[ 92.220346][ T991] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.0.54' (ED25519) to the list of known hosts.
2025/11/08 17:40:24 parsed 1 programs
[ 98.761450][ T5808] cgroup: Unknown subsys name 'net'
[ 99.002770][ T5808] cgroup: Unknown subsys name 'cpuset'
[ 99.058837][ T5808] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 101.115624][ T5808] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 108.548036][ T1438] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 108.548057][ T1438] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 108.609373][ T3570] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 108.609396][ T3570] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.063726][ T5123] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 109.070295][ T5123] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 109.077933][ T5123] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 109.088455][ T5123] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 109.089400][ T5123] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 110.559755][ T5882] chnl_net:caif_netlink_parms(): no params data found
[ 111.030659][ T5882] bridge0: port 1(bridge_slave_0) entered blocking state
[ 111.032530][ T5882] bridge0: port 1(bridge_slave_0) entered disabled state
[ 111.032800][ T5882] bridge_slave_0: entered allmulticast mode
[ 111.035238][ T5882] bridge_slave_0: entered promiscuous mode
[ 111.045030][ T5882] bridge0: port 2(bridge_slave_1) entered blocking state
[ 111.045264][ T5882] bridge0: port 2(bridge_slave_1) entered disabled state
[ 111.045479][ T5882] bridge_slave_1: entered allmulticast mode
[ 111.051147][ T5882] bridge_slave_1: entered promiscuous mode
[ 111.341314][ T5882] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 111.344517][ T5882] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 111.569288][ T5882] team0: Port device team_slave_0 added
[ 111.572079][ T5882] team0: Port device team_slave_1 added
[ 111.778612][ T5882] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 111.778630][ T5882] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 111.778658][ T5882] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 111.783645][ T5882] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 111.783660][ T5882] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 111.783681][ T5882] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 111.966756][ T5882] hsr_slave_0: entered promiscuous mode
[ 111.969075][ T5882] hsr_slave_1: entered promiscuous mode
[ 112.592410][ T5882] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 112.617214][ T5882] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 112.672350][ T5882] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 112.711646][ T5882] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 112.855275][ T5882] 8021q: adding VLAN 0 to HW filter on device bond0
[ 112.885730][ T5882] 8021q: adding VLAN 0 to HW filter on device team0
[ 112.899169][ T3589] bridge0: port 1(bridge_slave_0) entered blocking state
[ 112.899345][ T3589] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 112.908777][ T3589] bridge0: port 2(bridge_slave_1) entered blocking state
[ 112.909020][ T3589] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 113.175738][ T5882] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 113.239513][ T5882] veth0_vlan: entered promiscuous mode
[ 113.246170][ T5882] veth1_vlan: entered promiscuous mode
[ 113.291759][ T5882] veth0_macvtap: entered promiscuous mode
[ 113.300309][ T5882] veth1_macvtap: entered promiscuous mode
[ 113.321777][ T5882] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 113.333630][ T5882] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 113.345911][ T3589] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 113.346457][ T3589] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 113.353540][ T3589] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 113.363188][ T3570] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 114.132483][ T3570] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 114.384419][ T3570] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 114.599529][ T3570] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 114.865528][ T3570] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/11/08 17:40:44 executed programs: 0
[ 115.684482][ T5123] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 115.695646][ T5123] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 115.703886][ T5123] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 115.711873][ T5123] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 115.712866][ T5123] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 115.953189][ T5918] chnl_net:caif_netlink_parms(): no params data found
[ 116.268918][ T5918] bridge0: port 1(bridge_slave_0) entered blocking state
[ 116.269076][ T5918] bridge0: port 1(bridge_slave_0) entered disabled state
[ 116.269227][ T5918] bridge_slave_0: entered allmulticast mode
[ 116.271152][ T5918] bridge_slave_0: entered promiscuous mode
[ 116.273852][ T5918] bridge0: port 2(bridge_slave_1) entered blocking state
[ 116.273997][ T5918] bridge0: port 2(bridge_slave_1) entered disabled state
[ 116.274134][ T5918] bridge_slave_1: entered allmulticast mode
