Warning: Permanently added '10.128.1.53' (ED25519) to the list of known hosts. 2025/08/13 18:12:58 ignoring optional flag "sandboxArg"="0" 2025/08/13 18:12:59 parsed 1 programs [ 82.027497][ T4270] cgroup: Unknown subsys name 'net' [ 82.188471][ T4270] cgroup: Unknown subsys name 'rlimit' [ 83.761723][ T4270] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 86.516267][ T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.524504][ T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.535519][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 86.562948][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.570954][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.579832][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 87.038749][ T4320] chnl_net:caif_netlink_parms(): no params data found [ 87.161131][ T4320] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.169576][ T4320] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.178871][ T4320] device bridge_slave_0 entered promiscuous mode [ 87.189632][ T4320] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.197146][ T4320] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.206223][ T4320] device bridge_slave_1 entered promiscuous mode [ 87.236875][ T4320] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 87.249436][ T4320] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 87.282889][ T4320] team0: Port device team_slave_0 added [ 87.292801][ T4320] team0: Port device team_slave_1 added [ 87.322263][ T4320] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.330245][ T4320] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.356944][ T4320] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.370504][ T4320] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.377681][ T4320] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.404054][ T4320] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.447985][ T4320] device hsr_slave_0 entered promiscuous mode [ 87.455268][ T4320] device hsr_slave_1 entered promiscuous mode [ 87.611385][ T4320] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 87.623385][ T4320] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 87.635074][ T4320] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 87.648161][ T4320] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 87.735043][ T4320] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.749774][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 87.759047][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 87.770911][ T4320] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.781839][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 87.790879][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 87.801489][ T4308] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.808873][ T4308] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.818531][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 87.840237][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 87.849363][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 87.858082][ T4308] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.865384][ T4308] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.880736][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 87.905471][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 87.923815][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 87.933934][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 87.943355][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 87.952725][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 87.961388][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 87.990891][ T4320] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 88.001725][ T4320] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 88.014589][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 88.023775][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 88.033927][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 88.043392][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 88.052302][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 88.266375][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 88.291266][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 88.317186][ T4320] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.366976][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 88.376238][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 88.404326][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 88.413682][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 88.424451][ T4320] device veth0_vlan entered promiscuous mode [ 88.433631][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 88.445632][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 88.471176][ T4320] device veth1_vlan entered promiscuous mode [ 88.493453][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 88.502974][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 88.511359][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 88.522662][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 88.534408][ T4320] device veth0_macvtap entered promiscuous mode [ 88.546249][ T4320] device veth1_macvtap entered promiscuous mode [ 