Warning: Permanently added '10.128.0.91' (ED25519) to the list of known hosts. 2025/11/07 22:11:37 parsed 1 programs [ 55.015981][ T4185] cgroup: Unknown subsys name 'net' [ 55.126749][ T4185] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 56.380499][ T4185] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 58.042519][ T4215] chnl_net:caif_netlink_parms(): no params data found [ 58.079044][ T4215] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.086523][ T4215] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.095101][ T4215] device bridge_slave_0 entered promiscuous mode [ 58.105256][ T4215] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.112420][ T4215] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.120009][ T4215] device bridge_slave_1 entered promiscuous mode [ 58.138742][ T4215] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 58.149304][ T4215] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 58.172970][ T4215] team0: Port device team_slave_0 added [ 58.180182][ T4215] team0: Port device team_slave_1 added [ 58.196055][ T4215] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 58.203129][ T4215] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.229373][ T4215] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 58.244564][ T4215] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 58.251599][ T4215] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.277988][ T4215] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 58.306674][ T4215] device hsr_slave_0 entered promiscuous mode [ 58.313777][ T4215] device hsr_slave_1 entered promiscuous mode [ 58.414568][ T4215] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 58.425879][ T4215] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 58.436946][ T4215] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 58.447386][ T4215] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 58.478548][ T4215] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.485750][ T4215] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.493588][ T4215] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.500648][ T4215] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.559229][ T4215] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.574543][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.587174][ T144] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.595490][ T144] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.609856][ T4215] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.623400][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 58.634055][ T144] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.641105][ T144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.662246][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 58.670664][ T144] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.677744][ T144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.688602][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 58.698216][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 58.708770][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 58.740127][ T4215] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 58.750893][ T4215] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 58.763960][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 58.773948][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.782488][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 58.889473][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 58.897435][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 58.911062][ T4215] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.932564][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 58.953557][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 58.962615][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 58.970339][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 58.981618][ T4215] device veth0_vlan entered promiscuous mode [ 58.993342][ T4215] device veth1_vlan entered promiscuous mode [ 59.017691][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 59.027841][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 59.039664][ T4215] device veth0_macvtap entered promiscuous mode [ 59.049882][ T4215] device veth1_macvtap entered promiscuous mode [ 59.067385][ T4215] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.076906][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 59.086509][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 59.094741][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 59.103640][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 59.115120][ T4215] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.123709][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 59.132965][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 59.145327][ T4215] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.155093][ T4215] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.164756][ T4215] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.173688][ T4215] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.592219][ T9] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 60.304649][ T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.318601][ T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.329262][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 60.338262][ T450] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.346692][ T450] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.357266][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 62.236603][ T9] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.795153][ T9] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.849145][ T9] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 2025/11/07 22:11:49 executed programs: 0 [ 65.836223][ T4321] chnl_net:caif_netlink_parms(): no params data found [ 65.907870][ T4321] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.915125][ T4321] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.924426][ T4321] device bridge_slave_0 entered promiscuous mode [ 65.933710][ T4321] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.940856][ T4321] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.949084][ T4321] device bridge_slave_1 entered promiscuous mode [ 65.988836][ T4321] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.000140][ T4321] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 66.030031][ T9] device hsr_slave_0 left promiscuous mode [ 66.039054][ T9] device hsr_slave_1 left promiscuous mode [ 66.045563][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 66.053595][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 66.061682][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 66.069067][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 66.077216][ T9] device bridge_slave_1 left promiscuous mode [ 66.084291][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.096946][ T9] device bridge_slave_0 left promiscuous mode [ 66.103500][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.120481][ T9] device veth1_macvtap left promiscuous mode [ 66.126676][ T9] device veth0_macvtap left promiscuous mode [ 66.133237][ T9] device veth1_vlan left promiscuous mode [ 66.139060][ T9] device veth0_vlan left promiscuous mode [ 66.257772][ T9] team0 (unregistering): Port device team_slave_1 removed [ 66.269213][ T9] team0 (unregistering): Port device team_slave_0 removed [ 66.281284][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 66.295305][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 66.339331][ T9] bond0 (unregistering): Released all slaves [ 66.376443][ T4321] team0: Port device team_slave_0 added [ 66.397348][ T4321] team0: Port device team_slave_1 added [ 66.416068][ T4321] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 66.423532][ T4321] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.450032][ T4321] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 66.469310][ T4321] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 66.476338][ T4321] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.502707][ T4321] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 66.543806][ T4321] device hsr_slave_0 entered promiscuous mode [ 66.550719][ T4321] device hsr_slave_1 entered promiscuous mode [ 67.044069][ T4321] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 67.062479][ T4321] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 67.075265][ T4321] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 67.089285][ T4321] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 67.186394][ T4321] 8021q: adding VLAN 0 to HW filter on device bond0 [ 67.205971][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 67.219224][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 67.235727][ T4321] 8021q: adding VLAN 0 to HW filter on device team0 [ 67.254548][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 67.271242][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 67.293469][ T154] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.300537][ T154] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.323652][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 67.363330][ T4229] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 67.377002][ T4229] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 67.386957][ T4229] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.394046][ T4229] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.403768][ T4229] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 67.413068][ T4229] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 67.423171][ T4229] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 67.432942][ T4229] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 67.441441][ T4229] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 