[ 116.276026][ T5918] bridge_slave_1: entered promiscuous mode
[ 116.422132][ T5918] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 116.425449][ T5918] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 116.582212][ T5918] team0: Port device team_slave_0 added
[ 116.586307][ T5918] team0: Port device team_slave_1 added
[ 116.770230][ T5918] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 116.770248][ T5918] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 116.770275][ T5918] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 116.774183][ T5918] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 116.774200][ T5918] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 116.774228][ T5918] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 117.047146][ T5918] hsr_slave_0: entered promiscuous mode
[ 117.048274][ T5918] hsr_slave_1: entered promiscuous mode
[ 117.049101][ T5918] debugfs: 'hsr0' already exists in 'hsr'
[ 117.049184][ T5918] Cannot create hsr debugfs directory
[ 117.148710][ T3570] bridge_slave_1: left allmulticast mode
[ 117.148930][ T3570] bridge_slave_1: left promiscuous mode
[ 117.150492][ T3570] bridge0: port 2(bridge_slave_1) entered disabled state
[ 117.228906][ T3570] bridge_slave_0: left allmulticast mode
[ 117.228930][ T3570] bridge_slave_0: left promiscuous mode
[ 117.229117][ T3570] bridge0: port 1(bridge_slave_0) entered disabled state
[ 117.819968][ T5123] Bluetooth: hci0: command tx timeout
[ 118.907771][ T3570] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 118.968170][ T3570] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 118.989766][ T3570] bond0 (unregistering): Released all slaves
[ 119.477145][ T3570] hsr_slave_0: left promiscuous mode
[ 119.497600][ T3570] hsr_slave_1: left promiscuous mode
[ 119.498557][ T3570] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 119.498619][ T3570] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 119.558608][ T3570] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 119.558642][ T3570] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 119.636128][ T3570] veth1_macvtap: left promiscuous mode
[ 119.636316][ T3570] veth0_macvtap: left promiscuous mode
[ 119.636521][ T3570] veth1_vlan: left promiscuous mode
[ 119.636718][ T3570] veth0_vlan: left promiscuous mode
[ 119.897169][ T5123] Bluetooth: hci0: command tx timeout
[ 121.677723][ T3570] team0 (unregistering): Port device team_slave_1 removed
[ 121.878196][ T3570] team0 (unregistering): Port device team_slave_0 removed
[ 121.977184][ T5123] Bluetooth: hci0: command tx timeout
[ 124.057151][ T5123] Bluetooth: hci0: command tx timeout
[ 124.828885][ T5918] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 125.150280][ T5918] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 125.172065][ T5918] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 125.223783][ T5918] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 125.353146][ T5918] 8021q: adding VLAN 0 to HW filter on device bond0
[ 125.384371][ T5918] 8021q: adding VLAN 0 to HW filter on device team0
[ 125.398480][ T1438] bridge0: port 1(bridge_slave_0) entered blocking state
[ 125.398580][ T1438] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 125.400710][ T1438] bridge0: port 2(bridge_slave_1) entered blocking state
[ 125.401139][ T1438] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 125.727076][ T5918] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 125.888443][ T5918] veth0_vlan: entered promiscuous mode
[ 125.896010][ T5918] veth1_vlan: entered promiscuous mode
[ 125.943096][ T5918] veth0_macvtap: entered promiscuous mode
[ 125.956666][ T5918] veth1_macvtap: entered promiscuous mode
[ 125.975258][ T5918] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 125.990600][ T5918] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 126.004971][ T3589] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 126.008464][ T3589] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 126.011000][ T3589] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 126.011079][ T3589] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 126.203755][ T1476] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 126.203778][ T1476] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 126.254537][ T3570] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 126.254559][ T3570] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/11/08 17:40:55 executed programs: 2
[ 126.373759][ T5966] loop0: detected capacity change from 0 to 512
[ 126.444714][ T5966]
[ 126.444726][ T5966] ======================================================
[ 126.444735][ T5966] WARNING: possible circular locking dependency detected
[ 126.444759][ T5966] syzkaller #0 Not tainted
[ 126.444770][ T5966] ------------------------------------------------------
[ 126.444778][ T5966] syz.0.17/5966 is trying to acquire lock:
[ 126.444790][ T5966] ffff88803500ec58 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x1cc/0x350
[ 126.444860][ T5966]
[ 126.444860][ T5966] but task is already holding lock:
[ 126.444867][ T5966] ffff8880571c0c90 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x3eb/0x700
[ 126.444919][ T5966]
[ 126.444919][ T5966] which lock already depends on the new lock.
