Warning: Permanently added '10.128.1.191' (ED25519) to the list of known hosts. 2025/12/12 10:04:39 parsed 1 programs [ 64.900746][ T4186] cgroup: Unknown subsys name 'net' [ 65.035029][ T4186] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 66.593382][ T4186] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 68.285529][ T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.299251][ T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.311706][ T247] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 68.325004][ T247] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.332959][ T247] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.341491][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 69.873388][ T4242] chnl_net:caif_netlink_parms(): no params data found [ 69.937694][ T4242] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.945832][ T4242] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.954940][ T4242] device bridge_slave_0 entered promiscuous mode [ 69.963878][ T4242] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.971167][ T4242] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.979207][ T4242] device bridge_slave_1 entered promiscuous mode [ 70.003775][ T4242] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 70.015304][ T4242] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.040288][ T4242] team0: Port device team_slave_0 added [ 70.048355][ T4242] team0: Port device team_slave_1 added [ 70.071561][ T4242] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.078605][ T4242] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.104700][ T4242] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.117613][ T4242] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.124717][ T4242] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.150625][ T4242] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.185786][ T4242] device hsr_slave_0 entered promiscuous mode [ 70.192520][ T4242] device hsr_slave_1 entered promiscuous mode [ 70.336274][ T4242] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 70.381497][ T4242] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 70.404516][ T4242] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 70.421781][ T4242] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 70.454415][ T4242] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.461613][ T4242] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.469426][ T4242] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.476478][ T4242] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.516731][ T4242] 8021q: adding VLAN 0 to HW filter on device bond0 [ 70.530587][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 70.540691][ T154] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.548624][ T154] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.557122][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 70.569941][ T4242] 8021q: adding VLAN 0 to HW filter on device team0 [ 70.582344][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 70.590827][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.597865][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.608630][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 70.617187][ T154] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.624282][ T154] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.643410][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 70.652319][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 70.663840][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 70.675529][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 70.686774][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 70.697621][ T4242] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 70.808304][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 70.815989][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 70.830021][ T4242] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.866221][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 70.874904][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 70.915363][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 70.923813][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 70.933593][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 70.941620][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 70.951322][ T4242] device veth0_vlan entered promiscuous mode [ 70.983146][ T4242] device veth1_vlan entered promiscuous mode [ 71.000947][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 71.009394][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 71.017384][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 71.026312][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 71.038130][ T4242] device veth0_macvtap entered promiscuous mode [ 71.067730][ T4242] device veth1_macvtap entered promiscuous mode [ 71.083618][ T4242] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 71.092455][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 