Warning: Permanently added '10.128.0.187' (ED25519) to the list of known hosts. 1970/01/01 00:00:32 parsed 1 programs [ 33.908577][ T4324] cgroup: Unknown subsys name 'net' [ 34.119953][ T4324] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 34.435461][ T4324] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 39.681766][ T4357] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 39.683221][ T4357] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 39.684564][ T4357] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 39.686009][ T4357] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 39.687254][ T4357] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 39.690723][ T4357] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 40.154563][ T4380] chnl_net:caif_netlink_parms(): no params data found [ 40.171467][ T4380] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.172701][ T4380] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.174223][ T4380] device bridge_slave_0 entered promiscuous mode [ 40.176519][ T4380] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.178329][ T4380] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.179804][ T4380] device bridge_slave_1 entered promiscuous mode [ 40.221903][ T4380] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 40.224589][ T4380] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 40.232400][ T4380] team0: Port device team_slave_0 added [ 40.234038][ T4380] team0: Port device team_slave_1 added [ 40.240266][ T4380] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 40.241394][ T4380] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.245280][ T4380] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 40.248023][ T4380] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 40.249181][ T4380] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.253359][ T4380] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 40.288629][ T4380] device hsr_slave_0 entered promiscuous mode [ 40.357593][ T4380] device hsr_slave_1 entered promiscuous mode [ 40.462952][ T4380] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 40.508781][ T4380] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 40.558765][ T4380] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 40.599782][ T4380] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 40.667593][ T4380] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.669430][ T4380] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.671086][ T4380] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.672091][ T4380] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.696622][ T4380] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.701055][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 40.703528][ T39] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.705388][ T39] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.707055][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 40.716652][ T4380] 8021q: adding VLAN 0 to HW filter on device team0 [ 40.720777][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 40.722363][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.723496][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.726478][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 40.728484][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.729548][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.735434][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 40.736913][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 40.740583][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 40.743370][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 40.746468][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 40.749976][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 40.800716][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 40.802030][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 40.805093][ T4380] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 40.812526][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 40.818956][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 40.820635][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 40.822109][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 40.824234][ T4380] device veth0_vlan entered promiscuous mode [ 40.827143][ T4380] device veth1_vlan entered promiscuous mode [ 40.834378][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 40.835792][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 40.837724][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 40.840739][ T4380] device veth0_macvtap entered promiscuous mode [ 40.843683][ T4380] device veth1_macvtap entered promiscuous mode [ 40.851215][ T4380] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 40.853269][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 40.855440][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 40.859225][ T4380] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 40.860755][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 40.863136][ T4380] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.864327][ T4380] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.865509][ T4380] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.866841][ T4380] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.070051][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 41.071280][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 41.072920][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 41.081996][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 41.083146][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 41.084791][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 1970/01/01 00:00:41 executed programs: 0 [ 41.437130][ T4357] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 41.439174][ T4357] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 41.440500][ T4357] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 41.441938][ T4357] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 41.443377][ T4357] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 41.444568][ T4357] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 41.500662][ T4435] chnl_net:caif_netlink_parms(): no params data found [ 41.515409][ T4435] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.516553][ T4435] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.518056][ T4435] device bridge_slave_0 entered promiscuous mode [ 41.520304][ T4435] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.521522][ T4435] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.523016][ T4435] device bridge_slave_1 entered promiscuous mode [ 41.530646][ T4435] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 41.532949][ T4435] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 41.549175][ T4435] team0: Port device team_slave_0 added [ 41.550986][ T4435] team0: Port device team_slave_1 added [ 41.557020][ T4435] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 41.558401][ T4435] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.562392][ T4435] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 41.564719][ T4435] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 41.565838][ T4435] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.570905][ T4435] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 41.618554][ T4435] device hsr_slave_0 entered promiscuous mode [ 41.647556][ T4435] device hsr_slave_1 entered promiscuous mode [ 41.687411][ T4435] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 41.688727][ T4435] Cannot create hsr debugfs directory [ 41.798732][ T4435] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 43.517592][ T4357] Bluetooth: hci0: command 0x0409 tx timeout [ 44.159363][ T4435] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 45.597630][ T4357] Bluetooth: hci0: command 0x041b tx timeout [ 46.548091][ T4435] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 46.639558][ T4435] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 46.862517][ T4435] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 46.949327][ T4435] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 46.988321][ T4435] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 47.079407][ T4435] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 47.200947][ T4435] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.204321][ T1576] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 47.205764][ T1576] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 47.208080][ T4435] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.210272][ T1576] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 47.211767][ T1576] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 47.213141][ T1576] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.214160][ T1576] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.215728][ T1576] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 47.277454][ T1576] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 47.279113][ T1576] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.280534][ T1576] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.281610][ T1576] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.282877][ T1576] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 47.284361][ T1576] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 47.285832][ T1576] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 47.288968][ T1576] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 47.290624][ T1576] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 47.292589][ T1576] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 47.294160][ T1576] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 47.295568][ T1576] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 47.297018][ T1576] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 47.299502][ T1576] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 47.300968][ T1576] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 47.302945][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 47.677336][ T4357] Bluetooth: hci0: command 0x040f tx timeout [ 47.693367][ T1576] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 47.694669][ T1576] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 47.697593][ T4435] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.703430][ T1576] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 47.705101][ T1576] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 47.711171][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 47.712534][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 47.714135][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 47.715402][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 47.717107][ T4435] device veth0_vlan entered promiscuous mode [ 47.720123][ T4435] device veth1_vlan entered promiscuous mode [ 47.726577][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 47.728622][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 47.729929][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 47.731739][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 47.790596][ T4435] device veth0_macvtap entered promiscuous mode [ 47.792885][ T4435] device veth1_macvtap entered promiscuous mode [ 47.797877][ T4435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.799413][ T4435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.801197][ T4435] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.802315][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 47.803826][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 47.805152][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 47.806623][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 47.808976][ T4435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.810602][ T4435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.812606][ T4435] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.813748][ T1576] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 47.815265][ T1576] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 47.817873][ T4435] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.819140][ T4435] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.820423][ T4435] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.821720][ T4435] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.149911][ T1576] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.153994][ T1576] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.156224][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 48.158734][ T39] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.159942][ T39] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.162151][ T1576] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 48.216975][ T4455] loop0: detected capacity change from 0 to 512 [ 48.224958][ T4455] [ 48.225341][ T4455] ====================================================== [ 48.226406][ T4455] WARNING: possible circular locking dependency detected [ 48.227474][ T4455] syzkaller #0 Not tainted [ 48.228173][ T4455] ------------------------------------------------------ [ 48.229277][ T4455] syz.0.17/4455 is trying to acquire lock: [ 48.230195][ T4455] ffff0000d2734b98 (&sbi->s_writepages_rwsem){.