[ 126.444919][ T5966]
[ 126.444927][ T5966]
[ 126.444927][ T5966] the existing dependency chain (in reverse order) is:
[ 126.444935][ T5966]
[ 126.444935][ T5966] -> #2 (&ei->xattr_sem){++++}-{4:4}:
[ 126.444970][ T5966] lock_acquire+0x120/0x360
[ 126.444997][ T5966] down_write+0x3a/0x50
[ 126.445029][ T5966] ext4_xattr_set_handle+0x165/0x1590
[ 126.445060][ T5966] ext4_initxattrs+0x9f/0x110
[ 126.445084][ T5966] security_inode_init_security+0x2a0/0x3f0
[ 126.445115][ T5966] __ext4_new_inode+0x3314/0x3cb0
[ 126.445148][ T5966] ext4_create+0x22d/0x460
[ 126.445172][ T5966] path_openat+0x1500/0x3840
[ 126.445195][ T5966] do_filp_open+0x1fa/0x410
[ 126.445216][ T5966] do_sys_openat2+0x121/0x1c0
[ 126.445236][ T5966] __x64_sys_openat+0x138/0x170
[ 126.445256][ T5966] do_syscall_64+0xfa/0xfa0
[ 126.445294][ T5966] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 126.445315][ T5966]
[ 126.445315][ T5966] -> #1 (jbd2_handle){++++}-{0:0}:
[ 126.445344][ T5966] lock_acquire+0x120/0x360
[ 126.445372][ T5966] start_this_handle+0x1fa7/0x21c0
[ 126.445399][ T5966] jbd2__journal_start+0x2c1/0x5b0
[ 126.445426][ T5966] __ext4_journal_start_sb+0x227/0x5c0
[ 126.445458][ T5966] ext4_do_writepages+0xf6f/0x4600
[ 126.445487][ T5966] ext4_writepages+0x205/0x350
[ 126.445508][ T5966] do_writepages+0x32e/0x550
[ 126.445529][ T5966] file_write_and_wait_range+0x244/0x340
[ 126.445556][ T5966] ext4_sync_file+0x2b4/0xb20
[ 126.445585][ T5966] __x64_sys_fsync+0x194/0x1f0
[ 126.445603][ T5966] do_syscall_64+0xfa/0xfa0
[ 126.445633][ T5966] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 126.445654][ T5966]
[ 126.445654][ T5966] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}:
[ 126.445684][ T5966] validate_chain+0xb9b/0x2140
[ 126.445703][ T5966] __lock_acquire+0xab9/0xd20
[ 126.445730][ T5966] lock_acquire+0x120/0x360
[ 126.445757][ T5966] percpu_down_read_internal+0x48/0x1d0
[ 126.445777][ T5966] ext4_writepages+0x1cc/0x350
[ 126.445797][ T5966] do_writepages+0x32e/0x550
[ 126.445818][ T5966] __writeback_single_inode+0x145/0x1000
[ 126.445845][ T5966] writeback_single_inode+0x1db/0x640
[ 126.445867][ T5966] write_inode_now+0x160/0x1d0
[ 126.445888][ T5966] iput+0x830/0xc50
[ 126.445917][ T5966] ext4_xattr_block_set+0x1fce/0x2ac0
[ 126.445949][ T5966] ext4_expand_extra_isize_ea+0x12da/0x1ea0
[ 126.445982][ T5966] __ext4_expand_extra_isize+0x30d/0x400
[ 126.446016][ T5966] __ext4_mark_inode_dirty+0x46c/0x700
[ 126.446042][ T5966] ext4_evict_inode+0x80d/0xee0
[ 126.446066][ T5966] evict+0x504/0x9c0
[ 126.446086][ T5966] ext4_orphan_cleanup+0xc20/0x1460
[ 126.446110][ T5966] ext4_fill_super+0x593b/0x61f0
[ 126.446130][ T5966] get_tree_bdev_flags+0x40e/0x4d0
[ 126.446157][ T5966] vfs_get_tree+0x92/0x2b0
[ 126.446181][ T5966] do_new_mount+0x302/0xa10
[ 126.446209][ T5966] __se_sys_mount+0x313/0x410
[ 126.446238][ T5966] do_syscall_64+0xfa/0xfa0
[ 126.446268][ T5966] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 126.446297][ T5966]
[ 126.446297][ T5966] other info that might help us debug this:
[ 126.446297][ T5966]
[ 126.446304][ T5966] Chain exists of:
[ 126.446304][ T5966] &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem
[ 126.446304][ T5966]
[ 126.446341][ T5966] Possible unsafe locking scenario:
[ 126.446341][ T5966]