71.101065][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 71.110272][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 71.118683][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 71.130312][ T4242] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 71.137594][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 71.146457][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 71.160094][ T4242] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.169066][ T4242] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.177766][ T4242] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.186839][ T4242] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.283269][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.291275][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 2025/12/12 10:04:48 executed programs: 0 [ 72.588516][ T4295] chnl_net:caif_netlink_parms(): no params data found [ 72.648110][ T4295] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.655387][ T4295] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.663881][ T4295] device bridge_slave_0 entered promiscuous mode [ 72.672674][ T4295] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.680243][ T4295] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.688256][ T4295] device bridge_slave_1 entered promiscuous mode [ 72.714727][ T4295] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 72.727396][ T4295] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 72.757738][ T4295] team0: Port device team_slave_0 added [ 72.765762][ T4295] team0: Port device team_slave_1 added [ 72.791154][ T4295] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.798117][ T4295] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.824571][ T4295] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.837405][ T4295] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.844639][ T4295] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.871789][ T4295] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.916582][ T4295] device hsr_slave_0 entered promiscuous mode [ 72.923746][ T4295] device hsr_slave_1 entered promiscuous mode [ 72.933171][ T4295] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 72.941377][ T4295] Cannot create hsr debugfs directory [ 73.025205][ T4295] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.479968][ T4308] Bluetooth: hci0: command 0x0409 tx timeout [ 76.125706][ T4295] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.189388][ T4295] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.235143][ T4295] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.497929][ T4295] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 76.508447][ T4295] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 76.518167][ T4295] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 76.541815][ T4295] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 76.569202][ T4308] Bluetooth: hci0: command 0x041b tx timeout [ 76.612223][ T4295] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.636275][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 76.644060][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 76.654232][ T4295] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.663623][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 76.672754][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 76.681485][ T154] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.688525][ T154] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.699028][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 76.715780][ T3045] device hsr_slave_0 left promiscuous mode [ 76.722786][ T3045] device hsr_slave_1 left promiscuous mode [ 76.730015][ T3045] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 76.737432][ T3045] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 76.745536][ T3045] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 76.753073][ T3045] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 76.761091][ T3045] device bridge_slave_1 left promiscuous mode [ 76.767311][ T3045] bridge0: port 2(bridge_slave_1) entered disabled state [ 76.782357][ T3045] device bridge_slave_0 left promiscuous mode [ 76.788524][ T3045] bridge0: port 1(bridge_slave_0) entered disabled state [ 76.805704][ T3045] device veth1_macvtap left promiscuous mode [ 76.812914][ T3045] device veth0_macvtap left promiscuous mode [ 76.819128][ T3045] device veth1_vlan left promiscuous mode [ 76.824979][ T3045] device veth0_vlan left promiscuous mode [ 76.975561][ T3045] team0 (unregistering): Port device team_slave_1 removed [ 76.988212][ T3045] team0 (unregistering): Port device team_slave_0 removed [ 77.001027][ T3045] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 77.017407][ T3045] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 77.075914][ T3045] bond0 (unregistering): Released all slaves [ 77.164632][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 77.173241][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 