Warning: Permanently added '10.128.1.174' (ED25519) to the list of known hosts. 1970/01/01 00:00:28 parsed 1 programs [ 29.498271][ T4327] cgroup: Unknown subsys name 'net' [ 29.706770][ T4327] cgroup: Unknown subsys name 'rlimit' [ 29.990130][ T4327] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 38.873307][ T374] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 38.880486][ T374] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 38.882428][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 38.888298][ T374] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 38.889530][ T374] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 38.891128][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 39.310899][ T4364] chnl_net:caif_netlink_parms(): no params data found [ 39.331977][ T4364] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.333312][ T4364] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.335792][ T4364] device bridge_slave_0 entered promiscuous mode [ 39.338147][ T4364] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.339351][ T4364] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.340880][ T4364] device bridge_slave_1 entered promiscuous mode [ 39.348550][ T4364] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 39.351356][ T4364] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 39.358626][ T4364] team0: Port device team_slave_0 added [ 39.360690][ T4364] team0: Port device team_slave_1 added [ 39.366762][ T4364] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 39.367956][ T4364] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.371976][ T4364] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 39.377083][ T4364] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 39.378247][ T4364] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.382002][ T4364] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 39.445542][ T4364] device hsr_slave_0 entered promiscuous mode [ 39.494342][ T4364] device hsr_slave_1 entered promiscuous mode [ 39.580214][ T4364] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 39.626665][ T4364] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 39.655896][ T4364] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 39.696718][ T4364] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 39.745879][ T4364] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.747091][ T4364] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.748413][ T4364] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.749513][ T4364] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.767140][ T4364] 8021q: adding VLAN 0 to HW filter on device bond0 [ 39.771806][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 39.774032][ T4371] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.777648][ T4371] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.806093][ T4364] 8021q: adding VLAN 0 to HW filter on device team0 [ 39.811830][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 39.813655][ T4371] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.814800][ T4371] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.816452][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 39.818127][ T4371] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.819249][ T4371] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.830698][ T4364] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 39.832353][ T4364] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 39.837234][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 39.839190][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 39.840691][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 39.842651][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 39.845941][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 39.849973][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 39.906030][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 39.907385][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 39.910610][ T4364] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 39.918005][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 39.919657][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 39.929063][ T4364] device veth0_vlan entered promiscuous mode [ 39.932918][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 39.935142][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 39.936719][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 39.938238][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 39.942525][ T4364] device veth1_vlan entered promiscuous mode [ 39.950325][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 39.951820][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 39.953214][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 39.960312][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 39.962577][ T4364] device veth0_macvtap entered promiscuous mode [ 39.965622][ T4364] device veth1_macvtap entered