Warning: Permanently added '10.128.0.159' (ED25519) to the list of known hosts. 2025/11/26 10:18:28 parsed 1 programs [ 70.624352][ T4187] cgroup: Unknown subsys name 'net' [ 70.738631][ T4187] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 71.236238][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.242824][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 72.305133][ T4187] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 73.983773][ T392] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.991775][ T392] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.006563][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 74.023309][ T392] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.031265][ T392] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.040012][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 75.009665][ T4230] chnl_net:caif_netlink_parms(): no params data found [ 75.079218][ T4230] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.087037][ T4230] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.095792][ T4230] device bridge_slave_0 entered promiscuous mode [ 75.105841][ T4230] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.113048][ T4230] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.121670][ T4230] device bridge_slave_1 entered promiscuous mode [ 75.150825][ T4230] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 75.162803][ T4230] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 75.193664][ T4230] team0: Port device team_slave_0 added [ 75.204091][ T4230] team0: Port device team_slave_1 added [ 75.230659][ T4230] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 75.237799][ T4230] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.265359][ T4230] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 75.278791][ T4230] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 75.286327][ T4230] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.312603][ T4230] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 75.352682][ T4230] device hsr_slave_0 entered promiscuous mode [ 75.359584][ T4230] device hsr_slave_1 entered promiscuous mode [ 75.488205][ T4230] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 75.500735][ T4230] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 75.510857][ T4230] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 75.521038][ T4230] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 75.549228][ T4230] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.556441][ T4230] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.564148][ T4230] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.571207][ T4230] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.651988][ T4230] 8021q: adding VLAN 0 to HW filter on device bond0 [ 75.674002][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 75.701997][ T154] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.718426][ T154] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.733735][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 75.765373][ T4230] 8021q: adding VLAN 0 to HW filter on device team0 [ 75.777640][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 75.786971][ T154] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.794104][ T154] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.814920][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 75.823435][ T154] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.830482][ T154] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.840185][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 75.857796][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 75.866443][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 75.875283][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 75.885214][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 75.897212][ T4230] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 75.998788][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 76.006710][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 76.034609][ T4230] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 76.054033][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 