77.181787][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.188881][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 77.203087][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 77.212195][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 77.227607][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 77.237521][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 77.246725][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 77.255788][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 77.277349][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 77.286335][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 77.295087][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 77.303626][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 77.312494][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 77.322718][ T4295] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 77.423577][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 77.431576][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 77.443432][ T4295] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 77.463927][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 77.472510][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 77.489906][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 77.498068][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 77.507541][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 77.515601][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 77.525392][ T4295] device veth0_vlan entered promiscuous mode [ 77.538444][ T4295] device veth1_vlan entered promiscuous mode [ 77.562919][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 77.574253][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 77.583740][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 77.594164][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 77.605072][ T4295] device veth0_macvtap entered promiscuous mode [ 77.615572][ T4295] device veth1_macvtap entered promiscuous mode [ 77.632366][ T4295] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 77.640973][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 77.650251][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 77.658235][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 77.667245][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 77.682291][ T4295] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.690258][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 77.699613][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 77.712066][ T4295] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.721141][ T4295] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.731481][ T4295] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.740866][ T4295] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.800351][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.808287][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.832690][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 77.845934][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.855762][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.865250][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 77.933261][ T4322] loop0: detected capacity change from 0 to 512 [ 77.951972][ T4322] ======================================================= [ 77.951972][ T4322] WARNING: The mand mount option has been deprecated and [ 77.951972][ T4322] and is ignored by this kernel. Remove the mand [ 77.951972][ T4322] option from the mount to silence this warning. [ 77.951972][ T4322] ======================================================= [ 78.019533][ T4322] [ 78.021881][ T4322] ====================================================== [ 78.028896][ T4322] WARNING: possible circular locking dependency detected [ 78.035922][ T4322] syzkaller #0 Not tainted [ 78.040336][ T4322] ------------------------------------------------------ [ 78.047353][ T4322] syz.0.17/4322 is trying to acquire lock: [ 78.053156][ T4322] ffff8880752aabd8 (&sbi->s_writepages_rwsem){.+.+}-{0:0}, at: ext4_writepages+0x1c0/0x2d20 [ 78.063271][ T4322] [ 78.063271][ T4322] but task is already holding lock: [ 78.070653][ T4322] ffff8880607794b8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3e8/0x700 [ 78.080508][ T4322] [ 78.080508][ T4322] which lock already depends on the new lock. [ 78.080508][ T4322] [ 78.090911][ T4322] [ 78.090911][ T4322] the existing dependency chain (in reverse order) is: [ 78.099928][ T4322] [ 78.099928][ T4322] -> #2 (&ei->xattr_sem){++++}-{3:3}: [ 78.107501][ T4322] down_read+0x44/0x2e0 [ 78.112194][ T4322] ext4_setattr+0x71d/0x19e0 [ 78.117314][ T4322] notify_change+0xbcd/0xee0 [ 78.122525][ T4322] chown_common+0x483/0x610 [ 78.127561][ T4322] do_fchownat+0x164/0x270 [ 78.132509][ T4322] __x64_sys_chown+0x7e/0x90 [ 78.137639][ T4322] do_syscall_64+0x4c/0xa0 [ 78.142588][ T4322] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 78.149013][ T4322] [ 78.149013][ T4322] -> #1 (jbd2_handle){++++}-{0:0}: [ 78.156327][ T4322] start_this_handle+0x1338/0x15a0 [ 78.161968][ T4322] jbd2__journal_start+0x2b7/0x5a0 [ 78.167610][ T4322] __ext4_journal_start_sb+0x167/0x360 [ 78.173596][ T4322] ext4_writepages+0xdc2/0x2d20 [ 78.178981][ T4322] do_writepages+0x48d/0x6d0 [ 78.184111][ T4322] filemap_fdatawrite_wbc+0x1eb/0x240 [ 78.190019][ T4322] file_write_and_wait_range+0x129/0x1e0 [ 78.196186][ T4322] ext4_sync_file+0x1ff/0xae0 [ 78.201398][ T4322] __x64_sys_fsync+0x1a5/0x1e0 [ 78.206694][ T4322] do_syscall_64+0x4c/0xa0 [ 78.211645][ T4322] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 78.218071][ T4322] [ 78.218071][ T4322] -> #0 (&sbi->s_writepages_rwsem){.