promiscuous mode [ 39.971278][ T4364] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 39.972468][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 39.974077][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 39.976925][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 39.978304][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 39.981395][ T4364] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 39.983411][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 39.985347][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 39.988055][ T4364] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.989482][ T4364] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.990917][ T4364] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.992308][ T4364] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.293925][ T4406] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 40.295840][ T4406] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 40.297199][ T4406] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 40.298579][ T4406] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 40.299920][ T4406] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 40.301100][ T4406] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 1970/01/01 00:00:40 executed programs: 0 [ 40.995731][ T47] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 40.997139][ T47] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 40.998392][ T47] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 40.999771][ T47] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 41.001243][ T47] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 41.002424][ T47] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 41.387098][ T4431] chnl_net:caif_netlink_parms(): no params data found [ 41.404449][ T4431] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.405580][ T4431] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.407039][ T4431] device bridge_slave_0 entered promiscuous mode [ 41.409461][ T4431] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.410652][ T4431] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.412187][ T4431] device bridge_slave_1 entered promiscuous mode [ 41.711782][ T4431] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 41.716312][ T4431] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 41.725857][ T4431] team0: Port device team_slave_0 added [ 41.727604][ T4431] team0: Port device team_slave_1 added [ 41.734220][ T4431] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 41.735282][ T4431] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.739121][ T4431] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 41.741528][ T4431] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 41.742518][ T4431] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.747575][ T4431] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 41.845232][ T4431] device hsr_slave_0 entered promiscuous mode [ 41.894609][ T4431] device hsr_slave_1 entered promiscuous mode [ 41.964226][ T4431] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 41.965502][ T4431] Cannot create hsr debugfs directory [ 42.335728][ T4431] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 43.044485][ T47] Bluetooth: hci0: command 0x0409 tx timeout [ 45.114397][ T47] Bluetooth: hci0: command 0x041b tx timeout [ 45.415120][ T4431] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 45.495326][ T4431] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 45.576048][ T4431] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 45.887411][ T4431] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 45.975922][ T4431] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 46.076118][ T4431] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 46.135673][ T4431] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 46.247037][ T4431] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.250455][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 46.251961][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 46.254783][ T4431] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.257025][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 46.258707][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.260174][ T1606] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.261293][ T1606] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.263215][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 46.267599][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 46.269076][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 46.270407][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.271401][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.308131][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 46.311511][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 46.314633][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 46.316734][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 