Warning: Permanently added '10.128.1.146' (ED25519) to the list of known hosts. 2025/11/26 11:25:38 parsed 1 programs [ 64.957905][ T4189] cgroup: Unknown subsys name 'net' [ 65.100386][ T4189] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 66.526014][ T4189] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 69.020545][ T4233] chnl_net:caif_netlink_parms(): no params data found [ 69.086904][ T4233] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.095922][ T4233] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.104296][ T4233] device bridge_slave_0 entered promiscuous mode [ 69.115644][ T4233] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.122974][ T4233] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.132990][ T4233] device bridge_slave_1 entered promiscuous mode [ 69.164130][ T4233] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.175761][ T4233] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.219261][ T4233] team0: Port device team_slave_0 added [ 69.228723][ T4233] team0: Port device team_slave_1 added [ 69.254623][ T4233] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.261887][ T4233] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.287931][ T4233] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.301173][ T4233] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.308135][ T4233] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.334093][ T4233] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.374638][ T4233] device hsr_slave_0 entered promiscuous mode [ 69.382898][ T4233] device hsr_slave_1 entered promiscuous mode [ 69.519424][ T4233] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 69.531518][ T4233] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 69.542211][ T4233] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 69.552816][ T4233] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 69.585873][ T4233] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.593178][ T4233] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.601399][ T4233] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.608502][ T4233] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.619346][ T154] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.628906][ T154] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.685342][ T4233] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.698735][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 69.712440][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 69.723776][ T4233] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.735880][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 69.745933][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 69.755662][ T154] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.762894][ T154] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.790939][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 69.802640][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 69.812225][ T1524] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.819363][ T1524] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.827518][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 69.836854][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 69.846677][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 69.856785][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 69.865408][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 69.874120][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 69.883460][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 69.897746][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 69.906469][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 69.917385][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 69.926149][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 69.940150][ T4233] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 70.080527][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 70.088624][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 70.112210][ T4233] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.135994][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 70.144981][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 70.163337][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 70.172100][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 70.181503][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 70.189262][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 70.200649][ T4233] device veth0_vlan entered promiscuous mode [ 70.211818][ T4233] device veth1_vlan entered promiscuous mode [ 70.231600][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 70.240021][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 70.248012][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 70.256822][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 70.268116][ T4233] device veth0_macvtap entered promiscuous mode [ 70.278689][ T4233] device veth1_macvtap entered promiscuous mode [ 70.294623][ T4233] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 