67.456746][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 67.467132][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 67.486679][ T4321] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 67.497223][ T4321] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 67.509976][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 67.520520][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 67.530479][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 67.539348][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 67.554929][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 67.712441][ T4237] Bluetooth: hci0: command 0x0409 tx timeout [ 67.774597][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 67.787296][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 67.799837][ T4321] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 67.821323][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 67.832756][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 67.862633][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 67.872474][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 67.881770][ T4321] device veth0_vlan entered promiscuous mode [ 67.895604][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 67.903893][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 67.924848][ T4321] device veth1_vlan entered promiscuous mode [ 67.955641][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 67.965367][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 67.978563][ T4321] device veth0_macvtap entered promiscuous mode [ 67.989435][ T4321] device veth1_macvtap entered promiscuous mode [ 68.006877][ T4321] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 68.015730][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 68.025529][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 68.034362][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 68.043491][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 68.055357][ T4321] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 68.065111][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 68.074614][ T450] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 68.087165][ T4321] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.097131][ T4321] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.106384][ T4321] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.116736][ T4321] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.208043][ T450] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.221562][ T450] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.230489][ T4229] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 68.270788][ T4407] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.282436][ T4407] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.293725][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 68.345338][ T4410] loop0: detected capacity change from 0 to 512 [ 68.424046][ T4410] [ 68.426402][ T4410] ====================================================== [ 68.433409][ T4410] WARNING: possible circular locking dependency detected [ 68.440425][ T4410] syzkaller #0 Not tainted [ 68.444831][ T4410] ------------------------------------------------------ [ 68.451833][ T4410] syz.0.17/4410 is trying to acquire lock: [ 68.457639][ T4410] ffff88807ad98bd8 (&sbi->s_writepages_rwsem){.+.+}-{0:0}, at: ext4_writepages+0x1c0/0x2d20 [ 68.467738][ T4410] [ 68.467738][ T4410] but task is already holding lock: [ 68.475101][ T4410] ffff8880612314b8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3e8/0x700 [ 68.485035][ T4410] [ 68.485035][ T4410] which lock already depends on the new lock. [ 68.485035][ T4410] [ 68.495432][ T4410] [ 68.495432][ T4410] the existing dependency chain (in reverse order) is: [ 68.504439][ T4410] [ 68.504439][ T4410] -> #2 (&ei->xattr_sem){++++}-{3:3}: [ 68.511996][ T4410] down_read+0x44/0x2e0 [ 68.516682][ T4410] ext4_setattr+0x71d/0x19e0 [ 68.521796][ T4410] notify_change+0xbcd/0xee0 [ 68.526931][ T4410] chown_common+0x483/0x610 [ 68.531952][ T4410] do_fchownat+0x164/0x270 [ 68.536889][ T4410] __x64_sys_chown+0x7e/0x90 [ 68.541998][ T4410] do_syscall_64+0x4c/0xa0 [ 68.547023][ T4410] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 68.553435][ T4410] [ 68.553435][ T4410] -> #1 (jbd2_handle){++++}-{0:0}: [ 68.560731][ T4410] start_this_handle+0x1338/0x15a0 [ 68.566363][ T4410] jbd2__journal_start+0x2b7/0x5a0 [ 68.572085][ T4410] __ext4_journal_start_sb+0x167/0x360 [ 68.578063][ T4410] ext4_writepages+0xdc2/0x2d20 [ 68.583434][ T4410] do_writepages+0x48d/0x6d0 [ 68.588540][ T4410] filemap_fdatawrite_wbc+0x1eb/0x240 [ 68.594433][ T4410] file_write_and_wait_range+0x129/0x1e0 [ 68.600585][ T4410] ext4_sync_file+0x1ff/0xae0 [ 68.605783][ T4410] __x64_sys_fsync+0x1a5/0x1e0 [ 68.611063][ T4410] do_syscall_64+0x4c/0xa0 [ 68.615999][ T4410] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 68.622408][ T4410] [ 68.622408][ T4410] -> #0 (&sbi->s_writepages_rwsem){.