46.318176][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 46.320632][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 46.322239][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 46.324862][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 46.326303][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 46.329579][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 46.331145][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 46.333494][ T4431] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 46.401218][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 46.402487][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 46.406600][ T4431] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.411909][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 46.413603][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 46.441960][ T4431] device veth0_vlan entered promiscuous mode [ 46.445725][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 46.447404][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 46.449068][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 46.450408][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 46.452098][ T4431] device veth1_vlan entered promiscuous mode [ 46.459022][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 46.460460][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 46.461883][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 46.463316][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 46.466518][ T4431] device veth0_macvtap entered promiscuous mode [ 46.468815][ T4431] device veth1_macvtap entered promiscuous mode [ 46.472895][ T4431] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.474862][ T4431] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.476948][ T4431] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 46.478179][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 46.479742][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 46.481177][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 46.482764][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 46.486264][ T4431] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.487913][ T4431] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.489745][ T4431] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 46.493128][ T39] device hsr_slave_0 left promiscuous mode [ 46.544302][ T39] device hsr_slave_1 left promiscuous mode [ 46.654442][ T39] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 46.655690][ T39] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 46.657371][ T39] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 46.658516][ T39] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 46.659889][ T39] device bridge_slave_1 left promiscuous mode [ 46.661304][ T39] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.705134][ T39] device bridge_slave_0 left promiscuous mode [ 46.706171][ T39] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.874444][ T39] device veth1_macvtap left promiscuous mode [ 46.875546][ T39] device veth0_macvtap left promiscuous mode [ 46.876873][ T39] device veth1_vlan left promiscuous mode [ 46.877910][ T39] device veth0_vlan left promiscuous mode [ 47.194442][ T47] Bluetooth: hci0: command 0x040f tx timeout [ 48.717238][ T39] team0 (unregistering): Port device team_slave_1 removed [ 48.895709][ T39] team0 (unregistering): Port device team_slave_0 removed [ 49.075220][ T39] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 49.274139][ T4406] Bluetooth: hci0: command 0x0419 tx timeout [ 49.304532][ T39] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 51.865689][ T39] bond0 (unregistering): Released all slaves [ 52.077109][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 52.078808][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 52.081382][ T4431] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.082857][ T4431] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.084243][ T4431] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.085496][ T4431] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.110728][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 52.111946][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 52.113624][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 52.125096][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 52.126458][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 52.128225][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 52.155216][ T4463] loop0: detected capacity change from 0 to 512 [ 52.177329][ T4463] [ 52.177776][ T4463] ====================================================== [ 52.178944][ T4463] WARNING: possible circular locking dependency detected [ 52.180121][ T4463] syzkaller #0 Not tainted [ 52.180738][ T4463] ------------------------------------------------------ [ 52.181792][ T4463] syz.0.17/4463 is trying to acquire lock: [ 52.182596][ T4463] ffff0000d4494b98 (&sbi->s_writepages_rwsem){.