Warning: Permanently added '10.128.1.32' (ED25519) to the list of known hosts. 1970/01/01 00:00:24 parsed 1 programs [ 25.737507][ T4326] cgroup: Unknown subsys name 'net' [ 26.006380][ T4326] cgroup: Unknown subsys name 'rlimit' [ 26.269621][ T4326] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 31.802530][ T4350] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 31.804810][ T4350] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 31.806713][ T4350] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 31.808148][ T4350] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 31.809550][ T4350] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 31.810725][ T4350] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 31.881281][ T1747] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 31.882445][ T1747] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 31.885009][ T254] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 31.894395][ T1747] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 31.895652][ T1747] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 31.897109][ T254] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 32.105583][ T4366] chnl_net:caif_netlink_parms(): no params data found [ 32.123327][ T4366] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.125249][ T4366] bridge0: port 1(bridge_slave_0) entered disabled state [ 32.126816][ T4366] device bridge_slave_0 entered promiscuous mode [ 32.129702][ T4366] bridge0: port 2(bridge_slave_1) entered blocking state [ 32.130828][ T4366] bridge0: port 2(bridge_slave_1) entered disabled state [ 32.132218][ T4366] device bridge_slave_1 entered promiscuous mode [ 32.139340][ T4366] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 32.141646][ T4366] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 32.149126][ T4366] team0: Port device team_slave_0 added [ 32.150869][ T4366] team0: Port device team_slave_1 added [ 32.156761][ T4366] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 32.157984][ T4366] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 32.161898][ T4366] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 32.164547][ T4366] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 32.165555][ T4366] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 32.169420][ T4366] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 32.225102][ T4366] device hsr_slave_0 entered promiscuous mode [ 32.264059][ T4366] device hsr_slave_1 entered promiscuous mode [ 32.338453][ T4366] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 32.366624][ T4366] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 32.405797][ T4366] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 32.455982][ T4366] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 32.524118][ T4366] bridge0: port 2(bridge_slave_1) entered blocking state [ 32.525260][ T4366] bridge0: port 2(bridge_slave_1) entered forwarding state [ 32.526481][ T4366] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.527578][ T4366] bridge0: port 1(bridge_slave_0) entered forwarding state [ 32.545686][ T4366] 8021q: adding VLAN 0 to HW filter on device bond0 [ 32.550208][ T1747] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 32.552201][ T1747] bridge0: port 1(bridge_slave_0) entered disabled state [ 32.554565][ T1747] bridge0: port 2(bridge_slave_1) entered disabled state [ 32.558927][ T4366] 8021q: adding VLAN 0 to HW filter on device team0 [ 32.562101][ T1747] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 32.563508][ T1747] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.564664][ T1747] bridge0: port 1(bridge_slave_0) entered forwarding state [ 32.598633][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 32.600091][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 32.601121][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 32.604156][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 32.606106][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 32.609067][ T1747] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 