Warning: Permanently added '10.128.0.66' (ED25519) to the list of known hosts. 2025/11/07 09:13:47 parsed 1 programs [ 100.068028][ T4281] cgroup: Unknown subsys name 'net' [ 100.202993][ T4281] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 101.706920][ T4281] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 103.947280][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.955347][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.973497][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 103.983750][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.991828][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.999974][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 105.014616][ T4334] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 105.023213][ T4334] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 105.030727][ T4334] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 105.039813][ T4334] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 105.056788][ T4336] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 105.064217][ T4336] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 105.954850][ T4352] chnl_net:caif_netlink_parms(): no params data found [ 106.003031][ T4352] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.010703][ T4352] bridge0: port 1(bridge_slave_0) entered disabled state [ 106.021471][ T4352] device bridge_slave_0 entered promiscuous mode [ 106.030461][ T4352] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.037787][ T4352] bridge0: port 2(bridge_slave_1) entered disabled state [ 106.045914][ T4352] device bridge_slave_1 entered promiscuous mode [ 106.121350][ T4352] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 106.137523][ T4352] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 106.161112][ T4352] team0: Port device team_slave_0 added [ 106.168526][ T4352] team0: Port device team_slave_1 added [ 106.188412][ T4352] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.195446][ T4352] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.221588][ T4352] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.234289][ T4352] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.241734][ T4352] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.267701][ T4352] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.299142][ T4352] device hsr_slave_0 entered promiscuous mode [ 106.306842][ T4352] device hsr_slave_1 entered promiscuous mode [ 106.398365][ T4352] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 106.408649][ T4352] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 106.418212][ T4352] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 106.427454][ T4352] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 106.463863][ T4352] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.471084][ T4352] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.479114][ T4352] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.486221][ T4352] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.543821][ T4352] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.558220][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 106.567882][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 106.576703][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 106.600783][ T4352] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.610855][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 106.619807][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 106.628453][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.635567][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.656927][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 106.665479][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 106.674082][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.681286][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.692087][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 106.704397][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 106.715513][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 106.724612][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 106.735720][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 106.760244][ T4352] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 106.771454][ T4352] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 106.783061][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 