331][ T4504] ? common_file_perm+0x171/0x1c0 [ 120.819386][ T4504] ? fsnotify_perm+0x5a/0x550 [ 120.824180][ T4504] ? security_file_permission+0x75/0xa0 [ 120.830200][ T4504] do_splice_direct+0x1ce/0x2f0 [ 120.835089][ T4504] ? splice_direct_to_actor+0xb90/0xb90 [ 120.841200][ T4504] ? rcu_read_lock_any_held+0xb0/0x130 [ 120.847102][ T4504] ? do_splice_direct+0x2f0/0x2f0 [ 120.852262][ T4504] ? common_file_perm+0x171/0x1c0 [ 120.857681][ T4504] do_sendfile+0x5f3/0xea0 [ 120.862165][ T4504] ? do_pwritev+0x3a0/0x3a0 [ 120.866921][ T4504] ? do_sys_openat2+0x20c/0x4b0 [ 120.872124][ T4504] __se_sys_sendfile64+0x141/0x1a0 [ 120.877302][ T4504] ? lock_chain_count+0x20/0x20 [ 120.882470][ T4504] ? __x64_sys_sendfile64+0xa0/0xa0 [ 120.887793][ T4504] ? lockdep_hardirqs_on+0x94/0x140 [ 120.893195][ T4504] do_syscall_64+0x4c/0xa0 [ 120.897755][ T4504] ? clear_bhb_loop+0x60/0xb0 [ 120.902474][ T4504] ? clear_bhb_loop+0x60/0xb0 [ 120.907395][ T4504] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 120.913508][ T4504] RIP: 0033:0x7fb2ca59c819 [ 120.918054][ T4504] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 120.938158][ T4504] RSP: 002b:00007ffedf567bf8 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 120.946869][ T4504] RAX: ffffffffffffffda RBX: 00007fb2ca815fa0 RCX: 00007fb2ca59c819 [ 120.954899][ T4504] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 120.962896][ T4504] RBP: 00007fb2ca632c91 R08: 0000000000000000 R09: 0000000000000000 [ 120.971077][ T4504] R10: 0000000000fffe82 R11: 0000000000000246 R12: 0000000000000000 [ 120.979098][ T4504] R13: 00007fb2ca815fac R14: 00007fb2ca815fa0 R15: 00007fb2ca815fa0 [ 120.987305][ T4504] [ 121.185576][ T4504] (syz.0.40,4504,1):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -5 [ 121.210034][ T4369] ocfs2: Unmounting device (7,0) on (node local) [ 121.421052][ T4510] loop0: detected capacity change from 0 to 32768 [ 121.435111][ T4510] JBD2: Ignoring recovery information on journal [