70.302874][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 70.311387][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 70.319300][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 70.329340][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 70.358157][ T4233] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 70.365618][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 70.375078][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 70.385962][ T4233] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.396685][ T4233] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.405956][ T4233] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.415174][ T4233] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.516561][ T4233] syz-executor (4233) used greatest stack depth: 19968 bytes left [ 71.283753][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.290693][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.431750][ T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.457596][ T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.478164][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 71.498298][ T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.508684][ T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.522224][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 2025/11/26 11:25:47 executed programs: 0 [ 72.331990][ T4292] chnl_net:caif_netlink_parms(): no params data found [ 72.395089][ T4292] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.402318][ T4292] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.410477][ T4292] device bridge_slave_0 entered promiscuous mode [ 72.418607][ T4292] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.425918][ T4292] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.434469][ T4292] device bridge_slave_1 entered promiscuous mode [ 72.458041][ T4292] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 72.471960][ T4292] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 72.497725][ T4292] team0: Port device team_slave_0 added [ 72.505602][ T4292] team0: Port device team_slave_1 added [ 72.536896][ T4292] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.545402][ T4292] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.573318][ T4292] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.585945][ T4292] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.592981][ T4292] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.619396][ T4292] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.660377][ T4292] device hsr_slave_0 entered promiscuous mode [ 72.667273][ T4292] device hsr_slave_1 entered promiscuous mode [ 72.674413][ T4292] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 72.684328][ T4292] Cannot create hsr debugfs directory [ 72.776333][ T4292] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.230565][ T4258] Bluetooth: hci0: command 0x0409 tx timeout [ 75.917303][ T4292] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.956821][ T4292] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.066747][ T4292] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.284705][ T4292] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 76.294983][ T4292] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 76.305829][ T4292] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 76.313152][ T1325] Bluetooth: hci0: command 0x041b tx timeout [ 76.324809][ T4292] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 76.413568][ T4292] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.439364][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 76.447362][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 76.458195][ T4292] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.467771][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 76.478672][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 76.487696][ T144] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.494824][ T144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.526010][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 76.534474][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 76.543807][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 76.552675][ T144] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.559916][ T144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.569270][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 76.584734][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 76.601178][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 76.611311][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 76.632856][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 76.642074][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 76.652305][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 76.664041][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 76.673298][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 76.702381][ T9] device hsr_slave_0 left promiscuous mode [ 76.709032][ T9] device hsr_slave_1 left promiscuous mode [ 76.716146][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 