+.+}-{0:0}, at: ext4_writepages+0x188/0x284c [ 52.184105][ T4463] [ 52.184105][ T4463] but task is already holding lock: [ 52.185198][ T4463] ffff0000ea2d0ad0 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x37c/0x790 [ 52.186632][ T4463] [ 52.186632][ T4463] which lock already depends on the new lock. [ 52.186632][ T4463] [ 52.188154][ T4463] [ 52.188154][ T4463] the existing dependency chain (in reverse order) is: [ 52.189495][ T4463] [ 52.189495][ T4463] -> #2 (&ei->xattr_sem){++++}-{3:3}: [ 52.190586][ T4463] down_read+0x64/0x304 [ 52.191390][ T4463] ext4_setattr+0x7c4/0x150c [ 52.192201][ T4463] notify_change+0xb0c/0xdcc [ 52.192988][ T4463] chown_common+0x414/0x574 [ 52.193812][ T4463] do_fchownat+0x158/0x268 [ 52.194670][ T4463] __arm64_sys_fchownat+0xb8/0xd4 [ 52.195586][ T4463] invoke_syscall+0x98/0x2bc [ 52.196410][ T4463] el0_svc_common+0x138/0x258 [ 52.197211][ T4463] do_el0_svc+0x58/0x13c [ 52.197952][ T4463] el0_svc+0x58/0x138 [ 52.198702][ T4463] el0t_64_sync_handler+0x84/0xf0 [ 52.199593][ T4463] el0t_64_sync+0x18c/0x190 [ 52.200383][ T4463] [ 52.200383][ T4463] -> #1 (jbd2_handle){++++}-{0:0}: [ 52.201511][ T4463] start_this_handle+0xfe0/0x122c [ 52.202476][ T4463] jbd2__journal_start+0x288/0x51c [ 52.203454][ T4463] __ext4_journal_start_sb+0x2fc/0x674 [ 52.204450][ T4463] ext4_writepages+0xa28/0x284c [ 52.205316][ T4463] do_writepages+0x2c0/0x4fc [ 52.206128][ T4463] __writeback_single_inode+0x164/0x157c [ 52.207090][ T4463] writeback_sb_inodes+0x824/0x1404 [ 52.208003][ T4463] __writeback_inodes_wb+0x110/0x394 [ 52.208957][ T4463] wb_writeback+0x414/0xfb0 [ 52.209764][ T4463] wb_workfn+0xac0/0xd98 [ 52.210529][ T4463] process_one_work+0x7f4/0x13a8 [ 52.211348][ T4463] worker_thread+0x8c8/0xfbc [ 52.212061][ T4463] kthread+0x250/0x2d8 [ 52.212727][ T4463] ret_from_fork+0x10/0x20 [ 52.213520][ T4463] [ 52.213520][ T4463] -> #0 (&sbi->s_writepages_rwsem){.+.+}-{0:0}: [ 52.214863][ T4463] __lock_acquire+0x293c/0x6544 [ 52.215730][ T4463] lock_acquire+0x20c/0x644 [ 52.216533][ T4463] percpu_down_read+0x70/0x2a8 [ 52.217372][ T4463] ext4_writepages+0x188/0x284c [ 52.218249][ T4463] do_writepages+0x2c0/0x4fc [ 52.219092][ T4463] __writeback_single_inode+0x164/0x157c [ 52.220091][ T4463] writeback_single_inode+0x1c0/0x720 [ 52.221022][ T4463] write_inode_now+0x144/0x1b0 [ 52.221883][ T4463] iput+0x5cc/0x7f4 [ 52.222609][ T4463] ext4_xattr_block_set+0x17a4/0x2810 [ 52.223574][ T4463] ext4_expand_extra_isize_ea+0xcb8/0x15cc [ 52.224614][ T4463] __ext4_expand_extra_isize+0x298/0x358 [ 52.225586][ T4463] __ext4_mark_inode_dirty+0x3e4/0x790 [ 52.226461][ T4463] ext4_evict_inode+0xb58/0x1270 [ 52.227368][ T4463] evict+0x3c8/0x810 [ 52.228049][ T4463] iput+0x764/0x7f4 [ 52.228654][ T4463] ext4_process_orphan+0x240/0x2b4 [ 52.229549][ T4463] ext4_orphan_cleanup+0x908/0x104c [ 52.230425][ T4463] ext4_fill_super+0x6920/0x6e34 [ 52.231396][ T4463] get_tree_bdev+0x358/0x544 [ 52.232275][ T4463] ext4_get_tree+0x28/0x38 [ 52.232999][ T4463] vfs_get_tree+0x90/0x274 [ 52.233847][ T4463] do_new_mount+0x228/0x810 [ 52.234625][ T4463] path_mount+0x5b4/0xe78 [ 52.235454][ T4463] __arm64_sys_mount+0x49c/0x584 [ 52.236306][ T4463] invoke_syscall+0x98/0x2bc [ 52.237140][ T4463] el0_svc_common+0x138/0x258 [ 52.237941][ T4463] do_el0_svc+0x58/0x13c [ 52.238627][ T4463] el0_svc+0x58/0x138 [ 52.239374][ T4463] el0t_64_sync_handler+0x84/0xf0 [ 52.240305][ T4463] el0t_64_sync+0x18c/0x190 [ 52.241074][ T4463] [ 52.241074][ T4463] other info that might help us debug this: [ 52.241074][ T4463] [ 52.242570][ T4463] Chain exists of: [ 52.242570][ T4463] &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem [ 52.242570][ T4463] [ 52.244456][ T4463] Possible unsafe locking scenario: [ 52.244456][ T4463] [ 52.245510][ T4463] CPU0 CPU1 [ 52.246299][ T4463] ---- ---- [ 52.247160][ T4463] lock(&ei->xattr_sem); [ 52.247862][ T4463] lock(jbd2_handle); [ 52.248929][ T4463] lock(&ei->xattr_sem); [ 52.249996][ T4463] lock(&sbi->s_writepages_rwsem); [ 52.250876][ T4463] [ 52.250876][ T4463] *** DEADLOCK *** [ 52.250876][ T4463] [ 52.252119][ T4463] 3 locks held by syz.0.17/4463: [ 52.252899][ T4463] #0: ffff0000d44920e0 (&type->s_umount_key#26/1){+.+.}-{3:3}, at: alloc_super+0x1a4/0x804 [ 52.254655][ T4463] #1: ffff0000d4492650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x3dc/0x1270 [ 52.256205][ T4463] #2: ffff0000ea2d0ad0 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x37c/0x790 [ 52.257922][ T4463] [ 52.257922][ T4463] stack backtrace: [ 52.258854][ T4463] CPU: 1 PID: 4463 Comm: syz.0.17 Not tainted syzkaller #0 [ 52.260070][ T4463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 52.261740][ T4463] Call trace: [ 52.262264][ T4463] dump_backtrace+0x1c8/0x1f4 [ 52.263016][ T4463] show_stack+0x2c/0x3c [ 52.263681][ T4463] __dump_stack+0x30/0x40 [ 52.264338][ T4463] dump_stack_lvl+0xf8/0x160 [ 52.264994][ T4463] dump_stack+0x1c/0x5c [ 52.265579][ T4463] print_circular_bug+0x148/0x1b0 [ 52.266306][ T4463] check_noncircular+0x240/0x2d4 [ 52.267072][ T4463] __lock_acquire+0x293c/0x6544 [ 52.267767][ T4463] lock_acquire+0x20c/0x644 [ 52.268437][ T4463] percpu_down_read+0x70/0x2a8 [ 52.269128][ T4463] ext4_writepages+0x188/0x284c [ 52.269870][ T4463] do_writepages+0x2c0/0x4fc [ 52.270582][ T4463] __writeback_single_inode+0x164/0x157c [ 52.271386][ T4463] writeback_single_inode+0x1c0/0x720 [ 52.272245][ T4463] write_inode_now+0x144/0x1b0 [ 52.272913][ T4463] iput+0x5cc/0x7f4 [ 52.273485][ T4463] ext4_xattr_block_set+0x17a4/0x2810 [ 52.274370][ T4463] ext4_expand_extra_isize_ea+0xcb8/0x15cc [ 52.275305][ T4463] __ext4_expand_extra_isize+0x298/0x358 [ 52.276316][ T4463] __ext4_mark_inode_dirty+0x3e4/0x790 [ 52.277224][ T4463] ext4_evict_inode+0xb58/0x1270 [ 52.278023][ T4463] evict+0x3c8/0x810 [ 52.278659][ T4463] iput+0x764/0x7f4 [ 52.279246][ T4463] ext4_process_orphan+0x240/0x2b4 [ 52.280088][ T4463] ext4_orphan_cleanup+0x908/0x104c [ 52.280950][ T4463] ext4_fill_super+0x6920/0x6e34 [ 52.281770][ T4463] get_tree_bdev+0x358/0x544 [ 52.282587][ T4463] ext4_get_tree+0x28/0x38 [ 52.283354][ T4463] vfs_get_tree+0x90/0x274 [ 52.284101][ T4463] do_new_mount+0x228/0x810 [ 52.284842][ T4463] path_mount+0x5b4/0xe78 [ 52.285579][ T4463] __arm64_sys_mount+0x49c/0x584 [ 52.286396][ T4463] invoke_syscall+0x98/0x2bc [ 52.287132][ T4463] el0_svc_common+0x138/0x258 [ 52.287912][ T4463] do_el0_svc+0x58/0x13c [ 52.288648][ T4463] el0_svc+0x58/0x138 [ 52.289326][ T4463] el0t_64_sync_handler+0x84/0xf0 [ 52.290212][ T4463] el0t_64_sync+0x18c/0x190 [ 52.292313][ T4463] ------------[ cut here ]------------ [ 52.293205][ T4463] EA inode 11 i_nlink=2 [ 52.293280][ T4463] WARNING: CPU: 1 PID: 4463 at fs/ext4/xattr.c:1021 ext4_xattr_inode_update_ref+0x468/0x4ac [ 52.295219][ T4463] Modules linked in: [ 52.295806][ T4463] CPU: 1 PID: 4463 Comm: syz.0.17 Not tainted syzkaller #0 [ 52.296750][ T4463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 52.298148][ T4463] pstate: 62400005 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 52.299309][ T4463] pc : ext4_xattr_inode_update_ref+0x468/0x4ac [ 52.300371][ T4463] lr : ext4_xattr_inode_update_ref+0x464/0x4ac [ 52.301354][ T4463] sp : ffff800020bd6e80 [ 52.302055][ T4463] x29: ffff800020bd6f00 x28: 0000000000000000 x27: dfff800000000000 [ 52.303371][ T4463] x26: 1fffe0001d42695c x25: ffff70000417add0 x24: 0000000000000000 [ 52.304664][ T4463] x23: ffff800017a8a000 x22: ffff800020bd6e80 x21: 0000000000000002 [ 52.305920][ T4463] x20: 0000000000000001 x19: ffff0000ea1348e8 x18: ffff800011abbcc0 [ 52.307247][ T4463] x17: 0000000000000000 x16: ffff800008042c8c x15: 0000000000000000 [ 52.308576][ T4463] x14: 00000000ffffffff x13: 0000000000000001 x12: 0000000000ff0100 [ 52.309863][ T4463] x11: ff00800008191ca8 x10: 0000000000000000 x9 : 652d0105eecfa900 [ 52.311121][ T4463] x8 : 652d0105eecfa900 x7 : 0000000000000001 x6 : 0000000000000001 [ 52.312387][ T4463] x5 : ffff800020bd6918 x4 : ffff8000151a4820 x3 : ffff800008311d00 [ 52.313590][ T4463] x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000 [ 52.314885][ T4463] Call trace: [ 52.315397][ T4463] ext4_xattr_inode_update_ref+0x468/0x4ac [ 52.316315][ T4463] ext4_xattr_set_entry+0x918/0x15ac [ 52.317191][ T4463] ext4_xattr_ibody_set+0x204/0x600 [ 52.317953][ T4463] ext4_expand_extra_isize_ea+0xd00/0x15cc [ 52.318876][ T4463] __ext4_expand_extra_isize+0x298/0x358 [ 52.319759][ T4463] __ext4_mark_inode_dirty+0x3e4/0x790 [ 52.320578][ T4463] ext4_evict_inode+0xb58/0x1270 [ 52.321258][ T4463] evict+0x3c8/0x810 [ 52.321907][ T4463] iput+0x764/0x7f4 [ 52.322454][ T4463] ext4_process_orphan+0x240/0x2b4 [ 52.323298][ T4463] ext4_orphan_cleanup+0x908/0x104c [ 52.324148][ T4463] ext4_fill_super+0x6920/0x6e34 [ 52.324948][ T4463] get_tree_bdev+0x358/0x544 [ 52.325684][ T4463] ext4_get_tree+0x28/0x38 [ 52.326337][ T4463] vfs_get_tree+0x90/0x274 [ 52.326972][ T4463] do_new_mount+0x228/0x810 [ 52.327655][ T4463] path_mount+0x5b4/0xe78 [ 52.328281][ T4463] __arm64_sys_mount+0x49c/0x584 [ 52.328958][ T4463] invoke_syscall+0x98/0x2bc [ 52.329580][ T4463] el0_svc_common+0x138/0x258 [ 52.330246][ T4463] do_el0_svc+0x58/0x13c [ 52.330890][ T4463] el0_svc+0x58/0x138 [ 52.331508][ T4463] el0t_64_sync_handler+0x84/0xf0 [ 52.332297][ T4463] el0t_64_sync+0x18c/0x190 [ 52.333006][ T4463] irq event stamp: 4435 [ 52.333658][ T4463] hardirqs last enabled at (4435): [] _raw_spin_unlock_irqrestore+0x48/0xac [ 52.335227][ T4463] hardirqs last disabled at (4434): [] _raw_spin_lock_irqsave+0xa4/0xb4 [ 52.336664][ T4463] softirqs last enabled at (2524): [] handle_softirqs+0xaf8/0xc6c [ 52.338007][ T4463] softirqs last disabled at (2497): [] __do_softirq+0x14/0x20 [ 52.339346][ T4463] ---[ end trace 0000000000000000 ]--- [ 52.341757][ T4463] EXT4-fs (loop0): 1 orphan inode deleted [ 52.342669][ T4463] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 52.352492][ T4431] EXT4-fs (loop0): unmounting filesystem.