[ 126.446348][ T5966] CPU0 CPU1
[ 126.446354][ T5966] ---- ----
[ 126.446361][ T5966] lock(&ei->xattr_sem);
[ 126.446376][ T5966] lock(jbd2_handle);
[ 126.446392][ T5966] lock(&ei->xattr_sem);
[ 126.446408][ T5966] rlock(&sbi->s_writepages_rwsem);
[ 126.446423][ T5966]
[ 126.446423][ T5966] *** DEADLOCK ***
[ 126.446423][ T5966]
[ 126.446429][ T5966] 3 locks held by syz.0.17/5966:
[ 126.446441][ T5966] #0: ffff88802e5fe0d0 (&type->s_umount_key#26/1){+.+.}-{4:4}, at: alloc_super+0x1ba/0x9a0
[ 126.446504][ T5966] #1: ffff88802e5fe770 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x2d6/0xee0
[ 126.446560][ T5966] #2: ffff8880571c0c90 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x3eb/0x700
[ 126.446617][ T5966]
[ 126.446617][ T5966] stack backtrace:
[ 126.446643][ T5966] CPU: 0 UID: 0 PID: 5966 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 126.446668][ T5966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 126.446690][ T5966] Call Trace:
[ 126.446703][ T5966]
[ 126.446713][ T5966] dump_stack_lvl+0x189/0x250
[ 126.446750][ T5966] ? __pfx_dump_stack_lvl+0x10/0x10
[ 126.446784][ T5966] ? __pfx__printk+0x10/0x10
[ 126.446812][ T5966] ? print_lock_name+0xde/0x100
[ 126.446840][ T5966] print_circular_bug+0x2ee/0x310
[ 126.446867][ T5966] check_noncircular+0x134/0x160
[ 126.446888][ T5966] validate_chain+0xb9b/0x2140
[ 126.446911][ T5966] ? look_up_lock_class+0x74/0x170
[ 126.446941][ T5966] ? register_lock_class+0x51/0x320
[ 126.446972][ T5966] __lock_acquire+0xab9/0xd20
[ 126.447005][ T5966] ? ext4_writepages+0x1cc/0x350
[ 126.447027][ T5966] lock_acquire+0x120/0x360
[ 126.447056][ T5966] ? ext4_writepages+0x1cc/0x350
[ 126.447079][ T5966] ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 126.447111][ T5966] ? lockdep_hardirqs_on+0x9c/0x150
[ 126.447144][ T5966] percpu_down_read_internal+0x48/0x1d0
[ 126.447163][ T5966] ? ext4_writepages+0x1cc/0x350
[ 126.447184][ T5966] ext4_writepages+0x1cc/0x350
[ 126.447206][ T5966] ? __pfx_ext4_writepages+0x10/0x10
[ 126.447226][ T5966] ? rt_mutex_slowunlock+0x493/0x8a0
[ 126.447257][ T5966] ? rt_spin_unlock+0x150/0x200
[ 126.447292][ T5966] ? rt_spin_unlock+0x161/0x200
[ 126.447317][ T5966] ? __pfx_ext4_writepages+0x10/0x10
[ 126.447340][ T5966] do_writepages+0x32e/0x550
[ 126.447364][ T5966] ? reacquire_held_locks+0x127/0x1d0
[ 126.447399][ T5966] ? rt_spin_lock+0x1c1/0x3e0
[ 126.447425][ T5966] ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 126.447454][ T5966] __writeback_single_inode+0x145/0x1000
[ 126.447486][ T5966] writeback_single_inode+0x1db/0x640
[ 126.447512][ T5966] write_inode_now+0x160/0x1d0
[ 126.447533][ T5966] ? __pfx_write_inode_now+0x10/0x10
[ 126.447573][ T5966] ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 126.447600][ T5966] ? rt_spin_unlock+0x150/0x200
[ 126.447626][ T5966] ? rt_spin_unlock+0x161/0x200
[ 126.447652][ T5966] iput+0x830/0xc50
[ 126.447687][ T5966] ext4_xattr_block_set+0x1fce/0x2ac0
[ 126.447737][ T5966] ? __pfx_ext4_xattr_block_set+0x10/0x10
[ 126.447771][ T5966] ? ext4_xattr_block_find+0x2d4/0x350
[ 126.447807][ T5966] ext4_expand_extra_isize_ea+0x12da/0x1ea0
[ 126.447859][ T5966] __ext4_expand_extra_isize+0x30d/0x400
[ 126.447900][ T5966] __ext4_mark_inode_dirty+0x46c/0x700