76.724300][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 76.733171][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 76.740786][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 76.748441][ T9] device bridge_slave_1 left promiscuous mode [ 76.755749][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 76.769180][ T9] device bridge_slave_0 left promiscuous mode [ 76.775761][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 76.795545][ T9] device veth1_macvtap left promiscuous mode [ 76.801929][ T9] device veth0_macvtap left promiscuous mode [ 76.807974][ T9] device veth1_vlan left promiscuous mode [ 76.814335][ T9] device veth0_vlan left promiscuous mode [ 76.980646][ T9] team0 (unregistering): Port device team_slave_1 removed [ 76.994736][ T9] team0 (unregistering): Port device team_slave_0 removed [ 77.008428][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 77.023584][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 77.079898][ T9] bond0 (unregistering): Released all slaves [ 77.173801][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 77.182458][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 77.193623][ T4292] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 77.304588][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 77.312529][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 77.328505][ T4292] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 77.346588][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 77.357273][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 77.387938][ T4292] device veth0_vlan entered promiscuous mode [ 77.395254][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 77.404082][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 77.414433][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 77.422695][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 77.436195][ T4292] device veth1_vlan entered promiscuous mode [ 77.456531][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 77.466083][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 77.476722][ T4292] device veth0_macvtap entered promiscuous mode [ 77.495258][ T4292] device veth1_macvtap entered promiscuous mode [ 77.512152][ T4292] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 77.519475][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 77.529354][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 77.538427][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 77.548536][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 77.561354][ T4292] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.568678][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 77.582826][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 77.594350][ T4292] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.604117][ T4292] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.613311][ T4292] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.622364][ T4292] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.686295][ T1524] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.706356][ T1524] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.714496][ T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.718598][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 77.732887][ T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.746772][ T1524] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 77.810576][ T4313] loop0: detected capacity change from 0 to 512 [ 77.871544][ T4313] ======================================================= [ 77.871544][ T4313] WARNING: The mand mount option has been deprecated and [ 77.871544][ T4313] and is ignored by this kernel. Remove the mand [ 77.871544][ T4313] option from the mount to silence this warning. [ 77.871544][ T4313] ======================================================= [ 77.984821][ T4313] [ 77.987202][ T4313] ====================================================== [ 77.994251][ T4313] WARNING: possible circular locking dependency detected [ 78.001391][ T4313] syzkaller #0 Not tainted [ 78.005819][ T4313] ------------------------------------------------------ [ 78.012846][ T4313] syz.0.17/4313 is trying to acquire lock: [ 78.018657][ T4313] ffff88807693abd8 (&sbi->s_writepages_rwsem){.+.+}-{0:0}, at: ext4_writepages+0x1c0/0x2d20 [ 78.028791][ T4313] [ 78.028791][ T4313] but task is already holding lock: [ 78.036167][ T4313] ffff88806fa6a8a8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3e8/0x700 [ 78.046024][ T4313] [ 78.046024][ T4313] which lock already depends on the new lock. [ 78.046024][ T4313] [ 78.056433][ T4313] [ 78.056433][ T4313] the existing dependency chain (in reverse order) is: [ 78.065454][ T4313] [ 78.065454][ T4313] -> #2 (&ei->xattr_sem){++++}-{3:3}: [ 78.073033][ T4313] down_read+0x44/0x2e0 [ 78.077732][ T4313] ext4_setattr+0x71d/0x19e0 [ 78.082855][ T4313] notify_change+0xbcd/0xee0 [ 78.087985][ T4313] chown_common+0x483/0x610 [ 78.093021][ T4313] do_fchownat+0x164/0x270 [ 78.097976][ T4313] __x64_sys_chown+0x7e/0x90 [ 