76.063183][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 76.095137][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 76.103995][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 76.112577][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 76.120376][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 76.150824][ T4230] device veth0_vlan entered promiscuous mode [ 76.161968][ T4230] device veth1_vlan entered promiscuous mode [ 76.195680][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 76.203850][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 76.211772][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 76.221537][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 76.234683][ T4230] device veth0_macvtap entered promiscuous mode [ 76.257970][ T4230] device veth1_macvtap entered promiscuous mode [ 76.273189][ T4230] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 76.281619][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 76.290663][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 76.298923][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 76.308171][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 76.320961][ T4230] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 76.330919][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 76.339976][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 76.352067][ T4230] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.363454][ T4230] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.372226][ T4230] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.381439][ T4230] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.271132][ T144] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 2025/11/26 10:18:39 executed programs: 0 [ 78.554472][ T4291] chnl_net:caif_netlink_parms(): no params data found [ 78.597881][ T4291] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.605121][ T4291] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.613356][ T4291] device bridge_slave_0 entered promiscuous mode [ 78.621349][ T4291] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.628588][ T4291] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.636557][ T4291] device bridge_slave_1 entered promiscuous mode [ 78.659219][ T4291] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.670409][ T4291] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.695526][ T4291] team0: Port device team_slave_0 added [ 78.703445][ T4291] team0: Port device team_slave_1 added [ 78.722068][ T4291] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.729160][ T4291] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.755317][ T4291] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.767240][ T4291] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.774243][ T4291] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.800432][ T4291] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.830691][ T4291] device hsr_slave_0 entered promiscuous mode [ 78.838004][ T4291] device hsr_slave_1 entered promiscuous mode [ 78.844683][ T4291] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 78.852702][ T4291] Cannot create hsr debugfs directory [ 80.513151][ T4249] Bluetooth: hci0: command 0x0409 tx timeout [ 81.030095][ T144] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.077352][ T144] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.130326][ T144] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.474990][ T1324] cfg80211: failed to load regulatory.db [ 82.005856][ T4291] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 82.028162][ T4291] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 82.070951][ T4291] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 82.081657][ T4291] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 82.157923][ T4291] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.170377][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 82.179696][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 82.190734][ T4291] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.206806][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 82.215682][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 82.224675][ T392] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.231779][ T392] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.240278][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 82.267386][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 82.278506][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 82.287040][ T392] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.294136][ T392] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.314228][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 82.323588][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 82.332151][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 82.341569][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 82.350340][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 82.359828][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 82.369472][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 82.381232][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 82.389933][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 82.423057][ T4291] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 82.434476][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 82.443431][ T1472] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 82.451919][ T1472] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 82.561899][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 82.570039][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 82.582163][ T4291] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.592539][ T2303] Bluetooth: hci0: command 0x041b tx timeout [ 82.621711][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 82.630618][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 82.649040][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 82.658060][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 82.668211][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 82.676369][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 82.687761][ T4291] device veth0_vlan entered promiscuous mode [ 82.699433][ T144] device hsr_slave_0 left promiscuous mode [ 82.706355][ T144] device hsr_slave_1 left promiscuous mode [ 82.713133][ T144] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 82.720560][ T144] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 82.729825][ T144] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 82.737716][ T144] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 82.745777][ T144] device bridge_slave_1 left promiscuous mode [ 82.752847][ T144] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.766853][ T144] device bridge_slave_0 left promiscuous mode [ 82.774559][ T144] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.791917][ T144] device veth1_macvtap left promiscuous mode [ 82.798970][ T144] device veth0_macvtap left promiscuous mode [ 82.805174][ T144] device veth1_vlan left promiscuous mode [ 82.811129][ T144] device veth0_vlan left promiscuous mode [ 82.977084][ T144] team0 (unregistering): Port device team_slave_1 removed [ 82.993573][ T144] team0 (unregistering): Port device team_slave_0 removed [ 83.008445][ T144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 83.021680][ T144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 83.084471][ T144] bond0 (unregistering): Released all slaves [ 83.140324][ T4291] device veth1_vlan entered promiscuous mode [ 83.162189][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 83.170782][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 83.179398][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 83.189008][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 83.200484][ T4291] device veth0_macvtap entered promiscuous mode [ 83.213313][ T4291] device veth1_macvtap entered promiscuous mode [ 83.233595][ T4291] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.242591][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 83.251468][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 83.264736][ T4291] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.272037][ T1472] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 83.282522][ T1472] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 83.293711][ T4291] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.303247][ T4291] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.311954][ T4291] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.321215][ T4291] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.404386][ T1472] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.419581][ T1472] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.435021][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 83.447807][ T392] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.457104][ T392] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.465891][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 83.516939][ T4339] loop0: detected capacity change from 0 to 512 [ 83.563574][ T4339] ======================================================= [ 83.563574][ T4339] WARNING: The mand mount option has been deprecated and [ 83.563574][ T4339] and is ignored by this kernel. Remove the mand [ 83.563574][ T4339] option from the mount to silence this warning. [ 83.563574][ T4339] ======================================================= [ 83.700446][ T4339] [ 83.702827][ T4339] ====================================================== [ 83.709936][ T4339] WARNING: possible circular locking dependency detected [ 83.716961][ T4339] syzkaller #0 Not tainted [ 83.721411][ T4339] ------------------------------------------------------ [ 83.728428][ T4339] syz.0.17/4339 is trying to acquire lock: [ 83.734230][ T4339] ffff8880230b6bd8 (&sbi->s_writepages_rwsem){.+.+}-{0:0}, at: ext4_writepages+0x1c0/0x2d20 [ 83.744350][ T4339] [ 83.744350][ T4339] but task is already holding lock: [ 83.751710][ T4339] ffff88805f1ce478 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3e8/0x700 [ 83.761554][ T4339] [ 83.761554][ T4339] which lock already depends on the new lock. [ 83.761554][ T4339] [ 83.771976][ T4339] [ 83.771976][ T4339] the existing dependency chain (in reverse order) is: [ 83.780992][ T4339] [ 83.780992][ T4339] -> #2 (&ei->xattr_sem){++++}-{3:3}: [ 83.788559][ T4339] down_read+0x44/0x2e0 [ 83.793249][ T4339] ext4_setattr+0x71d/0x19e0 [ 83.798374][ T4339] notify_change+0xbcd/0xee0 [ 83.803497][ T4339] chown_common+0x483/0x610 [ 83.808531][ T4339] do_fchownat+0x164/0x270 [ 83.813482][ T4339] __x64_sys_chown+0x7e/0x90 [ 83.818603][ T4339] do_syscall_64+0x4c/0xa0 [ 83.823545][ T4339] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 83.829970][ T4339] [ 83.829970][ T4339] -> #1 (jbd2_handle){++++}-{0:0}: [ 83.837278][ T4339] start_this_handle+0x1338/0x15a0 [ 83.843033][ T4339] jbd2__journal_start+0x2b7/0x5a0 [ 83.848682][ T4339] __ext4_journal_start_sb+0x167/0x360 [ 83.854675][ T4339] ext4_writepages+0xdc2/0x2d20 [ 83.860061][ T4339] do_writepages+0x48d/0x6d0 [ 83.865180][ T4339] __writeback_single_inode+0x153/0xda0 [ 83.871249][ T4339] writeback_sb_inodes+0x9fe/0x1610 [ 83.876975][ T4339] __writeback_inodes_wb+0x12a/0x3f0 [ 83.882784][ T4339] wb_writeback+0x455/0xb90 [ 83.887810][ T4339] wb_workfn+0xaaa/0xe60 [ 83.892597][ T4339] process_one_work+0x863/0x1000 [ 83.898075][ T4339] worker_thread+0xaa8/0x12a0 [ 83.903283][ T4339] kthread+0x436/0x520 [ 83.907879][ T4339] ret_from_fork+0x1f/0x30 [ 83.912823][ T4339] [ 83.912823][ T4339] -> #0 (&sbi->s_writepages_rwsem){.+.+}-{0:0}: [ 83.921260][ T4339] __lock_acquire+0x2c33/0x7c60 [ 83.926650][ T4339] lock_acquire+0x197/0x3f0 [ 83.931687][ T4339] percpu_down_read+0x46/0x1b0 [ 83.936979][ T4339] ext4_writepages+0x1c0/0x2d20 [ 83.942605][ T4339] do_writepages+0x48d/0x6d0 [ 83.947731][ T4339] __writeback_single_inode+0x153/0xda0 [ 83.953808][ T4339] writeback_single_inode+0x221/0x8b0 [ 83.959715][ T4339] write_inode_now+0x217/0x280 [ 83.965019][ T4339] iput+0x5ab/0x8a0 [ 83.969364][ T4339] ext4_xattr_set_entry+0x10ff/0x3d30 [ 83.975376][ T4339] ext4_xattr_block_set+0x4f7/0x2d30 [ 83.981200][ T4339] ext4_expand_extra_isize_ea+0xf4b/0x19a0 [ 83.987541][ T4339] __ext4_expand_extra_isize+0x301/0x3e0 [ 83.993709][ T4339] __ext4_mark_inode_dirty+0x469/0x700 [ 83.999695][ T4339] ext4_evict_inode+0xa81/0x1080 [ 84.005151][ T4339] evict+0x485/0x870 [ 84.009568][ T4339] ext4_orphan_cleanup+0xaa9/0x12e0 [ 84.015282][ T4339] ext4_fill_super+0x92f0/0x9a60 [ 84.020743][ T4339] mount_bdev+0x287/0x3c0 [ 84.025677][ T4339] legacy_get_tree+0xe6/0x180 [ 84.030872][ T4339] vfs_get_tree+0x88/0x270 [ 84.035812][ T4339] do_new_mount+0x24a/0xa40 [ 84.040833][ T4339] __se_sys_mount+0x2d6/0x3c0 [ 84.046027][ T4339] do_syscall_64+0x4c/0xa0 [ 84.050958][ T4339] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 84.057376][ T4339] [ 84.057376][ T4339] other info that might help us debug this: [ 84.057376][ T4339] [ 84.067596][ T4339] Chain exists of: [ 84.067596][ T4339] &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem [ 84.067596][ T4339] [ 84.080974][ T4339] Possible unsafe locking scenario: [ 84.080974][ T4339] [ 84.088420][ T4339] CPU0 CPU1 [ 84.093779][ T4339] ---- ---- [ 84.099139][ T4339] lock(&ei->xattr_sem); [ 84.103464][ T4339] lock(jbd2_handle); [ 84.110060][ T4339] lock(&ei->xattr_sem); [ 84.116908][ T4339] lock(&sbi->s_writepages_rwsem); [ 84.122102][ T4339] [ 84.122102][ T4339] *** DEADLOCK *** [ 84.122102][ T4339] [ 84.130346][ T4339] 3 locks held by syz.0.17/4339: [ 84.135296][ T4339] #0: ffff8880230b40e0 (&type->s_umount_key#28/1){+.+.}-{3:3}, at: alloc_super+0x201/0x950 [ 84.145402][ T4339] #1: ffff8880230b4650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x444/0x1080 [ 84.154879][ T4339] #2: ffff88805f1ce478 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3e8/0x700 [ 84.165185][ T4339] [ 84.165185][ T4339] stack backtrace: [ 84.171078][ T4339] CPU: 1 PID: 4339 Comm: syz.0.17 Not tainted syzkaller #0 [ 84.178269][ T4339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 84.188333][ T4339] Call Trace: [ 84.191612][ T4339] [ 84.194545][ T4339] dump_stack_lvl+0x168/0x230 [ 84.199224][ T4339] ? load_image+0x3b0/0x3b0 [ 84.203724][ T4339] ? show_regs_print_info+0x20/0x20 [ 84.208925][ T4339] ? print_circular_bug+0x12b/0x1a0 [ 84.214124][ T4339] check_noncircular+0x274/0x310 [ 84.219060][ T4339] ? add_chain_block+0x940/0x940 [ 84.223990][ T4339] ? lockdep_lock+0xdc/0x1e0 [ 84.228579][ T4339] ? lockdep_unlock+0x134/0x2d0 [ 84.233429][ T4339] ? mark_lock+0x94/0x320 [ 84.237862][ T4339] __lock_acquire+0x2c33/0x7c60 [ 84.242738][ T4339] ? verify_lock_unused+0x140/0x140 [ 84.247935][ T4339] ? verify_lock_unused+0x140/0x140 [ 84.253131][ T4339] ? mark_lock+0x94/0x320 [ 84.257466][ T4339] lock_acquire+0x197/0x3f0 [ 84.261968][ T4339] ? ext4_writepages+0x1c0/0x2d20 [ 84.266988][ T4339] ? check_path+0x40/0x40 [ 84.271340][ T4339] ? __might_sleep+0xf0/0xf0 [ 84.275926][ T4339] ? read_lock_is_recursive+0x10/0x10 [ 84.281307][ T4339] ? mark_lock+0x94/0x320 [ 84.285652][ T4339] ? __lock_acquire+0x13ad/0x7c60 [ 84.290680][ T4339] percpu_down_read+0x46/0x1b0 [ 84.295442][ T4339] ? ext4_writepages+0x1c0/0x2d20 [ 84.300490][ T4339] ext4_writepages+0x1c0/0x2d20 [ 84.305359][ T4339] ? rcu_is_watching+0x11/0xa0 [ 84.310119][ T4339] ? lock_release+0xba/0x870 [ 84.314710][ T4339] ? rcu_lock_release+0x5/0x20 [ 84.319471][ T4339] ? mark_lock+0x94/0x320 [ 84.323798][ T4339] ? verify_lock_unused+0x140/0x140 [ 84.328999][ T4339] ? mark_lock+0x94/0x320 [ 84.333353][ T4339] ? ext4_readpage+0x2e0/0x2e0 [ 84.338115][ T4339] ? __lock_acquire+0x13ad/0x7c60 [ 84.343135][ T4339] ? rcu_lock_release+0x5/0x20 [ 84.347900][ T4339] ? __lock_acquire+0x7c60/0x7c60 [ 84.352935][ T4339] ? do_raw_spin_lock+0x11d/0x280 [ 84.357960][ T4339] ? _raw_spin_lock_irqsave+0x7f/0xf0 [ 84.363330][ T4339] ? do_raw_spin_unlock+0x11d/0x230 [ 84.368522][ T4339] ? ext4_readpage+0x2e0/0x2e0 [ 84.373379][ T4339] do_writepages+0x48d/0x6d0 [ 84.377994][ T4339] ? __writepage+0x130/0x130 [ 84.382580][ T4339] ? writeback_single_inode+0x216/0x8b0 [ 84.388124][ T4339] ? __lock_acquire+0x7c60/0x7c60 [ 84.393144][ T4339] ? do_raw_spin_lock+0x11d/0x280 [ 84.398165][ T4339] __writeback_single_inode+0x153/0xda0 [ 84.403706][ T4339] writeback_single_inode+0x221/0x8b0 [ 84.409089][ T4339] ? write_inode_now+0x280/0x280 [ 84.414034][ T4339] write_inode_now+0x217/0x280 [ 84.418798][ T4339] ? bdi_split_work_to_wbs+0x820/0x820 [ 84.424276][ T4339] ? do_raw_spin_unlock+0x11d/0x230 [ 84.429491][ T4339] iput+0x5ab/0x8a0 [ 84.433331][ T4339] ext4_xattr_set_entry+0x10ff/0x3d30 [ 84.438721][ T4339] ? ext4_xattr_ibody_set+0x330/0x330 [ 84.444097][ T4339] ? rcu_is_watching+0x11/0xa0 [ 84.448861][ T4339] ? kmem_cache_free+0x14c/0x210 [ 84.453812][ T4339] ? mb_cache_entry_delete_or_get+0x1bd/0x1e0 [ 84.459879][ T4339] ext4_xattr_block_set+0x4f7/0x2d30 [ 84.465165][ T4339] ? do_raw_spin_unlock+0x11d/0x230 [ 84.470377][ T4339] ? __ext4_xattr_check_block+0x7d8/0x8d0 [ 84.476096][ T4339] ? ext4_xattr_block_find+0x500/0x500 [ 84.481562][ T4339] ? ext4_xattr_block_find+0x433/0x500 [ 84.487040][ T4339] ext4_expand_extra_isize_ea+0xf4b/0x19a0 [ 84.492872][ T4339] __ext4_expand_extra_isize+0x301/0x3e0 [ 84.498520][ T4339] __ext4_mark_inode_dirty+0x469/0x700 [ 84.503986][ T4339] ext4_evict_inode+0xa81/0x1080 [ 84.508923][ T4339] ? _raw_spin_unlock+0x24/0x40 [ 84.513779][ T4339] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 84.519675][ T4339] ? do_raw_spin_unlock+0x11d/0x230 [ 84.524872][ T4339] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 84.530764][ T4339] evict+0x485/0x870 [ 84.534658][ T4339] ? __lock_acquire+0x7c60/0x7c60 [ 84.539684][ T4339] ? proc_nr_inodes+0x320/0x320 [ 84.544708][ T4339] ? do_raw_spin_unlock+0x11d/0x230 [ 84.549909][ T4339] ? _raw_spin_unlock+0x24/0x40 [ 84.554757][ T4339] ? iput+0x706/0x8a0 [ 84.558740][ T4339] ext4_orphan_cleanup+0xaa9/0x12e0 [ 84.563965][ T4339] ? ext4_orphan_del+0xb90/0xb90 [ 84.568900][ T4339] ? errseq_check_and_advance+0x62/0x120 [ 84.574531][ T4339] ext4_fill_super+0x92f0/0x9a60 [ 84.579487][ T4339] ? ext4_mount+0x40/0x40 [ 84.583918][ T4339] ? set_blocksize+0x1f1/0x370 [ 84.588685][ T4339] ? sb_set_blocksize+0xa5/0xe0 [ 84.593536][ T4339] mount_bdev+0x287/0x3c0 [ 84.597867][ T4339] ? ext4_mount+0x40/0x40 [ 84.602413][ T4339] legacy_get_tree+0xe6/0x180 [ 84.607105][ T4339] ? ext4_errno_to_code+0x160/0x160 [ 84.612322][ T4339] vfs_get_tree+0x88/0x270 [ 84.616749][ T4339] do_new_mount+0x24a/0xa40 [ 84.621269][ T4339] __se_sys_mount+0x2d6/0x3c0 [ 84.625953][ T4339] ? __x64_sys_mount+0xc0/0xc0 [ 84.630718][ T4339] ? lockdep_hardirqs_on+0x94/0x140 [ 84.635914][ T4339] ? __x64_sys_mount+0x1c/0xc0 [ 84.640677][ T4339] do_syscall_64+0x4c/0xa0 [ 84.645090][ T4339] ? clear_bhb_loop+0x30/0x80 [ 84.649764][ T4339] ? clear_bhb_loop+0x30/0x80 [ 84.654446][ T4339] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 84.660375][ T4339] RIP: 0033:0x7f95b0e13eea [ 84.664803][ T4339] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 84.684414][ T4339] RSP: 002b:00007ffdc02ce138 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 84.692829][ T4339] RAX: ffffffffffffffda RBX: 00007ffdc02ce1c0 RCX: 00007f95b0e13eea [ 84.700801][ T4339] RDX: 0000200000000180 RSI: 0000200000000080 RDI: 00007ffdc02ce180 [ 84.708767][ T4339] RBP: 0000200000000180 R08: 00007ffdc02ce1c0 R09: 0000000002808340 [ 84.716735][ T4339] R10: 0000000002808340 R11: 0000000000000246 R12: 0000200000000080 [ 84.724704][ T4339] R13: 00007ffdc02ce180 R14: 000000000000047c R15: 0000200000000640 [ 84.732682][ T4339] [ 84.739017][ T2303] Bluetooth: hci0: command 0x040f tx timeout [ 84.748383][ T4339] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 84.772820][ T4339] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 11 err=-117 [ 84.786334][ T4339] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2826: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 84.800132][ T4339] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 84.814160][ T4339] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 11 err=-117 [ 84.826661][ T4339] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #18: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 84.840216][ T4339] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 18 err=-117 [ 84.853836][ T4339] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #18: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 84.867301][ T4339] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 18 err=-117 [ 84.879955][ T4339] EXT4-fs (loop0): 1 orphan inode deleted SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 84.886092][ T4339] EXT4-fs (loop0): mounted filesystem without journal. Opts: i_version,nobarrier,debug_want_extra_isize=0x000000000000005a,sysvgroups,resgid=0x0000000000000000,acl,init_itable=0x0000000000000003,,errors=continue. Quota mode: none.