[ 126.447933][ T5966] ext4_evict_inode+0x80d/0xee0
[ 126.447966][ T5966] ? __pfx_ext4_evict_inode+0x10/0x10
[ 126.447992][ T5966] ? rt_spin_unlock+0x150/0x200
[ 126.448019][ T5966] ? rt_spin_unlock+0x161/0x200
[ 126.448045][ T5966] ? __pfx_ext4_evict_inode+0x10/0x10
[ 126.448071][ T5966] evict+0x504/0x9c0
[ 126.448098][ T5966] ? __pfx_evict+0x10/0x10
[ 126.448120][ T5966] ? rt_spin_unlock+0x161/0x200
[ 126.448146][ T5966] ? iput+0x946/0xc50
[ 126.448181][ T5966] ext4_orphan_cleanup+0xc20/0x1460
[ 126.448215][ T5966] ? __pfx_ext4_orphan_cleanup+0x10/0x10
[ 126.448242][ T5966] ? ext4_register_li_request+0x640/0x720
[ 126.448267][ T5966] ? errseq_check_and_advance+0x66/0x120
[ 126.448302][ T5966] ext4_fill_super+0x593b/0x61f0
[ 126.448335][ T5966] ? __pfx_ext4_fill_super+0x10/0x10
[ 126.448356][ T5966] ? snprintf+0xda/0x120
[ 126.448379][ T5966] ? rt_spin_lock+0x1c1/0x3e0
[ 126.448406][ T5966] ? __pfx_snprintf+0x10/0x10
[ 126.448428][ T5966] ? set_blocksize+0x219/0x450
[ 126.448461][ T5966] ? rt_spin_unlock+0x150/0x200
[ 126.448488][ T5966] ? sb_set_blocksize+0x104/0x180
[ 126.448522][ T5966] ? setup_bdev_super+0x4c1/0x5b0
[ 126.448552][ T5966] get_tree_bdev_flags+0x40e/0x4d0
[ 126.448581][ T5966] ? __pfx_ext4_fill_super+0x10/0x10
[ 126.448603][ T5966] ? __pfx_get_tree_bdev_flags+0x10/0x10
[ 126.448631][ T5966] ? cap_capable+0x11f/0x460
[ 126.448652][ T5966] ? safesetid_security_capable+0xa9/0x1a0
[ 126.448677][ T5966] vfs_get_tree+0x92/0x2b0
[ 126.448706][ T5966] do_new_mount+0x302/0xa10
[ 126.448735][ T5966] ? safesetid_security_capable+0xa9/0x1a0
[ 126.448758][ T5966] ? __pfx_do_new_mount+0x10/0x10
[ 126.448788][ T5966] ? ns_capable+0x8a/0xf0
[ 126.448824][ T5966] __se_sys_mount+0x313/0x410
[ 126.448858][ T5966] ? __pfx___se_sys_mount+0x10/0x10
[ 126.448892][ T5966] ? do_syscall_64+0xbe/0xfa0
[ 126.448923][ T5966] ? __x64_sys_mount+0x20/0xc0
[ 126.448955][ T5966] do_syscall_64+0xfa/0xfa0
[ 126.448986][ T5966] ? lockdep_hardirqs_on+0x9c/0x150
[ 126.449017][ T5966] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 126.449039][ T5966] ? clear_bhb_loop+0x60/0xb0
[ 126.449064][ T5966] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 126.449086][ T5966] RIP: 0033:0x7fdc34820e6a
[ 126.449117][ T5966] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 126.449136][ T5966] RSP: 002b:00007ffe56066d98 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 126.449159][ T5966] RAX: ffffffffffffffda RBX: 00007ffe56066e20 RCX: 00007fdc34820e6a
[ 126.449175][ T5966] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007ffe56066de0
[ 126.449190][ T5966] RBP: 0000200000000180 R08: 00007ffe56066e20 R09: 0000000001a08700
[ 126.449205][ T5966] R10: 0000000001a08700 R11: 0000000000000246 R12: 00002000000001c0
[ 126.449220][ T5966] R13: 00007ffe56066de0 R14: 0000000000000470 R15: 0000200000000700
[ 126.449242][ T5966]
[ 126.472769][ T5966] ------------[ cut here ]------------
[ 126.472785][ T5966] EA inode 11 i_nlink=2
[ 126.473187][ T5966] WARNING: CPU: 1 PID: 5966 at fs/ext4/xattr.c:1058 ext4_xattr_inode_update_ref+0x51a/0x5b0
[ 126.473243][ T5966] Modules linked in:
[ 126.473266][ T5966] CPU: 1 UID: 0 PID: 5966 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 126.473294][ T5966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 126.473310][ T5966] RIP: 0010:ext4_xattr_inode_update_ref+0x51a/0x5b0