106.792455][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 106.801733][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 106.811245][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 106.820097][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 106.828776][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 106.858508][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 107.021335][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 107.028970][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 107.050456][ T4352] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 107.068195][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 107.077203][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 107.094705][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 107.103269][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 107.112382][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 107.120240][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 107.142171][ T4352] device veth0_vlan entered promiscuous mode [ 107.153382][ T4352] device veth1_vlan entered promiscuous mode [ 107.172240][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 107.180463][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 107.188624][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 107.197877][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 107.208936][ T4352] device veth0_macvtap entered promiscuous mode [ 107.223830][ T4352] device veth1_macvtap entered promiscuous mode [ 107.240622][ T4352] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 107.249269][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 107.257876][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 107.265688][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 107.274356][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 107.286500][ T4352] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 107.294795][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 107.304138][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 107.315129][ T4352] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.324349][ T4352] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.333339][ T4352] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.342928][ T4352] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.542379][ T34] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 2025/11/07 09:13:57 executed programs: 0 [ 107.872283][ T48] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 107.880300][ T48] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 107.889354][ T48] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 107.899095][ T4334] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 107.906908][ T4334] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 107.914118][ T4334] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 108.039774][ T4382] chnl_net:caif_netlink_parms(): no params data found [ 108.090523][ T4382] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.097873][ T4382] bridge0: port 1(bridge_slave_0) entered disabled state [ 108.105612][ T4382] device bridge_slave_0 entered promiscuous mode [ 108.114294][ T4382] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.121676][ T4382] bridge0: port 2(bridge_slave_1) entered disabled state [ 108.129604][ T4382] device bridge_slave_1 entered promiscuous mode [ 108.154878][ T4382] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 108.165705][ T4382] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 108.191115][ T4382] team0: Port device team_slave_0 added [ 108.198324][ T4382] team0: Port device team_slave_1 added [ 108.218434][ T4382] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 108.225399][ T4382] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 108.251388][ T4382] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 108.263404][ T4382] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 108.271005][ T4382] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 108.297567][ T4382] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 108.336061][ T4382] device hsr_slave_0 entered promiscuous mode [ 108.342844][ T4382] device hsr_slave_1 entered promiscuous mode [ 108.349648][ T4382] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 108.357814][ T4382] Cannot create hsr debugfs directory [ 109.806451][ T34] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.976775][ T4336] Bluetooth: hci0: command 0x0409 tx timeout [ 112.056687][ T4334] Bluetooth: hci0: command 0x041b tx timeout [ 112.058467][ T34] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 112.127235][ T34] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 112.954595][ T34] device hsr_slave_0 left promiscuous mode [ 112.963534][ T34] device hsr_slave_1 left promiscuous mode [ 112.972413][ T34] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 112.982093][ T34] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 112.990712][ T34] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 113.000479][ T34] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 113.008968][ T34] device bridge_slave_1 left promiscuous mode [ 113.015954][ T34] bridge0: port 2(bridge_slave_1) entered disabled state [ 113.030897][ T34] device bridge_slave_0 left promiscuous mode [ 113.037205][ T34] bridge0: port 1(bridge_slave_0) entered disabled state [ 113.068223][ T34] device veth1_macvtap left promiscuous mode [ 113.074571][ T34] device veth0_macvtap left promiscuous mode [ 113.081267][ T34] device veth1_vlan left promiscuous mode [ 113.089390][ T34] device veth0_vlan left promiscuous mode [ 113.430869][ T34] team0 (unregistering): Port device team_slave_1 removed [ 113.457157][ T34] team0 (unregistering): Port device team_slave_0 removed [ 113.485427][ T34] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 113.513990][ T34] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 113.762735][ T34] bond0 (unregistering): Released all slaves [ 113.846179][ T4382] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 113.855395][ T4382] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 113.864398][ T4382] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 113.873151][ T4382] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 113.942148][ T4382] 8021q: adding VLAN 0 to HW filter on device bond0 [ 113.968919][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 113.976834][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 113.987166][ T4382] 8021q: adding VLAN 0 to HW filter on device team0 [ 113.996503][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 114.005089][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 114.014302][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 114.021459][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 114.030001][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 114.044843][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 114.055663][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 114.065629][ T4428] bridge0: port 2(bridge_slave_1) entered blocking state [ 114.072764][ T4428] bridge0: port 2(bridge_slave_1) entered forwarding state [ 114.083418][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 114.096149][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 114.112511][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 114.122227][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 114.131677][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 114.139155][ T4334] Bluetooth: hci0: command 0x040f tx timeout [ 114.149069][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 114.158015][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 114.174244][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 114.182801][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 114.200771][ T4382] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 114.212008][ T4382] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 114.226577][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 114.235126][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 114.413879][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 114.422771][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 114.434764][ T4382] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 114.453473][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 114.462088][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 114.483849][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 114.492220][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 114.501012][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 114.509855][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 114.520091][ T4382] device veth0_vlan entered promiscuous mode [ 114.533357][ T4382] device veth1_vlan entered promiscuous mode [ 