+.+}-{0:0}, at: ext4_writepages+0x188/0x284c [ 48.231778][ T4455] [ 48.231778][ T4455] but task is already holding lock: [ 48.232861][ T4455] ffff0000ea2d1ee0 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x37c/0x790 [ 48.234320][ T4455] [ 48.234320][ T4455] which lock already depends on the new lock. [ 48.234320][ T4455] [ 48.235844][ T4455] [ 48.235844][ T4455] the existing dependency chain (in reverse order) is: [ 48.237171][ T4455] [ 48.237171][ T4455] -> #2 (&ei->xattr_sem){++++}-{3:3}: [ 48.238277][ T4455] down_read+0x64/0x304 [ 48.238977][ T4455] ext4_setattr+0x7c4/0x150c [ 48.239709][ T4455] notify_change+0xb0c/0xdcc [ 48.240454][ T4455] chown_common+0x414/0x574 [ 48.241200][ T4455] do_fchownat+0x158/0x268 [ 48.241924][ T4455] __arm64_sys_fchownat+0xb8/0xd4 [ 48.242744][ T4455] invoke_syscall+0x98/0x2bc [ 48.243478][ T4455] el0_svc_common+0x138/0x258 [ 48.244197][ T4455] do_el0_svc+0x58/0x13c [ 48.244889][ T4455] el0_svc+0x58/0x138 [ 48.245559][ T4455] el0t_64_sync_handler+0x84/0xf0 [ 48.246371][ T4455] el0t_64_sync+0x18c/0x190 [ 48.247114][ T4455] [ 48.247114][ T4455] -> #1 (jbd2_handle){++++}-{0:0}: [ 48.248199][ T4455] start_this_handle+0xfe0/0x122c [ 48.249023][ T4455] jbd2__journal_start+0x288/0x51c [ 48.249860][ T4455] __ext4_journal_start_sb+0x2fc/0x674 [ 48.250712][ T4455] ext4_writepages+0xa28/0x284c [ 48.251464][ T4455] do_writepages+0x2c0/0x4fc [ 48.252170][ T4455] __writeback_single_inode+0x164/0x157c [ 48.253021][ T4455] writeback_sb_inodes+0x824/0x1404 [ 48.253838][ T4455] __writeback_inodes_wb+0x110/0x394 [ 48.254687][ T4455] wb_writeback+0x414/0xfb0 [ 48.255362][ T4455] wb_workfn+0xac0/0xd98 [ 48.256024][ T4455] process_one_work+0x7f4/0x13a8 [ 48.256838][ T4455] worker_thread+0x8c8/0xfbc [ 48.257534][ T4455] kthread+0x250/0x2d8 [ 48.258161][ T4455] ret_from_fork+0x10/0x20 [ 48.258843][ T4455] [ 48.258843][ T4455] -> #0 (&sbi->s_writepages_rwsem){.+.+}-{0:0}: [ 48.260052][ T4455] __lock_acquire+0x293c/0x6544 [ 48.260822][ T4455] lock_acquire+0x20c/0x644 [ 48.261530][ T4455] percpu_down_read+0x70/0x2a8 [ 48.262261][ T4455] ext4_writepages+0x188/0x284c [ 48.263000][ T4455] do_writepages+0x2c0/0x4fc [ 48.263727][ T4455] __writeback_single_inode+0x164/0x157c [ 48.264592][ T4455] writeback_single_inode+0x1c0/0x720 [ 48.265425][ T4455] write_inode_now+0x144/0x1b0 [ 48.266158][ T4455] iput+0x5cc/0x7f4 [ 48.266762][ T4455] ext4_xattr_block_set+0x17a4/0x2810 [ 48.267609][ T4455] ext4_expand_extra_isize_ea+0xcb8/0x15cc [ 48.268490][ T4455] __ext4_expand_extra_isize+0x298/0x358 [ 48.269348][ T4455] __ext4_mark_inode_dirty+0x3e4/0x790 [ 48.270194][ T4455] ext4_evict_inode+0xb58/0x1270 [ 48.270953][ T4455] evict+0x3c8/0x810 [ 48.271564][ T4455] iput+0x764/0x7f4 [ 48.272179][ T4455] ext4_process_orphan+0x240/0x2b4 [ 48.272958][ T4455] ext4_orphan_cleanup+0x908/0x104c [ 48.273768][ T4455] ext4_fill_super+0x6440/0x68a8 [ 48.274535][ T4455] get_tree_bdev+0x358/0x544 [ 48.275282][ T4455] ext4_get_tree+0x28/0x38 [ 48.275984][ T4455] vfs_get_tree+0x90/0x274 [ 48.276688][ T4455] do_new_mount+0x228/0x810 [ 48.277416][ T4455] path_mount+0x5b4/0xe78 [ 48.278093][ T4455] __arm64_sys_mount+0x49c/0x584 [ 48.278904][ T4455] invoke_syscall+0x98/0x2bc [ 48.279769][ T4455] el0_svc_common+0x138/0x258 [ 48.280593][ T4455] do_el0_svc+0x58/0x13c [ 48.281325][ T4455] el0_svc+0x58/0x138 [ 48.282074][ T4455] el0t_64_sync_handler+0x84/0xf0 [ 48.283004][ T4455] el0t_64_sync+0x18c/0x190 [ 48.283806][ T4455] [ 48.283806][ T4455] other info that might help us debug this: [ 48.283806][ T4455] [ 48.285308][ T4455] Chain exists of: [ 48.285308][ T4455] &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem [ 48.285308][ T4455] [ 48.287274][ T4455] Possible unsafe locking scenario: [ 48.287274][ T4455] [ 48.288378][ T4455] CPU0 CPU1 [ 48.289222][ T4455] ---- ---- [ 48.290050][ T4455] lock(&ei->xattr_sem); [ 48.290743][ T4455] lock(jbd2_handle); [ 48.291687][ T4455] lock(&ei->xattr_sem); [ 48.292678][ T4455] lock(&sbi->s_writepages_rwsem); [ 48.293392][ T4455] [ 48.293392][ T4455] *** DEADLOCK *** [ 48.293392][ T4455] [ 48.294557][ T4455] 3 locks held by syz.0.17/4455: [ 48.295298][ T4455] #0: ffff0000d27320e0 (&type->s_umount_key#26/1){+.+.