[ 126.473355][ T5966] Code: 48 b8 00 00 00 00 00 fc ff df 41 0f b6 04 06 84 c0 0f 85 80 00 00 00 41 8b 17 48 c7 c7 00 9b ff 8a 4c 89 e6 e8 d7 9a 03 ff 90 <0f> 0b 90 90 4c 8b 6c 24 28 e9 59 fe ff ff e8 73 06 41 08 44 89 f9
[ 126.473376][ T5966] RSP: 0018:ffffc90003fbf100 EFLAGS: 00010246
[ 126.473398][ T5966] RAX: 3c63e46ea4007e00 RBX: 0000000000000001 RCX: ffff888024f60000
[ 126.473417][ T5966] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 126.473432][ T5966] RBP: ffffc90003fbf1f8 R08: 0000000000000000 R09: 0000000000000000
[ 126.473447][ T5966] R10: dffffc0000000000 R11: ffffed101712487b R12: 000000000000000b
[ 126.473465][ T5966] R13: ffff8880571c1c00 R14: 1ffff1100ae38366 R15: ffff8880571c1b30
[ 126.473483][ T5966] FS: 000055556023c500(0000) GS:ffff888126ef9000(0000) knlGS:0000000000000000
[ 126.473504][ T5966] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 126.473522][ T5966] CR2: 00007ffc50f6ea4c CR3: 000000001e372000 CR4: 00000000003526f0
[ 126.473551][ T5966] Call Trace:
[ 126.473560][ T5966]
[ 126.473571][ T5966] ? __pfx_inode_set_ctime_to_ts+0x10/0x10
[ 126.473603][ T5966] ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10
[ 126.473644][ T5966] ? ext4_xattr_inode_iget+0x3d2/0x5f0
[ 126.473688][ T5966] ext4_xattr_set_entry+0xabb/0x1e20
[ 126.473736][ T5966] ext4_xattr_ibody_set+0x254/0x6a0
[ 126.473778][ T5966] ext4_expand_extra_isize_ea+0x13ad/0x1ea0
[ 126.473836][ T5966] __ext4_expand_extra_isize+0x30d/0x400
[ 126.473882][ T5966] __ext4_mark_inode_dirty+0x46c/0x700
[ 126.473921][ T5966] ext4_evict_inode+0x80d/0xee0
[ 126.473957][ T5966] ? __pfx_ext4_evict_inode+0x10/0x10
[ 126.473985][ T5966] ? rt_spin_unlock+0x150/0x200
[ 126.474016][ T5966] ? rt_spin_unlock+0x161/0x200
[ 126.474044][ T5966] ? __pfx_ext4_evict_inode+0x10/0x10
[ 126.474073][ T5966] evict+0x504/0x9c0
[ 126.474102][ T5966] ? __pfx_evict+0x10/0x10
[ 126.474128][ T5966] ? rt_spin_unlock+0x161/0x200
[ 126.474157][ T5966] ? iput+0x946/0xc50
[ 126.474195][ T5966] ext4_orphan_cleanup+0xc20/0x1460
[ 126.474231][ T5966] ? __pfx_ext4_orphan_cleanup+0x10/0x10
[ 126.474261][ T5966] ? ext4_register_li_request+0x640/0x720
[ 126.474287][ T5966] ? errseq_check_and_advance+0x66/0x120
[ 126.474320][ T5966] ext4_fill_super+0x593b/0x61f0
[ 126.474355][ T5966] ? __pfx_ext4_fill_super+0x10/0x10
[ 126.474378][ T5966] ? snprintf+0xda/0x120
[ 126.474401][ T5966] ? rt_spin_lock+0x1c1/0x3e0
[ 126.474432][ T5966] ? __pfx_snprintf+0x10/0x10
[ 126.474455][ T5966] ? set_blocksize+0x219/0x450
[ 126.474491][ T5966] ? rt_spin_unlock+0x150/0x200
[ 126.474523][ T5966] ? sb_set_blocksize+0x104/0x180
[ 126.474566][ T5966] ? setup_bdev_super+0x4c1/0x5b0
[ 126.474600][ T5966] get_tree_bdev_flags+0x40e/0x4d0
[ 126.474633][ T5966] ? __pfx_ext4_fill_super+0x10/0x10
[ 126.474657][ T5966] ? __pfx_get_tree_bdev_flags+0x10/0x10
[ 126.474690][ T5966] ? cap_capable+0x11f/0x460
[ 126.474714][ T5966] ? safesetid_security_capable+0xa9/0x1a0
[ 126.474744][ T5966] vfs_get_tree+0x92/0x2b0
[ 126.474775][ T5966] do_new_mount+0x302/0xa10
[ 126.474809][ T5966] ? safesetid_security_capable+0xa9/0x1a0
[ 126.474835][ T5966] ? __pfx_do_new_mount+0x10/0x10
[ 126.474868][ T5966] ? ns_capable+0x8a/0xf0
[ 126.474908][ T5966] __se_sys_mount+0x313/0x410