78.103102][ T4313] do_syscall_64+0x4c/0xa0 [ 78.108054][ T4313] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 78.114481][ T4313] [ 78.114481][ T4313] -> #1 (jbd2_handle){++++}-{0:0}: [ 78.121792][ T4313] start_this_handle+0x1338/0x15a0 [ 78.127441][ T4313] jbd2__journal_start+0x2b7/0x5a0 [ 78.133087][ T4313] __ext4_journal_start_sb+0x167/0x360 [ 78.139084][ T4313] ext4_writepages+0xdc2/0x2d20 [ 78.144468][ T4313] do_writepages+0x48d/0x6d0 [ 78.149593][ T4313] filemap_fdatawrite_wbc+0x1eb/0x240 [ 78.155500][ T4313] file_write_and_wait_range+0x129/0x1e0 [ 78.161679][ T4313] ext4_sync_file+0x1ff/0xae0 [ 78.166891][ T4313] __x64_sys_fsync+0x1a5/0x1e0 [ 78.172187][ T4313] do_syscall_64+0x4c/0xa0 [ 78.177137][ T4313] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 78.183559][ T4313] [ 78.183559][ T4313] -> #0 (&sbi->s_writepages_rwsem){.+.+}-{0:0}: [ 78.192000][ T4313] __lock_acquire+0x2c33/0x7c60 [ 78.197389][ T4313] lock_acquire+0x197/0x3f0 [ 78.202427][ T4313] percpu_down_read+0x46/0x1b0 [ 78.207726][ T4313] ext4_writepages+0x1c0/0x2d20 [ 78.213104][ T4313] do_writepages+0x48d/0x6d0 [ 78.218229][ T4313] __writeback_single_inode+0x153/0xda0 [ 78.224307][ T4313] writeback_single_inode+0x221/0x8b0 [ 78.230202][ T4313] write_inode_now+0x217/0x280 [ 78.235488][ T4313] iput+0x5ab/0x8a0 [ 78.239815][ T4313] ext4_xattr_set_entry+0x10ff/0x3d30 [ 78.245708][ T4313] ext4_xattr_block_set+0x4f7/0x2d30 [ 78.251518][ T4313] ext4_expand_extra_isize_ea+0xf4b/0x19a0 [ 78.257845][ T4313] __ext4_expand_extra_isize+0x301/0x3e0 [ 78.264004][ T4313] __ext4_mark_inode_dirty+0x469/0x700 [ 78.269983][ T4313] ext4_evict_inode+0xa81/0x1080 [ 78.275464][ T4313] evict+0x485/0x870 [ 78.279885][ T4313] ext4_orphan_cleanup+0xaa9/0x12e0 [ 78.285606][ T4313] ext4_fill_super+0x92f0/0x9a60 [ 78.291192][ T4313] mount_bdev+0x287/0x3c0 [ 78.296048][ T4313] legacy_get_tree+0xe6/0x180 [ 78.301246][ T4313] vfs_get_tree+0x88/0x270 [ 78.306190][ T4313] do_new_mount+0x24a/0xa40 [ 78.311213][ T4313] __se_sys_mount+0x2d6/0x3c0 [ 78.316418][ T4313] do_syscall_64+0x4c/0xa0 [ 78.321353][ T4313] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 78.327771][ T4313] [ 78.327771][ T4313] other info that might help us debug this: [ 78.327771][ T4313] [ 78.338105][ T4313] Chain exists of: [ 78.338105][ T4313] &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem [ 78.338105][ T4313] [ 78.351572][ T4313] Possible unsafe locking scenario: [ 78.351572][ T4313] [ 78.359131][ T4313] CPU0 CPU1 [ 78.364495][ T4313] ---- ---- [ 78.369857][ T4313] lock(&ei->xattr_sem); [ 78.374312][ T4313] lock(jbd2_handle); [ 78.380902][ T4313] lock(&ei->xattr_sem); [ 78.387747][ T4313] lock(&sbi->s_writepages_rwsem); [ 78.393029][ T4313] [ 78.393029][ T4313] *** DEADLOCK *** [ 78.393029][ T4313] [ 78.401165][ T4313] 3 locks held by syz.0.17/4313: [ 78.406097][ T4313] #0: ffff88807693c0e0 (&type->s_umount_key#28/1){+.+.}-{3:3}, at: alloc_super+0x201/0x950 [ 78.416203][ T4313] #1: ffff88807693c650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x444/0x1080 [ 78.425700][ T4313] #2: ffff88806fa6a8a8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3e8/0x700 [ 78.435967][ T4313] [ 78.435967][ T4313] stack backtrace: [ 78.441859][ T4313] CPU: 0 PID: 4313 Comm: syz.0.17 Not tainted syzkaller #0 [ 78.449064][ T4313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 78.459132][ T4313] Call Trace: [ 78.462499][ T4313] [ 78.465550][ T4313] dump_stack_lvl+0x168/0x230 [ 78.470248][ T4313] ? load_image+0x3b0/0x3b0 [ 78.474870][ T4313] ? show_regs_print_info+0x20/0x20 [ 78.480083][ T4313] ? print_circular_bug+0x12b/0x1a0 [ 78.485386][ T4313] check_noncircular+0x274/0x310 [ 78.490327][ T4313] ? add_chain_block+0x940/0x940 [ 78.495261][ T4313] ? lockdep_lock+0xdc/0x1e0 [ 78.499864][ T4313] ? lockdep_unlock+0x134/0x2d0 [ 78.504723][ T4313] ? mark_lock+0x94/0x320 [ 78.509057][ T4313] __lock_acquire+0x2c33/0x7c60 [ 78.513950][ T4313] ? verify_lock_unused+0x140/0x140 [ 78.519172][ T4313] ? verify_lock_unused+0x140/0x140 [ 78.524373][ T4313] ? mark_lock+0x94/0x320 [ 78.528735][ T4313] lock_acquire+0x197/0x3f0 [ 78.533369][ T4313] ? ext4_writepages+0x1c0/0x2d20 [ 78.538410][ T4313] ? check_path+0x40/0x40 [ 78.542752][ T4313] ? __might_sleep+0xf0/0xf0 [ 78.547356][ T4313] ? read_lock_is_recursive+0x10/0x10 [ 78.552749][ T4313] ? mark_lock+0x94/0x320 [ 78.557343][ T4313] ? __lock_acquire+0x13ad/0x7c60 [ 78.562410][ T4313] percpu_down_read+0x46/0x1b0 [ 78.567282][ T4313] ? ext4_writepages+0x1c0/0x2d20 [ 78.572322][ T4313] ext4_writepages+0x1c0/0x2d20 [ 78.577271][ T4313] ? rcu_is_watching+0x11/0xa0 [ 78.582038][ T4313] ? lock_release+0xba/0x870 [ 78.586631][ T4313] ? rcu_lock_release+0x5/0x20 [ 78.591421][ T4313] ? mark_lock+0x94/0x320 [ 78.595755][ T4313] ? verify_lock_unused+0x140/0x140 [ 78.601042][ T4313] ? mark_lock+0x94/0x320 [ 78.605376][ T4313] ? ext4_readpage+0x2e0/0x2e0 [ 78.610144][ T4313] ? __lock_acquire+0x13ad/0x7c60 [ 78.615175][ T4313] ? rcu_lock_release+0x5/0x20 [ 78.619957][ T4313] ? __lock_acquire+0x7c60/0x7c60 [ 78.625010][ T4313] ? do_raw_spin_lock+0x11d/0x280 [ 78.630040][ T4313] ? _raw_spin_lock_irqsave+0x7f/0xf0 [ 78.635420][ T4313] ? do_raw_spin_unlock+0x11d/0x230 [ 78.640629][ T4313] ? ext4_readpage+0x2e0/0x2e0 [ 78.645398][ T4313] do_writepages+0x48d/0x6d0 [ 78.649998][ T4313] ? __writepage+0x130/0x130 [ 78.654620][ T4313] ? writeback_single_inode+0x216/0x8b0 [ 78.660169][ T4313] ? __lock_acquire+0x7c60/0x7c60 [ 78.665198][ T4313] ? do_raw_spin_lock+0x11d/0x280 [ 78.670228][ T4313] __writeback_single_inode+0x153/0xda0 [ 78.675782][ T4313] writeback_single_inode+0x221/0x8b0 [ 78.681268][ T4313] ? write_inode_now+0x280/0x280 [ 78.686329][ T4313] write_inode_now+0x217/0x280 [ 78.691118][ T4313] ? bdi_split_work_to_wbs+0x820/0x820 [ 78.696608][ T4313] ? do_raw_spin_unlock+0x11d/0x230 [ 78.701811][ T4313] iput+0x5ab/0x8a0 [ 78.705629][ T4313] ext4_xattr_set_entry+0x10ff/0x3d30 [ 78.711018][ T4313] ? ext4_xattr_ibody_set+0x330/0x330 [ 78.716409][ T4313] ? rcu_is_watching+0x11/0xa0 [ 78.721177][ T4313] ? kmem_cache_free+0x14c/0x210 [ 78.726134][ T4313] ? mb_cache_entry_delete_or_get+0x1bd/0x1e0 [ 78.732210][ T4313] ext4_xattr_block_set+0x4f7/0x2d30 [ 78.737503][ T4313] ? do_raw_spin_unlock+0x11d/0x230 [ 78.742711][ T4313] ? __ext4_xattr_check_block+0x7d8/0x8d0 [ 78.748449][ T4313] ? ext4_xattr_block_find+0x500/0x500 [ 78.753939][ T4313] ? ext4_xattr_block_find+0x433/0x500 [ 78.759417][ T4313] ext4_expand_extra_isize_ea+0xf4b/0x19a0 [ 78.765242][ T4313] __ext4_expand_extra_isize+0x301/0x3e0 [ 78.770989][ T4313] __ext4_mark_inode_dirty+0x469/0x700 [ 78.776559][ T4313] ext4_evict_inode+0xa81/0x1080 [ 78.781695][ T4313] ? _raw_spin_unlock+0x24/0x40 [ 78.786576][ T4313] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 78.792480][ T4313] ? do_raw_spin_unlock+0x11d/0x230 [ 78.797695][ T4313] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 78.803629][ T4313] evict+0x485/0x870 [ 78.807640][ T4313] ? __lock_acquire+0x7c60/0x7c60 [ 78.812702][ T4313] ? proc_nr_inodes+0x320/0x320 [ 78.817572][ T4313] ? do_raw_spin_unlock+0x11d/0x230 [ 78.822775][ T4313] ? _raw_spin_unlock+0x24/0x40 [ 78.827632][ T4313] ? iput+0x706/0x8a0 [ 78.831654][ T4313] ext4_orphan_cleanup+0xaa9/0x12e0 [ 78.836877][ T4313] ? ext4_orphan_del+0xb90/0xb90 [ 78.841836][ T4313] ? errseq_check_and_advance+0x62/0x120 [ 78.847480][ T4313] ext4_fill_super+0x92f0/0x9a60 [ 78.852440][ T4313] ? ext4_mount+0x40/0x40 [ 78.856788][ T4313] ? set_blocksize+0x1f1/0x370 [ 78.861646][ T4313] ? sb_set_blocksize+0xa5/0xe0 [ 78.866520][ T4313] mount_bdev+0x287/0x3c0 [ 78.870856][ T4313] ? ext4_mount+0x40/0x40 [ 78.875190][ T4313] legacy_get_tree+0xe6/0x180 [ 78.879994][ T4313] ? ext4_errno_to_code+0x160/0x160 [ 78.885231][ T4313] vfs_get_tree+0x88/0x270 [ 78.889648][ T4313] do_new_mount+0x24a/0xa40 [ 78.894155][ T4313] __se_sys_mount+0x2d6/0x3c0 [ 78.898847][ T4313] ? __x64_sys_mount+0xc0/0xc0 [ 78.903714][ T4313] ? lockdep_hardirqs_on+0x94/0x140 [ 78.908917][ T4313] ? __x64_sys_mount+0x1c/0xc0 [ 78.913772][ T4313] do_syscall_64+0x4c/0xa0 [ 78.918210][ T4313] ? clear_bhb_loop+0x30/0x80 [ 78.922896][ T4313] ? clear_bhb_loop+0x30/0x80 [ 78.927576][ T4313] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 78.933587][ T4313] RIP: 0033:0x7f4194712eea [ 78.938010][ T4313] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 78.957642][ T4313] RSP: 002b:00007ffea14546f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 78.966060][ T4313] RAX: ffffffffffffffda RBX: 00007ffea1454780 RCX: 00007f4194712eea [ 78.974044][ T4313] RDX: 0000200000000180 RSI: 0000200000000080 RDI: 00007ffea1454740 [ 78.982014][ T4313] RBP: 0000200000000180 R08: 00007ffea1454780 R09: 0000000002808340 [ 78.989984][ T4313] R10: 0000000002808340 R11: 0000000000000246 R12: 0000200000000080 [ 78.997975][ T4313] R13: 00007ffea1454740 R14: 000000000000047c R15: 0000200000000640 [ 79.005951][ T4313] [ 79.010817][ T1325] Bluetooth: hci0: command 0x040f tx timeout [ 79.033425][ T4313] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 79.049194][ T4313] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 11 err=-117 [ 79.068504][ T4313] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2826: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 79.091390][ T4313] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 79.105089][ T4313] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 11 err=-117 [ 79.119803][ T4313] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #18: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 79.133817][ T4313] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 18 err=-117 [ 79.146617][ T4313] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #18: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 79.161303][ T4313] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 18 err=-117 [ 79.174121][ T4313] EXT4-fs (loop0): 1 orphan inode deleted [ 79.180698][ T4313] EXT4-fs (loop0): mounted filesystem without journal. Opts: i_version,nobarrier,debug_want_extra_isize=0x000000000000005a,sysvgroups,resgid=0x0000000000000000,acl,init_itable=0x0000000000000003,,errors=continue. Quota mode: none.