32.613238][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 32.614865][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 32.617191][ T4366] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 32.669993][ T4366] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 32.674765][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 32.675968][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 32.678950][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 32.685625][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 32.687298][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 32.688715][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 32.691160][ T4366] device veth0_vlan entered promiscuous mode [ 32.694228][ T4366] device veth1_vlan entered promiscuous mode [ 32.700524][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 32.701981][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 32.703638][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 32.706303][ T4366] device veth0_macvtap entered promiscuous mode [ 32.708473][ T4366] device veth1_macvtap entered promiscuous mode [ 32.714647][ T4366] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 32.715929][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 32.717739][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 32.720414][ T4366] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 32.721676][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 32.724635][ T4366] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.726052][ T4366] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.727359][ T4366] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 32.728669][ T4366] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 1970/01/01 00:00:33 executed programs: 0 [ 33.340151][ T4350] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 33.341616][ T4350] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 33.342891][ T4350] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 33.345071][ T4350] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 33.346523][ T4350] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 33.347764][ T4350] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 33.395020][ T4423] chnl_net:caif_netlink_parms(): no params data found [ 33.415762][ T4423] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.416910][ T4423] bridge0: port 1(bridge_slave_0) entered disabled state [ 33.418240][ T4423] device bridge_slave_0 entered promiscuous mode [ 33.420476][ T4423] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.421556][ T4423] bridge0: port 2(bridge_slave_1) entered disabled state [ 33.422975][ T4423] device bridge_slave_1 entered promiscuous mode [ 33.430215][ T4423] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 33.432494][ T4423] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 33.440119][ T4423] team0: Port device team_slave_0 added [ 33.441819][ T4423] team0: Port device team_slave_1 added [ 33.448274][ T4423] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 33.449365][ T4423] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 33.453219][ T4423] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 33.461217][ T4423] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 33.462276][ T4423] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 33.467445][ T4423] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 33.544819][ T4423] device hsr_slave_0 entered promiscuous mode [ 33.594239][ T4423] device hsr_slave_1 entered promiscuous mode [ 33.643935][ T4423] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 33.645172][ T4423] Cannot create hsr debugfs directory [ 33.725001][ T4423] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 35.354084][ T47] Bluetooth: hci0: command 0x0409 tx timeout [ 36.165591][ T4423] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 37.443869][ T47] Bluetooth: hci0: command 0x041b tx timeout [ 38.365849][ T4423] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 38.465511][ T4423] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 38.707357][ T4423] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 38.835676][ T4423] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 38.865126][ T4423] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 38.956443][ T4423] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 39.085279][ T4423] 8021q: adding VLAN 0 to HW filter on device bond0 [ 39.088597][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 39.090105][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 39.092747][ T4423] 8021q: adding VLAN 0 to HW filter on device team0 [ 39.095965][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 39.097494][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 39.098844][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.099926][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.101502][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 39.105033][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 39.106612][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 39.108032][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.109090][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.113713][ T9] device hsr_slave_0 left promiscuous mode [ 39.144338][ T9] device hsr_slave_1 left promiscuous mode [ 39.244034][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 39.245241][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 39.246875][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 39.247984][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 39.249348][ T9] device bridge_slave_1 left promiscuous mode [ 39.250450][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.314635][ T9] device bridge_slave_0 left promiscuous mode [ 39.315819][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.484059][ T9] device veth1_macvtap left promiscuous mode [ 39.485174][ T9] device veth0_macvtap left promiscuous mode [ 39.486081][ T9] device veth1_vlan left promiscuous mode [ 39.486981][ T9] device veth0_vlan left promiscuous mode [ 39.514020][ T47] Bluetooth: hci0: command 0x040f tx timeout [ 41.204932][ T9] team0 (unregistering): Port device team_slave_1 removed [ 41.364379][ T9] team0 (unregistering): Port device team_slave_0 removed [ 41.534988][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 41.603857][ T47] Bluetooth: hci0: command 0x0419 tx timeout [ 41.774325][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 44.384738][ T9] bond0 (unregistering): Released all slaves [ 44.595838][ T254] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 44.603315][ T4423] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 44.605106][ T4423] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 44.608625][ T249] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 44.610238][ T249] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 44.611917][ T249] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 44.613415][ T249] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 44.615002][ T249] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 44.616502][ T249] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 44.617832][ T249] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 44.619340][ T249] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 44.620949][ T249] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 44.622358][ T249] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 44.623772][ T249] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 44.675008][ T249] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 44.676228][ T249] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 44.679094][ T4423] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 44.683808][ T249] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 44.685933][ T249] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 44.691482][ T249] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 44.692894][ T249] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 44.694562][ T249] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 44.695907][ T249] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 