[ 126.474945][ T5966] ? __pfx___se_sys_mount+0x10/0x10
[ 126.474981][ T5966] ? do_syscall_64+0xbe/0xfa0
[ 126.475015][ T5966] ? __x64_sys_mount+0x20/0xc0
[ 126.475049][ T5966] do_syscall_64+0xfa/0xfa0
[ 126.475083][ T5966] ? lockdep_hardirqs_on+0x9c/0x150
[ 126.475118][ T5966] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 126.475142][ T5966] ? clear_bhb_loop+0x60/0xb0
[ 126.475169][ T5966] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 126.475194][ T5966] RIP: 0033:0x7fdc34820e6a
[ 126.475215][ T5966] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 126.475235][ T5966] RSP: 002b:00007ffe56066d98 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 126.475260][ T5966] RAX: ffffffffffffffda RBX: 00007ffe56066e20 RCX: 00007fdc34820e6a
[ 126.475279][ T5966] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007ffe56066de0
[ 126.475296][ T5966] RBP: 0000200000000180 R08: 00007ffe56066e20 R09: 0000000001a08700
[ 126.475313][ T5966] R10: 0000000001a08700 R11: 0000000000000246 R12: 00002000000001c0
[ 126.475330][ T5966] R13: 00007ffe56066de0 R14: 0000000000000470 R15: 0000200000000700
[ 126.475357][ T5966]
[ 126.475369][ T5966] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 126.475387][ T5966] CPU: 1 UID: 0 PID: 5966 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 126.475415][ T5966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 126.475430][ T5966] Call Trace:
[ 126.475439][ T5966]
[ 126.475449][ T5966] dump_stack_lvl+0x99/0x250
[ 126.475488][ T5966] ? __asan_memcpy+0x40/0x70
[ 126.475516][ T5966] ? __pfx_dump_stack_lvl+0x10/0x10
[ 126.475562][ T5966] ? __pfx__printk+0x10/0x10
[ 126.475598][ T5966] vpanic+0x237/0x6d0
[ 126.475621][ T5966] ? __pfx_vpanic+0x10/0x10
[ 126.475649][ T5966] panic+0xb9/0xc0
[ 126.475672][ T5966] ? __pfx_panic+0x10/0x10
[ 126.475703][ T5966] __warn+0x31b/0x4b0
[ 126.475726][ T5966] ? ext4_xattr_inode_update_ref+0x51a/0x5b0
[ 126.475767][ T5966] ? ext4_xattr_inode_update_ref+0x51a/0x5b0
[ 126.475808][ T5966] report_bug+0x2be/0x4f0
[ 126.475840][ T5966] ? ext4_xattr_inode_update_ref+0x51a/0x5b0
[ 126.475880][ T5966] ? ext4_xattr_inode_update_ref+0x51a/0x5b0
[ 126.475921][ T5966] ? ext4_xattr_inode_update_ref+0x51c/0x5b0
[ 126.475961][ T5966] handle_bug+0x84/0x160
[ 126.475985][ T5966] exc_invalid_op+0x1a/0x50
[ 126.476007][ T5966] asm_exc_invalid_op+0x1a/0x20
[ 126.476030][ T5966] RIP: 0010:ext4_xattr_inode_update_ref+0x51a/0x5b0
[ 126.476074][ T5966] Code: 48 b8 00 00 00 00 00 fc ff df 41 0f b6 04 06 84 c0 0f 85 80 00 00 00 41 8b 17 48 c7 c7 00 9b ff 8a 4c 89 e6 e8 d7 9a 03 ff 90 <0f> 0b 90 90 4c 8b 6c 24 28 e9 59 fe ff ff e8 73 06 41 08 44 89 f9
[ 126.476094][ T5966] RSP: 0018:ffffc90003fbf100 EFLAGS: 00010246
[ 126.476116][ T5966] RAX: 3c63e46ea4007e00 RBX: 0000000000000001 RCX: ffff888024f60000
[ 126.476135][ T5966] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 126.476148][ T5966] RBP: ffffc90003fbf1f8 R08: 0000000000000000 R09: 0000000000000000
[ 126.476165][ T5966] R10: dffffc0000000000 R11: ffffed101712487b R12: 000000000000000b
[ 126.476181][ T5966] R13: ffff8880571c1c00 R14: 1ffff1100ae38366 R15: ffff8880571c1b30
[ 126.476211][ T5966] ? __pfx_inode_set_ctime_to_ts+0x10/0x10
[ 126.476241][ T5966] ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10