114.551415][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 114.559821][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 114.568965][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 114.577472][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 114.587766][ T4382] device veth0_macvtap entered promiscuous mode [ 114.597828][ T4382] device veth1_macvtap entered promiscuous mode [ 114.616756][ T4382] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 114.624180][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 114.633735][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 114.641758][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 114.650417][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 114.661265][ T4382] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 114.671661][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 114.680354][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 114.690920][ T4382] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.700509][ T4382] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.709739][ T4382] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.718593][ T4382] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.768714][ T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.777718][ T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.792207][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 114.810906][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.818978][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.828841][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 114.883708][ T4439] loop0: detected capacity change from 0 to 512 [ 114.923481][ T4439] [ 114.925855][ T4439] ====================================================== [ 114.932932][ T4439] WARNING: possible circular locking dependency detected [ 114.939967][ T4439] syzkaller #0 Not tainted [ 114.944392][ T4439] ------------------------------------------------------ [ 114.951430][ T4439] syz.0.17/4439 is trying to acquire lock: [ 114.957255][ T4439] ffff888027172b98 (&sbi->s_writepages_rwsem){.+.+}-{0:0}, at: ext4_writepages+0x1c0/0x2e50 [ 114.967425][ T4439] [ 114.967425][ T4439] but task is already holding lock: [ 114.974807][ T4439] ffff88806e319ee0 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3fe/0x770 [ 114.984689][ T4439] [ 114.984689][ T4439] which lock already depends on the new lock. [ 114.984689][ T4439] [ 114.995097][ T4439] [ 114.995097][ T4439] the existing dependency chain (in reverse order) is: [ 115.004108][ T4439] [ 115.004108][ T4439] -> #2 (&ei->xattr_sem){++++}-{3:3}: [ 115.011663][ T4439] down_read+0x42/0x2d0 [ 115.016357][ T4439] ext4_setattr+0x92a/0x19f0 [ 115.021493][ T4439] notify_change+0xc74/0xf40 [ 115.027044][ T4439] chown_common+0x486/0x620 [ 115.032073][ T4439] do_fchownat+0x164/0x270 [ 115.037012][ T4439] __x64_sys_chown+0x7e/0x90 [ 115.042120][ T4439] do_syscall_64+0x4c/0xa0 [ 115.047062][ T4439] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 115.053504][ T4439] [ 115.053504][ T4439] -> #1 (jbd2_handle){++++}-{0:0}: [ 115.060805][ T4439] start_this_handle+0x1f49/0x2150 [ 115.066449][ T4439] jbd2__journal_start+0x2b7/0x5a0 [ 115.072098][ T4439] __ext4_journal_start_sb+0x187/0x3d0 [ 115.078096][ T4439] ext4_writepages+0xde7/0x2e50 [ 115.083473][ T4439] do_writepages+0x3b7/0x610 [ 115.088602][ T4439] __writeback_single_inode+0x156/0x1160 [ 115.094784][ T4439] writeback_sb_inodes+0xad8/0x17d0 [ 115.100520][ T4439] __writeback_inodes_wb+0x12a/0x3f0 [ 115.106348][ T4439] wb_writeback+0x47a/0xd00 [ 115.111390][ T4439] wb_workfn+0xb66/0xec0 [ 115.116196][ T4439] process_one_work+0x898/0x1160 [ 115.121671][ T4439] worker_thread+0xaa2/0x1250 [ 115.126881][ T4439] kthread+0x29d/0x330 [ 115.131487][ T4439] ret_from_fork+0x1f/0x30 [ 115.136439][ T4439] [ 115.136439][ T4439] -> #0 (&sbi->s_writepages_rwsem){.+.