44.698135][ T4423] device veth0_vlan entered promiscuous mode [ 44.701509][ T4423] device veth1_vlan entered promiscuous mode [ 44.708690][ T4449] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 44.710125][ T4449] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 44.711465][ T4449] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 44.713297][ T4449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 44.715739][ T4423] device veth0_macvtap entered promiscuous mode [ 44.717868][ T4423] device veth1_macvtap entered promiscuous mode [ 44.722988][ T4423] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 44.725743][ T4449] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 44.727091][ T4449] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 44.728459][ T4449] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 44.729919][ T4449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 44.732418][ T4423] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 44.733559][ T4449] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 44.736162][ T4449] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 44.738588][ T4423] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.739950][ T4423] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.741259][ T4423] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.742592][ T4423] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.764499][ T39] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 44.765678][ T39] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 44.767837][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 44.773359][ T39] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 44.775091][ T39] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 44.776845][ T4449] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 44.826080][ T4455] loop0: detected capacity change from 0 to 512 [ 44.835027][ T4455] [ 44.835411][ T4455] ====================================================== [ 44.836483][ T4455] WARNING: possible circular locking dependency detected [ 44.837495][ T4455] syzkaller #0 Not tainted [ 44.838230][ T4455] ------------------------------------------------------ [ 44.839336][ T4455] syz.0.17/4455 is trying to acquire lock: [ 44.840241][ T4455] ffff0000d42e8b98 (&sbi->s_writepages_rwsem){.+.+}-{0:0}, at: ext4_writepages+0x188/0x284c [ 44.841836][ T4455] [ 44.841836][ T4455] but task is already holding lock: [ 44.842978][ T4455] ffff0000e8ee94d8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x37c/0x790 [ 44.844511][ T4455] [ 44.844511][ T4455] which lock already depends on the new lock. [ 44.844511][ T4455] [ 44.846128][ T4455] [ 44.846128][ T4455] the existing dependency chain (in reverse order) is: [ 44.847574][ T4455] [ 44.847574][ T4455] -> #2 (&ei->xattr_sem){++++}-{3:3}: [ 44.848738][ T4455] down_read+0x64/0x304 [ 44.849487][ T4455] ext4_setattr+0x7c4/0x150c [ 44.850280][ T4455] notify_change+0xb0c/0xdcc [ 44.851066][ T4455] chown_common+0x414/0x574 [ 44.851883][ T4455] do_fchownat+0x158/0x268 [ 44.852697][ T4455] __arm64_sys_fchownat+0xb8/0xd4 [ 44.853501][ T4455] invoke_syscall+0x98/0x2bc [ 44.854323][ T4455] el0_svc_common+0x138/0x258 [ 44.855100][ T4455] do_el0_svc+0x58/0x13c [ 44.855852][ T4455] el0_svc+0x58/0x138 [ 44.856519][ T4455] el0t_64_sync_handler+0x84/0xf0 [ 44.857374][ T4455] el0t_64_sync+0x18c/0x190 [ 44.858182][ T4455] [ 44.858182][ T4455] -> #1 (jbd2_handle){.+.+}-{0:0}: [ 44.859370][ T4455] start_this_handle+0xfe0/0x122c [ 44.860313][ T4455] jbd2__journal_start+0x288/0x51c [ 44.861199][ T4455] __ext4_journal_start_sb+0x2fc/0x674 [ 44.862124][ T4455] ext4_writepages+0xa28/0x284c [ 44.862929][ T4455] do_writepages+0x2c0/0x4fc [ 44.863739][ T4455] __writeback_single_inode+0x164/0x157c [ 44.864682][ T4455] writeback_sb_inodes+0x824/0x1404 [ 44.865533][ T4455] __writeback_inodes_wb+0x110/0x394 [ 44.866406][ T4455] wb_writeback+0x414/0xfb0 [ 44.867113][ T4455] wb_workfn+0xac0/0xd98 [ 44.867760][ T4455] process_one_work+0x7f4/0x13a8 [ 44.868573][ T4455] worker_thread+0x8c8/0xfbc [ 44.869330][ T4455] kthread+0x250/0x2d8 [ 44.869963][ T4455] ret_from_fork+0x10/0x20 [ 44.870694][ T4455] [ 44.870694][ T4455] -> #0 (&sbi->s_writepages_rwsem){.