[ 126.476282][ T5966] ? ext4_xattr_inode_iget+0x3d2/0x5f0
[ 126.476324][ T5966] ext4_xattr_set_entry+0xabb/0x1e20
[ 126.476372][ T5966] ext4_xattr_ibody_set+0x254/0x6a0
[ 126.476414][ T5966] ext4_expand_extra_isize_ea+0x13ad/0x1ea0
[ 126.476472][ T5966] __ext4_expand_extra_isize+0x30d/0x400
[ 126.476517][ T5966] __ext4_mark_inode_dirty+0x46c/0x700
[ 126.476562][ T5966] ext4_evict_inode+0x80d/0xee0
[ 126.476597][ T5966] ? __pfx_ext4_evict_inode+0x10/0x10
[ 126.476625][ T5966] ? rt_spin_unlock+0x150/0x200
[ 126.476656][ T5966] ? rt_spin_unlock+0x161/0x200
[ 126.476685][ T5966] ? __pfx_ext4_evict_inode+0x10/0x10
[ 126.476713][ T5966] evict+0x504/0x9c0
[ 126.476743][ T5966] ? __pfx_evict+0x10/0x10
[ 126.476768][ T5966] ? rt_spin_unlock+0x161/0x200
[ 126.476798][ T5966] ? iput+0x946/0xc50
[ 126.476836][ T5966] ext4_orphan_cleanup+0xc20/0x1460
[ 126.476874][ T5966] ? __pfx_ext4_orphan_cleanup+0x10/0x10
[ 126.476899][ T5966] ? ext4_register_li_request+0x640/0x720
[ 126.476923][ T5966] ? errseq_check_and_advance+0x66/0x120
[ 126.476948][ T5966] ext4_fill_super+0x593b/0x61f0
[ 126.476981][ T5966] ? __pfx_ext4_fill_super+0x10/0x10
[ 126.477002][ T5966] ? snprintf+0xda/0x120
[ 126.477024][ T5966] ? rt_spin_lock+0x1c1/0x3e0
[ 126.477051][ T5966] ? __pfx_snprintf+0x10/0x10
[ 126.477073][ T5966] ? set_blocksize+0x219/0x450
[ 126.477105][ T5966] ? rt_spin_unlock+0x150/0x200
[ 126.477133][ T5966] ? sb_set_blocksize+0x104/0x180
[ 126.477167][ T5966] ? setup_bdev_super+0x4c1/0x5b0
[ 126.477196][ T5966] get_tree_bdev_flags+0x40e/0x4d0
[ 126.477225][ T5966] ? __pfx_ext4_fill_super+0x10/0x10
[ 126.477247][ T5966] ? __pfx_get_tree_bdev_flags+0x10/0x10
[ 126.477276][ T5966] ? cap_capable+0x11f/0x460
[ 126.477296][ T5966] ? safesetid_security_capable+0xa9/0x1a0
[ 126.477322][ T5966] vfs_get_tree+0x92/0x2b0
[ 126.477354][ T5966] do_new_mount+0x302/0xa10
[ 126.477386][ T5966] ? safesetid_security_capable+0xa9/0x1a0
[ 126.477410][ T5966] ? __pfx_do_new_mount+0x10/0x10
[ 126.477439][ T5966] ? ns_capable+0x8a/0xf0
[ 126.477471][ T5966] __se_sys_mount+0x313/0x410
[ 126.477502][ T5966] ? __pfx___se_sys_mount+0x10/0x10
[ 126.477541][ T5966] ? do_syscall_64+0xbe/0xfa0
[ 126.477572][ T5966] ? __x64_sys_mount+0x20/0xc0
[ 126.477602][ T5966] do_syscall_64+0xfa/0xfa0
[ 126.477632][ T5966] ? lockdep_hardirqs_on+0x9c/0x150
[ 126.477662][ T5966] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 126.477683][ T5966] ? clear_bhb_loop+0x60/0xb0
[ 126.477708][ T5966] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 126.477730][ T5966] RIP: 0033:0x7fdc34820e6a
[ 126.477747][ T5966] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 126.477765][ T5966] RSP: 002b:00007ffe56066d98 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 126.477788][ T5966] RAX: ffffffffffffffda RBX: 00007ffe56066e20 RCX: 00007fdc34820e6a
[ 126.477804][ T5966] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007ffe56066de0
[ 126.477819][ T5966] RBP: 0000200000000180 R08: 00007ffe56066e20 R09: 0000000001a08700
[ 126.477835][ T5966] R10: 0000000001a08700 R11: 0000000000000246 R12: 00002000000001c0
[ 126.477850][ T5966] R13: 00007ffe56066de0 R14: 0000000000000470 R15: 0000200000000700
[ 126.477875][ T5966]
[ 126.478190][ T5966] Kernel Offset: disabled