+}-{0:0}: [ 115.144903][ T4439] __lock_acquire+0x2cf8/0x7c50 [ 115.150290][ T4439] lock_acquire+0x1b4/0x490 [ 115.155321][ T4439] percpu_down_read+0x44/0x1a0 [ 115.160613][ T4439] ext4_writepages+0x1c0/0x2e50 [ 115.166078][ T4439] do_writepages+0x3b7/0x610 [ 115.171203][ T4439] __writeback_single_inode+0x156/0x1160 [ 115.177370][ T4439] writeback_single_inode+0x221/0x8b0 [ 115.183280][ T4439] write_inode_now+0x15d/0x1d0 [ 115.188576][ T4439] iput+0x613/0x980 [ 115.192943][ T4439] ext4_xattr_block_set+0x2736/0x32a0 [ 115.198845][ T4439] ext4_expand_extra_isize_ea+0x109b/0x19b0 [ 115.205272][ T4439] __ext4_expand_extra_isize+0x301/0x3e0 [ 115.211423][ T4439] __ext4_mark_inode_dirty+0x47f/0x770 [ 115.217436][ T4439] ext4_evict_inode+0xa73/0x1100 [ 115.222913][ T4439] evict+0x485/0x870 [ 115.227337][ T4439] ext4_orphan_cleanup+0xbd3/0x1400 [ 115.233095][ T4439] ext4_fill_super+0x7bdf/0x8150 [ 115.238564][ T4439] get_tree_bdev+0x3f1/0x610 [ 115.243692][ T4439] vfs_get_tree+0x88/0x270 [ 115.248657][ T4439] do_new_mount+0x24a/0xa40 [ 115.253685][ T4439] __se_sys_mount+0x2d6/0x3c0 [ 115.258894][ T4439] do_syscall_64+0x4c/0xa0 [ 115.263838][ T4439] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 115.270266][ T4439] [ 115.270266][ T4439] other info that might help us debug this: [ 115.270266][ T4439] [ 115.280498][ T4439] Chain exists of: [ 115.280498][ T4439] &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem [ 115.280498][ T4439] [ 115.293888][ T4439] Possible unsafe locking scenario: [ 115.293888][ T4439] [ 115.301333][ T4439] CPU0 CPU1 [ 115.306701][ T4439] ---- ---- [ 115.312072][ T4439] lock(&ei->xattr_sem); [ 115.316420][ T4439] lock(jbd2_handle); [ 115.323030][ T4439] lock(&ei->xattr_sem); [ 115.329882][ T4439] lock(&sbi->s_writepages_rwsem); [ 115.335079][ T4439] [ 115.335079][ T4439] *** DEADLOCK *** [ 115.335079][ T4439] [ 115.343221][ T4439] 3 locks held by syz.0.17/4439: [ 115.348159][ T4439] #0: ffff8880271700e0 (&type->s_umount_key#27/1){+.+.}-{3:3}, at: alloc_super+0x1fa/0x930 [ 115.358554][ T4439] #1: ffff888027170650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x436/0x1100 [ 115.368074][ T4439] #2: ffff88806e319ee0 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3fe/0x770 [ 115.378376][ T4439] [ 115.378376][ T4439] stack backtrace: [ 115.384286][ T4439] CPU: 1 PID: 4439 Comm: syz.0.17 Not tainted syzkaller #0 [ 115.391484][ T4439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 115.401543][ T4439] Call Trace: [ 115.404827][ T4439] [ 115.407768][ T4439] dump_stack_lvl+0x168/0x22e [ 115.412456][ T4439] ? load_image+0x3b0/0x3b0 [ 115.416970][ T4439] ? show_regs_print_info+0x12/0x12 [ 115.422181][ T4439] ? print_circular_bug+0x12b/0x1a0 [ 115.427425][ T4439] check_noncircular+0x274/0x310 [ 115.432376][ T4439] ? add_chain_block+0x940/0x940 [ 115.437353][ T4439] ? lockdep_lock+0xdc/0x1e0 [ 115.441990][ T4439] ? verify_lock_unused+0x140/0x140 [ 115.447200][ T4439] ? _find_first_zero_bit+0xcf/0x100 [ 115.452500][ T4439] __lock_acquire+0x2cf8/0x7c50 [ 115.457372][ T4439] ? verify_lock_unused+0x140/0x140 [ 115.462578][ T4439] ? mark_lock+0x94/0x320 [ 115.466921][ T4439] ? __lock_acquire+0x13c0/0x7c50 [ 115.471965][ T4439] lock_acquire+0x1b4/0x490 [ 115.476478][ T4439] ? ext4_writepages+0x1c0/0x2e50 [ 115.481508][ T4439] ? __might_sleep+0xd0/0xd0 [ 115.486109][ T4439] ? read_lock_is_recursive+0x10/0x10 [ 115.491516][ T4439] ? __lock_acquire+0x12e5/0x7c50 [ 115.496550][ T4439] ? mark_lock+0x94/0x320 [ 115.500890][ T4439] percpu_down_read+0x44/0x1a0 [ 115.505657][ T4439] ? ext4_writepages+0x1c0/0x2e50 [ 115.510680][ T4439] ext4_writepages+0x1c0/0x2e50 [ 115.515528][ T4439] ? __lock_acquire+0x13c0/0x7c50 [ 115.520567][ T4439] ? verify_lock_unused+0x140/0x140 [ 115.525812][ T4439] ? mark_lock+0x94/0x320 [ 115.530183][ T4439] ? ext4_read_folio+0x370/0x370 [ 115.535136][ T4439] ? __lock_acquire+0x13c0/0x7c50 [ 115.540176][ T4439] ? __lock_acquire+0x7c50/0x7c50 [ 115.545206][ T4439] ? do_raw_spin_lock+0x11d/0x280 [ 115.550260][ T4439] ? do_raw_spin_unlock+0x11d/0x230 [ 115.555466][ T4439] ? ext4_read_folio+0x370/0x370 [ 115.560411][ T4439] do_writepages+0x3b7/0x610 [ 115.565010][ T4439] ? __writepage+0x130/0x130 [ 115.569600][ T4439] ? writeback_single_inode+0x216/0x8b0 [ 115.575147][ T4439] ? __lock_acquire+0x7c50/0x7c50 [ 115.580179][ T4439] ? do_raw_spin_lock+0x11d/0x280 [ 115.585209][ T4439] ? __ext4_expand_extra_isize+0x301/0x3e0 [ 115.591015][ T4439] __writeback_single_inode+0x156/0x1160 [ 115.596671][ T4439] writeback_single_inode+0x221/0x8b0 [ 115.602059][ T4439] ? write_inode_now+0x1d0/0x1d0 [ 115.607023][ T4439] write_inode_now+0x15d/0x1d0 [ 115.611791][ T4439] ? bdi_split_work_to_wbs+0x890/0x890 [ 115.617256][ T4439] ? rcu_is_watching+0x11/0xa0 [ 115.622031][ T4439] ? do_raw_spin_unlock+0x11d/0x230 [ 115.627248][ T4439] iput+0x613/0x980 [ 115.631065][ T4439] ext4_xattr_block_set+0x2736/0x32a0 [ 115.636444][ T4439] ? __might_sleep+0xd0/0xd0 [ 115.641048][ T4439] ? xattr_find_entry+0x12b/0x2f0 [ 115.646084][ T4439] ? ext4_xattr_block_find+0x2b0/0x2b0 [ 115.651558][ T4439] ? ext4_xattr_block_find+0x241/0x2b0 [ 115.657049][ T4439] ext4_expand_extra_isize_ea+0x109b/0x19b0 [ 115.662954][ T4439] __ext4_expand_extra_isize+0x301/0x3e0 [ 115.668641][ T4439] __ext4_mark_inode_dirty+0x47f/0x770 [ 115.674117][ T4439] ext4_evict_inode+0xa73/0x1100 [ 115.679063][ T4439] ? _raw_spin_unlock+0x24/0x40 [ 115.684065][ T4439] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 115.689991][ T4439] ? do_raw_spin_unlock+0x11d/0x230 [ 115.695214][ T4439] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 115.701138][ T4439] evict+0x485/0x870 [ 115.705041][ T4439] ? __lock_acquire+0x7c50/0x7c50 [ 115.710074][ T4439] ? proc_nr_inodes+0x2f0/0x2f0 [ 115.714941][ T4439] ? do_raw_spin_unlock+0x11d/0x230 [ 115.720148][ T4439] ? _raw_spin_unlock+0x24/0x40 [ 115.725093][ T4439] ? iput+0x768/0x980 [ 115.729084][ T4439] ext4_orphan_cleanup+0xbd3/0x1400 [ 115.734298][ T4439] ? ext4_orphan_del+0xb90/0xb90 [ 115.739248][ T4439] ? errseq_check_and_advance+0x62/0x120 [ 115.744889][ T4439] ext4_fill_super+0x7bdf/0x8150 [ 115.749831][ T4439] ? bdev_name+0x2c1/0x3f0 [ 115.754317][ T4439] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 115.760582][ T4439] ? snprintf+0xd7/0x120 [ 115.764836][ T4439] ? preempt_count_add+0x8d/0x190 [ 115.769884][ T4439] ? vscnprintf+0x80/0x80 [ 115.774230][ T4439] ? set_blocksize+0x1d3/0x350 [ 115.779038][ T4439] ? sb_set_blocksize+0xa5/0xe0 [ 115.783911][ T4439] get_tree_bdev+0x3f1/0x610 [ 115.788519][ T4439] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 115.794807][ T4439] vfs_get_tree+0x88/0x270 [ 115.799264][ T4439] do_new_mount+0x24a/0xa40 [ 115.803833][ T4439] __se_sys_mount+0x2d6/0x3c0 [ 115.808535][ T4439] ? __x64_sys_mount+0xc0/0xc0 [ 115.813323][ T4439] ? lockdep_hardirqs_on+0x94/0x140 [ 115.818538][ T4439] ? __x64_sys_mount+0x1c/0xc0 [ 115.823313][ T4439] do_syscall_64+0x4c/0xa0 [ 115.827751][ T4439] ? clear_bhb_loop+0x60/0xb0 [ 115.832434][ T4439] ? clear_bhb_loop+0x60/0xb0 [ 115.837114][ T4439] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 115.843008][ T4439] RIP: 0033:0x7f7eb9190e6a [ 115.847435][ T4439] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 115.867069][ T4439] RSP: 002b:00007ffc0b57cad8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 115.875488][ T4439] RAX: ffffffffffffffda RBX: 00007ffc0b57cb60 RCX: 00007f7eb9190e6a [ 115.883696][ T4439] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007ffc0b57cb20 [ 115.891677][ T4439] RBP: 0000200000000180 R08: 00007ffc0b57cb60 R09: 0000000000800700 [ 115.899651][ T4439] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 115.907627][ T4439] R13: 00007ffc0b57cb20 R14: 000000000000046f R15: 000000000000002c [ 115.915610][ T4439] [ 115.927338][ T4439] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 115.945282][ T4439] EXT4-fs (loop0): Remounting filesystem read-only [ 115.955239][ T4439] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 11 err=-117 [ 115.967971][ T4439] EXT4-fs (loop0): Remounting filesystem read-only [ 115.974598][ T4439] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2819: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 115.987876][ T4439] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 116.001794][ T4439] EXT4-fs (loop0): Remounting filesystem read-only [ 116.008502][ T4439] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 11 err=-117 [ 116.020877][ T4439] EXT4-fs (loop0): Remounting filesystem read-only [ 116.027551][ T4439] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #18: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 116.041153][ T4439] EXT4-fs (loop0): Remounting filesystem read-only [ 116.047753][ T4439] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 18 err=-117 [ 116.060173][ T4439] EXT4-fs (loop0): Remounting filesystem read-only [ 116.067769][ T4439] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #18: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 116.081748][ T4439] EXT4-fs (loop0): Remounting filesystem read-only [ 116.088389][ T4439] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 18 err=-117 [ 116.100940][ T4439] EXT4-fs (loop0): Remounting filesystem read-only [ 116.107748][ T4439] EXT4-fs (loop0): 1 orphan inode deleted [ 116.113505][ T4439] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 116.147245][ T4382] EXT4-fs (loop0): unmounting filesystem.