+.+}-{0:0}: [ 44.871917][ T4455] __lock_acquire+0x293c/0x6544 [ 44.872839][ T4455] lock_acquire+0x20c/0x644 [ 44.873660][ T4455] percpu_down_read+0x70/0x2a8 [ 44.874474][ T4455] ext4_writepages+0x188/0x284c [ 44.875261][ T4455] do_writepages+0x2c0/0x4fc [ 44.876121][ T4455] __writeback_single_inode+0x164/0x157c [ 44.877057][ T4455] writeback_single_inode+0x1c0/0x720 [ 44.877944][ T4455] write_inode_now+0x144/0x1b0 [ 44.878776][ T4455] iput+0x5cc/0x7f4 [ 44.879448][ T4455] ext4_xattr_block_set+0x17a4/0x2810 [ 44.880301][ T4455] ext4_expand_extra_isize_ea+0xcb8/0x15cc [ 44.881203][ T4455] __ext4_expand_extra_isize+0x298/0x358 [ 44.882130][ T4455] __ext4_mark_inode_dirty+0x3e4/0x790 [ 44.883089][ T4455] ext4_evict_inode+0xb58/0x1270 [ 44.883898][ T4455] evict+0x3c8/0x810 [ 44.884573][ T4455] iput+0x764/0x7f4 [ 44.885230][ T4455] ext4_process_orphan+0x240/0x2b4 [ 44.886061][ T4455] ext4_orphan_cleanup+0x908/0x104c [ 44.886955][ T4455] ext4_fill_super+0x6920/0x6e34 [ 44.887759][ T4455] get_tree_bdev+0x358/0x544 [ 44.888567][ T4455] ext4_get_tree+0x28/0x38 [ 44.889325][ T4455] vfs_get_tree+0x90/0x274 [ 44.890110][ T4455] do_new_mount+0x228/0x810 [ 44.890890][ T4455] path_mount+0x5b4/0xe78 [ 44.891645][ T4455] __arm64_sys_mount+0x49c/0x584 [ 44.892509][ T4455] invoke_syscall+0x98/0x2bc [ 44.893271][ T4455] el0_svc_common+0x138/0x258 [ 44.894106][ T4455] do_el0_svc+0x58/0x13c [ 44.894768][ T4455] el0_svc+0x58/0x138 [ 44.895448][ T4455] el0t_64_sync_handler+0x84/0xf0 [ 44.896226][ T4455] el0t_64_sync+0x18c/0x190 [ 44.896977][ T4455] [ 44.896977][ T4455] other info that might help us debug this: [ 44.896977][ T4455] [ 44.898463][ T4455] Chain exists of: [ 44.898463][ T4455] &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem [ 44.898463][ T4455] [ 44.900430][ T4455] Possible unsafe locking scenario: [ 44.900430][ T4455] [ 44.901483][ T4455] CPU0 CPU1 [ 44.902246][ T4455] ---- ---- [ 44.903070][ T4455] lock(&ei->xattr_sem); [ 44.903745][ T4455] lock(jbd2_handle); [ 44.904796][ T4455] lock(&ei->xattr_sem); [ 44.905907][ T4455] lock(&sbi->s_writepages_rwsem); [ 44.906741][ T4455] [ 44.906741][ T4455] *** DEADLOCK *** [ 44.906741][ T4455] [ 44.908067][ T4455] 3 locks held by syz.0.17/4455: [ 44.908827][ T4455] #0: ffff0000d3f640e0 (&type->s_umount_key#26/1){+.+.}-{3:3}, at: alloc_super+0x1a4/0x804 [ 44.910406][ T4455] #1: ffff0000d3f64650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x3dc/0x1270 [ 44.911868][ T4455] #2: ffff0000e8ee94d8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x37c/0x790 [ 44.913526][ T4455] [ 44.913526][ T4455] stack backtrace: [ 44.914455][ T4455] CPU: 0 PID: 4455 Comm: syz.0.17 Not tainted syzkaller #0 [ 44.915561][ T4455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 44.917150][ T4455] Call trace: [ 44.917651][ T4455] dump_backtrace+0x1c8/0x1f4 [ 44.918446][ T4455] show_stack+0x2c/0x3c [ 44.919080][ T4455] __dump_stack+0x30/0x40 [ 44.919732][ T4455] dump_stack_lvl+0xf8/0x160 [ 44.920452][ T4455] dump_stack+0x1c/0x5c [ 44.921128][ T4455] print_circular_bug+0x148/0x1b0 [ 44.921891][ T4455] check_noncircular+0x240/0x2d4 [ 44.922638][ T4455] __lock_acquire+0x293c/0x6544 [ 44.923378][ T4455] lock_acquire+0x20c/0x644 [ 44.924115][ T4455] percpu_down_read+0x70/0x2a8 [ 44.924930][ T4455] ext4_writepages+0x188/0x284c [ 44.925753][ T4455] do_writepages+0x2c0/0x4fc [ 44.926530][ T4455] __writeback_single_inode+0x164/0x157c [ 44.927428][ T4455] writeback_single_inode+0x1c0/0x720 [ 44.928289][ T4455] write_inode_now+0x144/0x1b0 [ 44.929019][ T4455] iput+0x5cc/0x7f4 [ 44.929606][ T4455] ext4_xattr_block_set+0x17a4/0x2810 [ 44.930410][ T4455] ext4_expand_extra_isize_ea+0xcb8/0x15cc [ 44.931276][ T4455] __ext4_expand_extra_isize+0x298/0x358 [ 44.932149][ T4455] __ext4_mark_inode_dirty+0x3e4/0x790 [ 44.933016][ T4455] ext4_evict_inode+0xb58/0x1270 [ 44.933779][ T4455] evict+0x3c8/0x810 [ 44.934422][ T4455] iput+0x764/0x7f4 [ 44.934980][ T4455] ext4_process_orphan+0x240/0x2b4 [ 44.935783][ T4455] ext4_orphan_cleanup+0x908/0x104c [ 44.936574][ T4455] ext4_fill_super+0x6920/0x6e34 [ 44.937306][ T4455] get_tree_bdev+0x358/0x544 [ 44.937987][ T4455] ext4_get_tree+0x28/0x38 [ 44.938645][ T4455] vfs_get_tree+0x90/0x274 [ 44.939306][ T4455] do_new_mount+0x228/0x810 [ 44.939960][ T4455] path_mount+0x5b4/0xe78 [ 44.940636][ T4455] __arm64_sys_mount+0x49c/0x584 [ 44.941416][ T4455] invoke_syscall+0x98/0x2bc [ 44.942175][ T4455] el0_svc_common+0x138/0x258 [ 44.942921][ T4455] do_el0_svc+0x58/0x13c [ 44.943562][ T4455] el0_svc+0x58/0x138 [ 44.944160][ T4455] el0t_64_sync_handler+0x84/0xf0 [ 44.944896][ T4455] el0t_64_sync+0x18c/0x190 [ 44.947618][ T4455] ------------[ cut here ]------------ [ 44.948558][ T4455] EA inode 11 i_nlink=2 [ 44.948622][ T4455] WARNING: CPU: 1 PID: 4455 at fs/ext4/xattr.c:1021 ext4_xattr_inode_update_ref+0x468/0x4ac [ 44.950951][ T4455] Modules linked in: [ 44.951543][ T4455] CPU: 1 PID: 4455 Comm: syz.0.17 Not tainted syzkaller #0 [ 44.952725][ T4455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 44.954375][ T4455] pstate: 62400005 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 44.955608][ T4455] pc : ext4_xattr_inode_update_ref+0x468/0x4ac [ 44.956587][ T4455] lr : ext4_xattr_inode_update_ref+0x464/0x4ac [ 44.957560][ T4455] sp : ffff800021336e80 [ 44.958190][ T4455] x29: ffff800021336f00 x28: 0000000000000000 x27: dfff800000000000 [ 44.959541][ T4455] x26: 1fffe0001d1ac599 x25: ffff700004266dd0 x24: 0000000000000000 [ 44.960823][ T4455] x23: ffff800017a8b000 x22: ffff800021336e80 x21: 0000000000000002 [ 44.962071][ T4455] x20: 0000000000000001 x19: ffff0000e8d62ad0 x18: ffff800011abbcc0 [ 44.963277][ T4455] x17: 0000000000000000 x16: ffff800008042c8c x15: 0000000000000000 [ 44.964494][ T4455] x14: 00000000ffffffff x13: 0000000000000001 x12: 0000000000ff0100 [ 44.965769][ T4455] x11: ff00800008191ca8 x10: 0000000000000000 x9 : 142a177ba0e76b00 [ 44.967004][ T4455] x8 : 142a177ba0e76b00 x7 : 0000000000000001 x6 : 0000000000000001 [ 44.968389][ T4455] x5 : ffff800021336918 x4 : ffff8000151a4820 x3 : ffff800008311d00 [ 44.969747][ T4455] x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000 [ 44.971050][ T4455] Call trace: [ 44.971555][ T4455] ext4_xattr_inode_update_ref+0x468/0x4ac [ 44.972524][ T4455] ext4_xattr_set_entry+0x918/0x15ac [ 44.973345][ T4455] ext4_xattr_ibody_set+0x204/0x600 [ 44.974133][ T4455] ext4_expand_extra_isize_ea+0xd00/0x15cc [ 44.975061][ T4455] __ext4_expand_extra_isize+0x298/0x358 [ 44.975925][ T4455] __ext4_mark_inode_dirty+0x3e4/0x790 [ 44.976714][ T4455] ext4_evict_inode+0xb58/0x1270 [ 44.977497][ T4455] evict+0x3c8/0x810 [ 44.978096][ T4455] iput+0x764/0x7f4 [ 44.978710][ T4455] ext4_process_orphan+0x240/0x2b4 [ 44.979543][ T4455] ext4_orphan_cleanup+0x908/0x104c [ 44.980359][ T4455] ext4_fill_super+0x6920/0x6e34 [ 44.981148][ T4455] get_tree_bdev+0x358/0x544 [ 44.981898][ T4455] ext4_get_tree+0x28/0x38 [ 44.982617][ T4455] vfs_get_tree+0x90/0x274 [ 44.983368][ T4455] do_new_mount+0x228/0x810 [ 44.984103][ T4455] path_mount+0x5b4/0xe78 [ 44.984765][ T4455] __arm64_sys_mount+0x49c/0x584 [ 44.985529][ T4455] invoke_syscall+0x98/0x2bc [ 44.986191][ T4455] el0_svc_common+0x138/0x258 [ 44.986883][ T4455] do_el0_svc+0x58/0x13c [ 44.987499][ T4455] el0_svc+0x58/0x138 [ 44.988106][ T4455] el0t_64_sync_handler+0x84/0xf0 [ 44.988853][ T4455] el0t_64_sync+0x18c/0x190 [ 44.989538][ T4455] irq event stamp: 5335 [ 44.990178][ T4455] hardirqs last enabled at (5335): [] _raw_spin_unlock_irqrestore+0x48/0xac [ 44.991635][ T4455] hardirqs last disabled at (5334): [] _raw_spin_lock_irqsave+0xa4/0xb4 [ 44.993031][ T4455] softirqs last enabled at (5050): [] handle_softirqs+0xaf8/0xc6c [ 44.994373][ T4455] softirqs last disabled at (4983): [] __do_softirq+0x14/0x20 [ 44.995712][ T4455] ---[ end trace 0000000000000000 ]--- [ 44.998348][ T4455] EXT4-fs (loop0): 1 orphan inode deleted [ 44.999233][ T4455] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 45.005746][ T4423] EXT4-fs (loop0): unmounting filesystem.