+.+}-{0:0}: [ 68.631263][ T4410] __lock_acquire+0x2c33/0x7c60 [ 68.636642][ T4410] lock_acquire+0x197/0x3f0 [ 68.641663][ T4410] percpu_down_read+0x46/0x1b0 [ 68.646953][ T4410] ext4_writepages+0x1c0/0x2d20 [ 68.652328][ T4410] do_writepages+0x48d/0x6d0 [ 68.657442][ T4410] __writeback_single_inode+0x153/0xda0 [ 68.663505][ T4410] writeback_single_inode+0x221/0x8b0 [ 68.669485][ T4410] write_inode_now+0x217/0x280 [ 68.674771][ T4410] iput+0x5ab/0x8a0 [ 68.679098][ T4410] ext4_xattr_set_entry+0x10ff/0x3d30 [ 68.684999][ T4410] ext4_xattr_block_set+0x4f7/0x2d30 [ 68.690890][ T4410] ext4_expand_extra_isize_ea+0xf4b/0x19a0 [ 68.697214][ T4410] __ext4_expand_extra_isize+0x301/0x3e0 [ 68.703363][ T4410] __ext4_mark_inode_dirty+0x469/0x700 [ 68.709346][ T4410] ext4_evict_inode+0xa81/0x1080 [ 68.715580][ T4410] evict+0x485/0x870 [ 68.719998][ T4410] ext4_orphan_cleanup+0xaa9/0x12e0 [ 68.725706][ T4410] ext4_fill_super+0x92f0/0x9a60 [ 68.731189][ T4410] mount_bdev+0x287/0x3c0 [ 68.736030][ T4410] legacy_get_tree+0xe6/0x180 [ 68.741211][ T4410] vfs_get_tree+0x88/0x270 [ 68.746125][ T4410] do_new_mount+0x24a/0xa40 [ 68.751143][ T4410] __se_sys_mount+0x2d6/0x3c0 [ 68.756328][ T4410] do_syscall_64+0x4c/0xa0 [ 68.761242][ T4410] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 68.767639][ T4410] [ 68.767639][ T4410] other info that might help us debug this: [ 68.767639][ T4410] [ 68.777844][ T4410] Chain exists of: [ 68.777844][ T4410] &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem [ 68.777844][ T4410] [ 68.791205][ T4410] Possible unsafe locking scenario: [ 68.791205][ T4410] [ 68.798651][ T4410] CPU0 CPU1 [ 68.803995][ T4410] ---- ---- [ 68.809421][ T4410] lock(&ei->xattr_sem); [ 68.813728][ T4410] lock(jbd2_handle); [ 68.820303][ T4410] lock(&ei->xattr_sem); [ 68.827125][ T4410] lock(&sbi->s_writepages_rwsem); [ 68.832309][ T4410] [ 68.832309][ T4410] *** DEADLOCK *** [ 68.832309][ T4410] [ 68.840460][ T4410] 3 locks held by syz.0.17/4410: [ 68.845812][ T4410] #0: ffff88807b24e0e0 (&type->s_umount_key#28/1){+.+.}-{3:3}, at: alloc_super+0x201/0x950 [ 68.855891][ T4410] #1: ffff88807b24e650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x444/0x1080 [ 68.865353][ T4410] #2: ffff8880612314b8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3e8/0x700 [ 68.875603][ T4410] [ 68.875603][ T4410] stack backtrace: [ 68.881475][ T4410] CPU: 0 PID: 4410 Comm: syz.0.17 Not tainted syzkaller #0 [ 68.888655][ T4410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 68.898696][ T4410] Call Trace: [ 68.901959][ T4410] [ 68.904877][ T4410] dump_stack_lvl+0x168/0x230 [ 68.909537][ T4410] ? load_image+0x3b0/0x3b0 [ 68.914022][ T4410] ? show_regs_print_info+0x20/0x20 [ 68.919206][ T4410] ? print_circular_bug+0x12b/0x1a0 [ 68.924384][ T4410] check_noncircular+0x274/0x310 [ 68.929302][ T4410] ? add_chain_block+0x940/0x940 [ 68.934222][ T4410] ? lockdep_lock+0xdc/0x1e0 [ 68.938793][ T4410] ? lockdep_unlock+0x134/0x2d0 [ 68.943642][ T4410] ? mark_lock+0x94/0x320 [ 68.947977][ T4410] __lock_acquire+0x2c33/0x7c60 [ 68.952812][ T4410] ? read_lock_is_recursive+0x10/0x10 [ 68.958160][ T4410] ? verify_lock_unused+0x140/0x140 [ 68.963333][ T4410] ? verify_lock_unused+0x140/0x140 [ 68.968509][ T4410] lock_acquire+0x197/0x3f0 [ 68.972989][ T4410] ? ext4_writepages+0x1c0/0x2d20 [ 68.978013][ T4410] ? check_path+0x40/0x40 [ 68.982318][ T4410] ? __might_sleep+0xf0/0xf0 [ 68.986882][ T4410] ? read_lock_is_recursive+0x10/0x10 [ 68.992242][ T4410] ? mark_lock+0x94/0x320 [ 68.996567][ T4410] ? __lock_acquire+0x13ad/0x7c60 [ 69.001586][ T4410] percpu_down_read+0x46/0x1b0 [ 69.006347][ T4410] ? ext4_writepages+0x1c0/0x2d20 [ 69.011349][ T4410] ext4_writepages+0x1c0/0x2d20 [ 69.016180][ T4410] ? rcu_is_watching+0x11/0xa0 [ 69.020919][ T4410] ? lock_release+0xba/0x870 [ 69.025491][ T4410] ? rcu_lock_release+0x5/0x20 [ 69.030233][ T4410] ? mark_lock+0x94/0x320 [ 69.034543][ T4410] ? verify_lock_unused+0x140/0x140 [ 69.039721][ T4410] ? mark_lock+0x94/0x320 [ 69.044027][ T4410] ? ext4_readpage+0x2e0/0x2e0 [ 69.048768][ T4410] ? __lock_acquire+0x13ad/0x7c60 [ 69.053785][ T4410] ? rcu_lock_release+0x5/0x20 [ 69.058529][ T4410] ? __lock_acquire+0x7c60/0x7c60 [ 69.063527][ T4410] ? do_raw_spin_lock+0x11d/0x280 [ 69.068526][ T4410] ? _raw_spin_lock_irqsave+0x7f/0xf0 [ 69.073878][ T4410] ? do_raw_spin_unlock+0x11d/0x230 [ 69.079052][ T4410] ? ext4_readpage+0x2e0/0x2e0 [ 69.083794][ T4410] do_writepages+0x48d/0x6d0 [ 69.088363][ T4410] ? __writepage+0x130/0x130 [ 69.092926][ T4410] ? writeback_single_inode+0x216/0x8b0 [ 69.098449][ T4410] ? __lock_acquire+0x7c60/0x7c60 [ 69.103451][ T4410] ? do_raw_spin_lock+0x11d/0x280 [ 69.108451][ T4410] __writeback_single_inode+0x153/0xda0 [ 69.113972][ T4410] writeback_single_inode+0x221/0x8b0 [ 69.119321][ T4410] ? write_inode_now+0x280/0x280 [ 69.124240][ T4410] write_inode_now+0x217/0x280 [ 69.128987][ T4410] ? bdi_split_work_to_wbs+0x820/0x820 [ 69.134428][ T4410] ? do_raw_spin_unlock+0x11d/0x230 [ 69.139606][ T4410] iput+0x5ab/0x8a0 [ 69.143419][ T4410] ext4_xattr_set_entry+0x10ff/0x3d30 [ 69.148783][ T4410] ? ext4_xattr_ibody_set+0x330/0x330 [ 69.154134][ T4410] ? rcu_is_watching+0x11/0xa0 [ 69.158876][ T4410] ? kmem_cache_free+0x14c/0x210 [ 69.163790][ T4410] ? mb_cache_entry_delete_or_get+0x1bd/0x1e0 [ 69.169837][ T4410] ext4_xattr_block_set+0x4f7/0x2d30 [ 69.175099][ T4410] ? do_raw_spin_unlock+0x11d/0x230 [ 69.180282][ T4410] ? __ext4_xattr_check_block+0x7d8/0x8d0 [ 69.185983][ T4410] ? ext4_xattr_block_find+0x500/0x500 [ 69.191419][ T4410] ? ext4_xattr_block_find+0x433/0x500 [ 69.196864][ T4410] ext4_expand_extra_isize_ea+0xf4b/0x19a0 [ 69.202654][ T4410] __ext4_expand_extra_isize+0x301/0x3e0 [ 69.208267][ T4410] __ext4_mark_inode_dirty+0x469/0x700 [ 69.213701][ T4410] ext4_evict_inode+0xa81/0x1080 [ 69.218613][ T4410] ? _raw_spin_unlock+0x24/0x40 [ 69.223439][ T4410] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 69.229309][ T4410] ? do_raw_spin_unlock+0x11d/0x230 [ 69.234487][ T4410] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 69.240358][ T4410] evict+0x485/0x870 [ 69.244253][ T4410] ? __lock_acquire+0x7c60/0x7c60 [ 69.249256][ T4410] ? proc_nr_inodes+0x320/0x320 [ 69.254085][ T4410] ? do_raw_spin_unlock+0x11d/0x230 [ 69.259258][ T4410] ? _raw_spin_unlock+0x24/0x40 [ 69.264081][ T4410] ? iput+0x706/0x8a0 [ 69.268037][ T4410] ext4_orphan_cleanup+0xaa9/0x12e0 [ 69.273218][ T4410] ? ext4_orphan_del+0xb90/0xb90 [ 69.278131][ T4410] ? errseq_check_and_advance+0x62/0x120 [ 69.283737][ T4410] ext4_fill_super+0x92f0/0x9a60 [ 69.288656][ T4410] ? ext4_mount+0x40/0x40 [ 69.292957][ T4410] ? set_blocksize+0x1f1/0x370 [ 69.297706][ T4410] ? sb_set_blocksize+0xa5/0xe0 [ 69.302530][ T4410] mount_bdev+0x287/0x3c0 [ 69.306847][ T4410] ? ext4_mount+0x40/0x40 [ 69.311291][ T4410] legacy_get_tree+0xe6/0x180 [ 69.315956][ T4410] ? ext4_errno_to_code+0x160/0x160 [ 69.321134][ T4410] vfs_get_tree+0x88/0x270 [ 69.325536][ T4410] do_new_mount+0x24a/0xa40 [ 69.330029][ T4410] __se_sys_mount+0x2d6/0x3c0 [ 69.334690][ T4410] ? __x64_sys_mount+0xc0/0xc0 [ 69.339430][ T4410] ? lockdep_hardirqs_on+0x94/0x140 [ 69.344603][ T4410] ? __x64_sys_mount+0x1c/0xc0 [ 69.349346][ T4410] do_syscall_64+0x4c/0xa0 [ 69.353740][ T4410] ? clear_bhb_loop+0x30/0x80 [ 69.358398][ T4410] ? clear_bhb_loop+0x30/0x80 [ 69.363059][ T4410] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 69.368936][ T4410] RIP: 0033:0x7f582112ae6a [ 69.373327][ T4410] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 69.392997][ T4410] RSP: 002b:00007fff14c45ba8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 69.401388][ T4410] RAX: ffffffffffffffda RBX: 00007fff14c45c30 RCX: 00007f582112ae6a [ 69.409337][ T4410] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007fff14c45bf0 [ 69.417290][ T4410] RBP: 0000200000000180 R08: 00007fff14c45c30 R09: 0000000000800700 [ 69.425239][ T4410] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 69.433191][ T4410] R13: 00007fff14c45bf0 R14: 000000000000046f R15: 000000000000002c [ 69.441154][ T4410] [ 69.452827][ T4410] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 69.466903][ T4410] EXT4-fs (loop0): Remounting filesystem read-only [ 69.473827][ T4410] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 11 err=-117 [ 69.486581][ T4410] EXT4-fs (loop0): Remounting filesystem read-only [ 69.493473][ T4410] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2826: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 69.506615][ T4410] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 69.520421][ T4410] EXT4-fs (loop0): Remounting filesystem read-only [ 69.527290][ T4410] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 11 err=-117 [ 69.539827][ T4410] EXT4-fs (loop0): Remounting filesystem read-only [ 69.546470][ T4410] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #18: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 69.560410][ T4410] EXT4-fs (loop0): Remounting filesystem read-only [ 69.567198][ T4410] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 18 err=-117 [ 69.579610][ T4410] EXT4-fs (loop0): Remounting filesystem read-only [ 69.587216][ T4410] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #18: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 69.600673][ T4410] EXT4-fs (loop0): Remounting filesystem read-only [ 69.607372][ T4410] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 18 err=-117 [ 69.620070][ T4410] EXT4-fs (loop0): Remounting filesystem read-only [ 69.626863][ T4410] EXT4-fs (loop0): 1 orphan inode deleted [ 69.633285][ T4410] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodioread_nolock,errors=remount-ro,debug_want_extra_isize=0x000000000000005a,nouid32,resgid=0x0000000000000000,acl,init_itable=0x0000000000000003,. Quota mode: none.