88.573903][ T4320] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.583733][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 88.594234][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 88.606623][ T4320] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 88.616666][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 88.626484][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 88.638271][ T4320] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.648784][ T4320] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.657960][ T4320] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.667550][ T4320] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.841051][ T46] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.100826][ T4357] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 89.110148][ T4357] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 89.118833][ T4357] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 89.127071][ T4357] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 89.135852][ T4357] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 89.144265][ T4357] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 2025/08/13 18:13:10 executed programs: 0 [ 90.344563][ T48] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 90.353927][ T48] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 90.362302][ T48] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 90.370285][ T48] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 90.378899][ T48] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 90.387582][ T48] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 90.535355][ T4374] chnl_net:caif_netlink_parms(): no params data found [ 90.587841][ T4374] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.596157][ T4374] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.604735][ T4374] device bridge_slave_0 entered promiscuous mode [ 90.614304][ T4374] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.621547][ T4374] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.630220][ T4374] device bridge_slave_1 entered promiscuous mode [ 90.654648][ T4374] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.666753][ T4374] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 90.694937][ T4374] team0: Port device team_slave_0 added [ 90.703543][ T4374] team0: Port device team_slave_1 added [ 90.725148][ T4374] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.732271][ T4374] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 90.758647][ T4374] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.770989][ T4374] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.778137][ T4374] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 90.805803][ T4374] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.843311][ T4374] device hsr_slave_0 entered promiscuous mode [ 90.850332][ T4374] device hsr_slave_1 entered promiscuous mode [ 90.857224][ T4374] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 90.865438][ T4374] Cannot create hsr debugfs directory [ 90.994754][ T46] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.114615][ T129] cfg80211: failed to load regulatory.db [ 92.432707][ T48] Bluetooth: hci0: command 0x0409 tx timeout [ 93.201728][ T46] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 93.284213][ T46] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.195816][ T46] device hsr_slave_0 left promiscuous mode [ 94.203035][ T46] device hsr_slave_1 left promiscuous mode [ 94.210140][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 94.220946][ T46] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 94.230265][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 94.240346][ T46] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 94.248584][ T46] device bridge_slave_1 left promiscuous mode [ 94.258728][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.275468][ T46] device bridge_slave_0 left promiscuous mode [ 94.282153][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.315045][ T46] device veth1_macvtap left promiscuous mode [ 94.321525][ T46] device veth0_macvtap left promiscuous mode [ 94.328306][ T46] device veth1_vlan left promiscuous mode [ 94.336636][ T46] device veth0_vlan left promiscuous mode [ 94.525249][ T4359] Bluetooth: hci0: command 0x041b tx timeout [ 94.705011][ T46] team0 (unregistering): Port device team_slave_1 removed [ 94.736533][ T46] team0 (unregistering): Port device team_slave_0 removed [ 94.766275][ T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 94.797868][ T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 95.080435][ T46] bond0 (unregistering): Released all slaves [ 95.162222][ T4374] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 95.172105][ T4374] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 95.181278][ T4374] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 95.190623][ T4374] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 95.269832][ T4374] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.293930][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 95.305537][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 95.319481][ T4374] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.329687][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 95.339326][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 95.348569][ T41] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.355760][ T41] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.364249][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 95.387915][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 95.400626][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 95.410484][ T75] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.417904][ T75] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.427323][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 95.440058][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 95.456264][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 95.467640][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 95.477253][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 95.487470][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 95.496712][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 95.508041][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 95.519790][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 95.535417][ T4374] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 95.547475][ T4374] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 95.556869][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 95.566179][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 95.816102][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 95.824556][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 95.837827][ T4374] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 95.857162][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 95.866375][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 95.886118][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 95.895357][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 95.905313][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 95.913424][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 95.923757][ T4374] device veth0_vlan entered promiscuous mode [ 95.936320][ T4374] device veth1_vlan entered promiscuous mode [ 95.955976][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 95.964627][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 95.973511][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 95.983121][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 95.995525][ T4374] device veth0_macvtap entered promiscuous mode [ 96.018807][ T4374] device veth1_macvtap entered promiscuous mode [ 96.036133][ T4374] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.044726][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 96.053390][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 96.061582][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 96.072006][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 96.098973][ T4374] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.106920][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 96.116475][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 96.129473][ T4374] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.138754][ T4374] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.147935][ T4374] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.156876][ T4374] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.225372][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.240844][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.268566][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 96.284111][ T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.295717][ T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.317014][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 96.367787][ T4421] loop0: detected capacity change from 0 to 1024 [ 96.407677][ T4421] [ 96.410079][ T4421] ============================================ [ 96.416346][ T4421] WARNING: possible recursive locking detected [ 96.422585][ T4421] 6.1.147-syzkaller #0 Not tainted [ 96.427729][ T4421] -------------------------------------------- [ 96.433902][ T4421] syz.0.17/4421 is trying to acquire lock: [ 96.439716][ T4421] ffff8880284b9548 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_get_block+0x39b/0x1530 [ 96.450808][ T4421] [ 96.450808][ T4421] but task is already holding lock: [ 96.458378][ T4421] ffff8880284ba988 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_file_truncate+0x28f/0xb30 [ 96.469623][ T4421] [ 96.469623][ T4421] other info that might help us debug this: [ 96.477693][ T4421] Possible unsafe locking scenario: [ 96.477693][ T4421] [ 96.485148][ T4421] CPU0 [ 96.488431][ T4421] ---- [ 96.491718][ T4421] lock(&HFSPLUS_I(inode)->extents_lock); [ 96.497538][ T4421] lock(&HFSPLUS_I(inode)->extents_lock); [ 96.503451][ T4421] [ 96.503451][ T4421] *** DEADLOCK *** [ 96.503451][ T4421] [ 96.511714][ T4421] May be due to missing lock nesting notation [ 96.511714][ T4421] [ 96.520213][ T4421] 4 locks held by syz.0.17/4421: [ 96.525242][ T4421] #0: ffff888079474460 (sb_writers#13){.+.+}-{0:0}, at: mnt_want_write+0x3d/0x90 [ 96.534691][ T4421] #1: ffff8880284bab80 (&sb->s_type->i_mutex_key#21){+.+.