+.+}-{0:0}: [ 78.226510][ T4322] __lock_acquire+0x2c33/0x7c60 [ 78.231896][ T4322] lock_acquire+0x197/0x3f0 [ 78.237023][ T4322] percpu_down_read+0x46/0x1b0 [ 78.242315][ T4322] ext4_writepages+0x1c0/0x2d20 [ 78.247689][ T4322] do_writepages+0x48d/0x6d0 [ 78.252800][ T4322] __writeback_single_inode+0x153/0xda0 [ 78.258866][ T4322] writeback_single_inode+0x221/0x8b0 [ 78.264755][ T4322] write_inode_now+0x217/0x280 [ 78.270036][ T4322] iput+0x5ab/0x8a0 [ 78.274362][ T4322] ext4_xattr_set_entry+0x10ff/0x3d30 [ 78.280250][ T4322] ext4_xattr_block_set+0x4f7/0x2d30 [ 78.286058][ T4322] ext4_expand_extra_isize_ea+0xf4b/0x19a0 [ 78.292384][ T4322] __ext4_expand_extra_isize+0x301/0x3e0 [ 78.298538][ T4322] __ext4_mark_inode_dirty+0x469/0x700 [ 78.304517][ T4322] ext4_evict_inode+0xa81/0x1080 [ 78.309975][ T4322] evict+0x485/0x870 [ 78.314391][ T4322] ext4_orphan_cleanup+0xaa9/0x12e0 [ 78.320106][ T4322] ext4_fill_super+0x92f0/0x9a60 [ 78.325562][ T4322] mount_bdev+0x287/0x3c0 [ 78.330413][ T4322] legacy_get_tree+0xe6/0x180 [ 78.335619][ T4322] vfs_get_tree+0x88/0x270 [ 78.340577][ T4322] do_new_mount+0x24a/0xa40 [ 78.345600][ T4322] __se_sys_mount+0x2d6/0x3c0 [ 78.350797][ T4322] do_syscall_64+0x4c/0xa0 [ 78.355732][ T4322] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 78.362142][ T4322] [ 78.362142][ T4322] other info that might help us debug this: [ 78.362142][ T4322] [ 78.372360][ T4322] Chain exists of: [ 78.372360][ T4322] &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem [ 78.372360][ T4322] [ 78.385735][ T4322] Possible unsafe locking scenario: [ 78.385735][ T4322] [ 78.393181][ T4322] CPU0 CPU1 [ 78.398541][ T4322] ---- ---- [ 78.403896][ T4322] lock(&ei->xattr_sem); [ 78.408225][ T4322] lock(jbd2_handle); [ 78.414806][ T4322] lock(&ei->xattr_sem); [ 78.421652][ T4322] lock(&sbi->s_writepages_rwsem); [ 78.426842][ T4322] [ 78.426842][ T4322] *** DEADLOCK *** [ 78.426842][ T4322] [ 78.434979][ T4322] 3 locks held by syz.0.17/4322: [ 78.439908][ T4322] #0: ffff8880752a80e0 (&type->s_umount_key#28/1){+.+.}-{3:3}, at: alloc_super+0x201/0x950 [ 78.450009][ T4322] #1: ffff8880752a8650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x444/0x1080 [ 78.459489][ T4322] #2: ffff8880607794b8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3e8/0x700 [ 78.469750][ T4322] [ 78.469750][ T4322] stack backtrace: [ 78.475644][ T4322] CPU: 0 PID: 4322 Comm: syz.0.17 Not tainted syzkaller #0 [ 78.482853][ T4322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 78.492909][ T4322] Call Trace: [ 78.496190][ T4322] [ 78.499120][ T4322] dump_stack_lvl+0x168/0x230 [ 78.503801][ T4322] ? load_image+0x3b0/0x3b0 [ 78.508302][ T4322] ? show_regs_print_info+0x20/0x20 [ 78.513500][ T4322] ? print_circular_bug+0x12b/0x1a0 [ 78.518696][ T4322] check_noncircular+0x274/0x310 [ 78.523637][ T4322] ? add_chain_block+0x940/0x940 [ 78.528571][ T4322] ? lockdep_lock+0xdc/0x1e0 [ 78.533162][ T4322] ? lockdep_unlock+0x134/0x2d0 [ 78.538016][ T4322] ? mark_lock+0x94/0x320 [ 78.542343][ T4322] __lock_acquire+0x2c33/0x7c60 [ 78.547201][ T4322] ? verify_lock_unused+0x140/0x140 [ 78.552397][ T4322] ? verify_lock_unused+0x140/0x140 [ 78.557607][ T4322] lock_acquire+0x197/0x3f0 [ 78.562116][ T4322] ? ext4_writepages+0x1c0/0x2d20 [ 78.567139][ T4322] ? check_path+0x40/0x40 [ 78.571469][ T4322] ? __might_sleep+0xf0/0xf0 [ 78.576062][ T4322] ? read_lock_is_recursive+0x10/0x10 [ 78.581433][ T4322] ? mark_lock+0x94/0x320 [ 78.585768][ T4322] ? __lock_acquire+0x13ad/0x7c60 [ 78.590794][ T4322] percpu_down_read+0x46/0x1b0 [ 78.595573][ T4322] ? ext4_writepages+0x1c0/0x2d20 [ 78.600598][ T4322] ext4_writepages+0x1c0/0x2d20 [ 78.605458][ T4322] ? rcu_is_watching+0x11/0xa0 [ 78.610218][ T4322] ? lock_release+0xba/0x870 [ 78.614808][ T4322] ? rcu_lock_release+0x5/0x20 [ 78.619571][ T4322] ? mark_lock+0x94/0x320 [ 78.623899][ T4322] ? verify_lock_unused+0x140/0x140 [ 78.629101][ T4322] ? mark_lock+0x94/0x320 [ 78.633432][ T4322] ? ext4_readpage+0x2e0/0x2e0 [ 78.638196][ T4322] ? __lock_acquire+0x13ad/0x7c60 [ 78.643222][ T4322] ? rcu_lock_release+0x5/0x20 [ 78.647989][ T4322] ? __lock_acquire+0x7c60/0x7c60 [ 78.653009][ T4322] ? do_raw_spin_lock+0x11d/0x280 [ 78.658029][ T4322] ? _raw_spin_lock_irqsave+0x7f/0xf0 [ 78.663422][ T4322] ? do_raw_spin_unlock+0x11d/0x230 [ 78.668620][ T4322] ? ext4_readpage+0x2e0/0x2e0 [ 78.673397][ T4322] do_writepages+0x48d/0x6d0 [ 78.677998][ T4322] ? __writepage+0x130/0x130 [ 78.682585][ T4322] ? writeback_single_inode+0x216/0x8b0 [ 78.688132][ T4322] ? __lock_acquire+0x7c60/0x7c60 [ 78.693155][ T4322] ? do_raw_spin_lock+0x11d/0x280 [ 78.698180][ T4322] __writeback_single_inode+0x153/0xda0 [ 78.703740][ T4322] writeback_single_inode+0x221/0x8b0 [ 78.709117][ T4322] ? write_inode_now+0x280/0x280 [ 78.714059][ T4322] write_inode_now+0x217/0x280 [ 78.718819][ T4322] ? bdi_split_work_to_wbs+0x820/0x820 [ 78.724278][ T4322] ? do_raw_spin_unlock+0x11d/0x230 [ 78.729488][ T4322] iput+0x5ab/0x8a0 [ 78.733301][ T4322] ext4_xattr_set_entry+0x10ff/0x3d30 [ 78.738683][ T4322] ? ext4_xattr_ibody_set+0x330/0x330 [ 78.744061][ T4322] ? rcu_is_watching+0x11/0xa0 [ 78.748818][ T4322] ? kmem_cache_free+0x14c/0x210 [ 78.753752][ T4322] ? mb_cache_entry_delete_or_get+0x1bd/0x1e0 [ 78.759818][ T4322] ext4_xattr_block_set+0x4f7/0x2d30 [ 78.765102][ T4322] ? do_raw_spin_unlock+0x11d/0x230 [ 78.770312][ T4322] ? __ext4_xattr_check_block+0x7d8/0x8d0 [ 78.776040][ T4322] ? ext4_xattr_block_find+0x500/0x500 [ 78.781703][ T4322] ? ext4_xattr_block_find+0x433/0x500 [ 78.787178][ T4322] ext4_expand_extra_isize_ea+0xf4b/0x19a0 [ 78.792996][ T4322] __ext4_expand_extra_isize+0x301/0x3e0 [ 78.798631][ T4322] __ext4_mark_inode_dirty+0x469/0x700 [ 78.804181][ T4322] ext4_evict_inode+0xa81/0x1080 [ 78.809120][ T4322] ? _raw_spin_unlock+0x24/0x40 [ 78.813987][ T4322] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 78.819886][ T4322] ? do_raw_spin_unlock+0x11d/0x230 [ 78.825089][ T4322] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 78.830984][ T4322] evict+0x485/0x870 [ 78.834883][ T4322] ? __lock_acquire+0x7c60/0x7c60 [ 78.839907][ T4322] ? proc_nr_inodes+0x320/0x320 [ 78.844781][ T4322] ? do_raw_spin_unlock+0x11d/0x230 [ 78.849987][ T4322] ? _raw_spin_unlock+0x24/0x40 [ 78.854832][ T4322] ? iput+0x706/0x8a0 [ 78.858813][ T4322] ext4_orphan_cleanup+0xaa9/0x12e0 [ 78.864018][ T4322] ? ext4_orphan_del+0xb90/0xb90 [ 78.868956][ T4322] ? errseq_check_and_advance+0x62/0x120 [ 78.874587][ T4322] ext4_fill_super+0x92f0/0x9a60 [ 78.879533][ T4322] ? ext4_mount+0x40/0x40 [ 78.883864][ T4322] ? set_blocksize+0x1f1/0x370 [ 78.888632][ T4322] ? sb_set_blocksize+0xa5/0xe0 [ 78.893487][ T4322] mount_bdev+0x287/0x3c0 [ 78.897815][ T4322] ? ext4_mount+0x40/0x40 [ 78.902146][ T4322] legacy_get_tree+0xe6/0x180 [ 78.906821][ T4322] ? ext4_errno_to_code+0x160/0x160 [ 78.912016][ T4322] vfs_get_tree+0x88/0x270 [ 78.916435][ T4322] do_new_mount+0x24a/0xa40 [ 78.920939][ T4322] __se_sys_mount+0x2d6/0x3c0 [ 78.925616][ T4322] ? __x64_sys_mount+0xc0/0xc0 [ 78.930382][ T4322] ? lockdep_hardirqs_on+0x94/0x140 [ 78.935586][ T4322] ? __x64_sys_mount+0x1c/0xc0 [ 78.940347][ T4322] do_syscall_64+0x4c/0xa0 [ 78.944763][ T4322] ? clear_bhb_loop+0x30/0x80 [ 78.949437][ T4322] ? clear_bhb_loop+0x30/0x80 [ 78.954116][ T4322] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 78.960023][ T4322] RIP: 0033:0x7fce89f93eea [ 78.964442][ T4322] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 78.984043][ T4322] RSP: 002b:00007ffd61869dc8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 78.992455][ T4322] RAX: ffffffffffffffda RBX: 00007ffd61869e50 RCX: 00007fce89f93eea [ 79.000425][ T4322] RDX: 0000200000000180 RSI: 0000200000000080 RDI: 00007ffd61869e10 [ 79.008397][ T4322] RBP: 0000200000000180 R08: 00007ffd61869e50 R09: 0000000002808340 [ 79.016364][ T4322] R10: 0000000002808340 R11: 0000000000000246 R12: 0000200000000080 [ 79.024346][ T4322] R13: 00007ffd61869e10 R14: 000000000000047c R15: 0000200000000640 [ 79.032321][ T4322] [ 79.049919][ T4322] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 79.063334][ T4322] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 11 err=-117 [ 79.075903][ T4322] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2826: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 79.090522][ T4322] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 79.103935][ T4322] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 11 err=-117 [ 79.116251][ T4322] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #18: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 79.130468][ T4322] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 18 err=-117 [ 79.143076][ T4322] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #18: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 79.156916][ T4322] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 18 err=-117 [ 79.169628][ T4322] EXT4-fs (loop0): 1 orphan inode deleted [ 79.173477][ T4310] Bluetooth: hci0: command 0x040f tx timeout [ 79.175376][ T4322] EXT4-fs (loop0): mounted filesystem without journal. Opts: i_version,nobarrier,debug_want_extra_isize=0x000000000000005a,sysvgroups,resgid=0x0000000000000000,acl,init_itable=0x0000000000000003,,errors=continue. Quota mode: none.