}-{3:3}, at: do_truncate+0x183/0x220 [ 96.545161][ T4421] #2: ffff8880284ba988 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_file_truncate+0x28f/0xb30 [ 96.556782][ T4421] #3: ffff88807af800f8 (&sbi->alloc_mutex){+.+.}-{3:3}, at: hfsplus_block_free+0xbf/0x4b0 [ 96.566905][ T4421] [ 96.566905][ T4421] stack backtrace: [ 96.572821][ T4421] CPU: 1 PID: 4421 Comm: syz.0.17 Not tainted 6.1.147-syzkaller #0 [ 96.580981][ T4421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 96.591069][ T4421] Call Trace: [ 96.594360][ T4421] [ 96.597306][ T4421] dump_stack_lvl+0x168/0x22e [ 96.602004][ T4421] ? show_regs_print_info+0x12/0x12 [ 96.607246][ T4421] ? load_image+0x3b0/0x3b0 [ 96.612204][ T4421] __lock_acquire+0x122f/0x7c50 [ 96.617122][ T4421] ? unwind_get_return_address+0x49/0x80 [ 96.622781][ T4421] ? stack_trace_save+0xe0/0xe0 [ 96.627999][ T4421] ? check_noncircular+0x16f/0x310 [ 96.633274][ T4421] ? verify_lock_unused+0x140/0x140 [ 96.638510][ T4421] ? lockdep_unlock+0x133/0x2d0 [ 96.643670][ T4421] ? lockdep_lock+0x1e0/0x1e0 [ 96.648505][ T4421] ? add_lock_to_list+0x191/0x280 [ 96.653569][ T4421] lock_acquire+0x1b4/0x490 [ 96.658100][ T4421] ? hfsplus_get_block+0x39b/0x1530 [ 96.663358][ T4421] ? __might_sleep+0xd0/0xd0 [ 96.668136][ T4421] ? read_lock_is_recursive+0x10/0x10 [ 96.673664][ T4421] ? verify_lock_unused+0x140/0x140 [ 96.678890][ T4421] __mutex_lock+0x120/0xaf0 [ 96.683499][ T4421] ? hfsplus_get_block+0x39b/0x1530 [ 96.688800][ T4421] ? memset+0x1e/0x40 [ 96.692800][ T4421] ? hfsplus_get_block+0x39b/0x1530 [ 96.698119][ T4421] ? mutex_lock_nested+0x10/0x10 [ 96.703105][ T4421] hfsplus_get_block+0x39b/0x1530 [ 96.708142][ T4421] ? alloc_buffer_head+0xd4/0x100 [ 96.713279][ T4421] ? hfsplus_ext_write_extent+0x200/0x200 [ 96.719190][ T4421] ? create_empty_buffers+0x59e/0x7a0 [ 96.724694][ T4421] ? verify_lock_unused+0x140/0x140 [ 96.729927][ T4421] ? do_raw_spin_unlock+0x11d/0x230 [ 96.735232][ T4421] ? create_page_buffers+0x24f/0x4a0 [ 96.740545][ T4421] block_read_full_folio+0x3c9/0xed0 [ 96.745941][ T4421] ? _raw_spin_unlock_irq+0x1f/0x40 [ 96.751184][ T4421] ? hfsplus_ext_write_extent+0x200/0x200 [ 96.757022][ T4421] ? block_is_partially_uptodate+0x5f0/0x5f0 [ 96.763402][ T4421] ? __lock_acquire+0x7c50/0x7c50 [ 96.768450][ T4421] ? folio_put+0xd0/0xd0 [ 96.772877][ T4421] ? filemap_alloc_folio+0xdb/0x460 [ 96.778096][ T4421] filemap_read_folio+0x160/0x760 [ 96.783258][ T4421] ? folio_batch_add_and_move+0x14a/0x250 [ 96.788990][ T4421] ? hfsplus_writepage+0x30/0x30 [ 96.793956][ T4421] ? maybe_unlock_mmap_for_io+0x140/0x140 [ 96.800067][ T4421] ? hfsplus_block_free+0xbf/0x4b0 [ 96.805288][ T4421] do_read_cache_folio+0x2a0/0x760 [ 96.810509][ T4421] ? hfsplus_writepage+0x30/0x30 [ 96.815515][ T4421] do_read_cache_page+0x32/0x220 [ 96.820573][ T4421] hfsplus_block_free+0x128/0x4b0 [ 96.825616][ T4421] ? hfsplus_find_init+0x85/0x1c0 [ 96.830693][ T4421] hfsplus_free_extents+0x176/0xac0 [ 96.836114][ T4421] hfsplus_file_truncate+0x731/0xb30 [ 96.841593][ T4421] ? hfsplus_add_extent+0x890/0x890 [ 96.846799][ T4421] ? __up_read+0x27c/0x660 [ 96.851237][ T4421] ? unmap_mapping_range+0x91/0x100 [ 96.856490][ T4421] hfsplus_setattr+0x1c0/0x280 [ 96.861276][ T4421] ? hfsplus_fileattr_set+0x330/0x330 [ 96.866665][ T4421] notify_change+0xc74/0xf40 [ 96.871359][ T4421] do_truncate+0x197/0x220 [ 96.875893][ T4421] ? aa_get_current_label+0x110/0x1d0 [ 96.881311][ T4421] ? put_page_bootmem+0x2c0/0x2c0 [ 96.886398][ T4421] ? ima_bprm_check+0x1f0/0x1f0 [ 96.891368][ T4421] ? bpf_lsm_path_truncate+0x5/0x10 [ 96.896589][ T4421] path_openat+0x27f2/0x2e70 [ 96.901206][ T4421] ? do_filp_open+0x3c0/0x3c0 [ 96.905900][ T4421] do_filp_open+0x1c1/0x3c0 [ 96.910412][ T4421] ? vfs_tmpfile+0x480/0x480 [ 96.915112][ T4421] ? _raw_spin_unlock+0x24/0x40 [ 96.919983][ T4421] ? alloc_fd+0x58f/0x630 [ 96.924329][ T4421] do_sys_openat2+0x142/0x490 [ 96.929025][ T4421] ? __se_sys_futex+0x14a/0x440 [ 96.933894][ T4421] ? do_sys_open+0xe0/0xe0 [ 96.938427][ T4421] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 96.944461][ T4421] ? lock_chain_count+0x20/0x20 [ 96.949362][ T4421] __x64_sys_creat+0x8c/0xb0 [ 96.954166][ T4421] do_syscall_64+0x4c/0xa0 [ 96.958614][ T4421] ? clear_bhb_loop+0x60/0xb0 [ 96.963302][ T4421] ? clear_bhb_loop+0x60/0xb0 [ 96.967989][ T4421] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 96.973899][ T4421] RIP: 0033:0x7f9ff478ebe9 [ 96.978337][ T4421] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 96.997983][ T4421] RSP: 002b:00007ffc80555ba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000055 [ 97.006676][ T4421] RAX: ffffffffffffffda RBX: 00007f9ff49b5fa0 RCX: 00007f9ff478ebe9 [ 97.014658][ T4421] RDX: 0000000000000000 RSI: 0000000000000121 RDI: 0000200000000f00 [ 97.022691][ T4421] RBP: 00007f9ff4811e19 R08: 0000000000000000 R09: 0000000000000000 [ 97.030776][ T4421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 97.039126][ T4421] R13: 00007f9ff49b5fa0 R14: 00007f9ff49b5fa0 R15: 0000000000000002 [ 97.047115][ T4421] [ 97.050659][ T4359] Bluetooth: hci0: command 0x040f tx timeout [ 97.069019][ T4421] hfsplus: unable to mark blocks free: error -5 [ 97.078190][ T4421] hfsplus: can't free extent [ 97.098185][ T4308] hfsplus: b-tree write err: -5, ino 4