}-{3:3}, at: alloc_super+0x1a4/0x804 [ 48.296873][ T4455] #1: ffff0000d2732650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x3dc/0x1270 [ 48.298383][ T4455] #2: ffff0000ea2d1ee0 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x37c/0x790 [ 48.299917][ T4455] [ 48.299917][ T4455] stack backtrace: [ 48.300804][ T4455] CPU: 0 PID: 4455 Comm: syz.0.17 Not tainted syzkaller #0 [ 48.302054][ T4455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 48.303624][ T4455] Call trace: [ 48.304115][ T4455] dump_backtrace+0x1c8/0x1f4 [ 48.304808][ T4455] show_stack+0x2c/0x3c [ 48.305482][ T4455] __dump_stack+0x30/0x40 [ 48.306122][ T4455] dump_stack_lvl+0xf8/0x160 [ 48.306773][ T4455] dump_stack+0x1c/0x5c [ 48.307367][ T4455] print_circular_bug+0x148/0x1b0 [ 48.308107][ T4455] check_noncircular+0x240/0x2d4 [ 48.308861][ T4455] __lock_acquire+0x293c/0x6544 [ 48.309602][ T4455] lock_acquire+0x20c/0x644 [ 48.310274][ T4455] percpu_down_read+0x70/0x2a8 [ 48.310952][ T4455] ext4_writepages+0x188/0x284c [ 48.311576][ T4455] do_writepages+0x2c0/0x4fc [ 48.312217][ T4455] __writeback_single_inode+0x164/0x157c [ 48.312951][ T4455] writeback_single_inode+0x1c0/0x720 [ 48.313681][ T4455] write_inode_now+0x144/0x1b0 [ 48.314341][ T4455] iput+0x5cc/0x7f4 [ 48.314872][ T4455] ext4_xattr_block_set+0x17a4/0x2810 [ 48.315581][ T4455] ext4_expand_extra_isize_ea+0xcb8/0x15cc [ 48.316408][ T4455] __ext4_expand_extra_isize+0x298/0x358 [ 48.317154][ T4455] __ext4_mark_inode_dirty+0x3e4/0x790 [ 48.317880][ T4455] ext4_evict_inode+0xb58/0x1270 [ 48.318564][ T4455] evict+0x3c8/0x810 [ 48.319109][ T4455] iput+0x764/0x7f4 [ 48.319660][ T4455] ext4_process_orphan+0x240/0x2b4 [ 48.320382][ T4455] ext4_orphan_cleanup+0x908/0x104c [ 48.321116][ T4455] ext4_fill_super+0x6440/0x68a8 [ 48.321799][ T4455] get_tree_bdev+0x358/0x544 [ 48.322432][ T4455] ext4_get_tree+0x28/0x38 [ 48.323039][ T4455] vfs_get_tree+0x90/0x274 [ 48.323618][ T4455] do_new_mount+0x228/0x810 [ 48.324228][ T4455] path_mount+0x5b4/0xe78 [ 48.324803][ T4455] __arm64_sys_mount+0x49c/0x584 [ 48.325494][ T4455] invoke_syscall+0x98/0x2bc [ 48.326133][ T4455] el0_svc_common+0x138/0x258 [ 48.326788][ T4455] do_el0_svc+0x58/0x13c [ 48.327390][ T4455] el0_svc+0x58/0x138 [ 48.327942][ T4455] el0t_64_sync_handler+0x84/0xf0 [ 48.328664][ T4455] el0t_64_sync+0x18c/0x190 [ 48.334040][ T9] device hsr_slave_0 left promiscuous mode [ 48.338043][ T4455] ------------[ cut here ]------------ [ 48.338896][ T4455] EA inode 11 i_nlink=2 [ 48.338957][ T4455] WARNING: CPU: 1 PID: 4455 at fs/ext4/xattr.c:1022 ext4_xattr_inode_update_ref+0x42c/0x470 [ 48.341098][ T4455] Modules linked in: [ 48.341662][ T4455] CPU: 1 PID: 4455 Comm: syz.0.17 Not tainted syzkaller #0 [ 48.342699][ T4455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 48.344257][ T4455] pstate: 62400005 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 48.345426][ T4455] pc : ext4_xattr_inode_update_ref+0x42c/0x470 [ 48.346373][ T4455] lr : ext4_xattr_inode_update_ref+0x42c/0x470 [ 48.347275][ T4455] sp : ffff800021206e00 [ 48.347847][ T4455] x29: ffff800021206ea0 x28: 0000000000000000 x27: dfff800000000000 [ 48.349077][ T4455] x26: 1fffe0001d4256da x25: ffff700004240dc4 x24: 0000000000000000 [ 48.350288][ T4455] x23: ffff800017a15000 x22: ffff0000ea12b518 x21: 0000000000000002 [ 48.351474][ T4455] x20: 0000000000000001 x19: ffff0000ea12b4d8 x18: ffff800011a5bd40 [ 48.352700][ T4455] x17: 0000000000000000 x16: ffff800008042d90 x15: 0000000000000000 [ 48.353891][ T4455] x14: 00000000ffffffff x13: 0000000000000001 x12: 0000000000ff0100 [ 48.355108][ T4455] x11: ff008000081924a8 x10: 0000000000000000 x9 : 5f5afd25b2f52f00 [ 48.356400][ T4455] x8 : 5f5afd25b2f52f00 x7 : 0000000000000001 x6 : 0000000000000001 [ 48.357655][ T4455] x5 : ffff800021206898 x4 : ffff800015134e00 x3 : ffff80000852f9b8 [ 48.358863][ T4455] x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000 [ 48.360038][ T4455] Call trace: [ 48.360591][ T4455] ext4_xattr_inode_update_ref+0x42c/0x470 [ 48.361454][ T4455] ext4_xattr_set_entry+0x918/0x15ac [ 48.362291][ T4455] ext4_xattr_ibody_set+0x204/0x600 [ 48.362980][ T4455] ext4_expand_extra_isize_ea+0xd00/0x15cc [ 48.363911][ T4455] __ext4_expand_extra_isize+0x298/0x358 [ 48.364896][ T4455] __ext4_mark_inode_dirty+0x3e4/0x790 [ 48.365826][ T4455] ext4_evict_inode+0xb58/0x1270 [ 48.366657][ T4455] evict+0x3c8/0x810 [ 48.367299][ T4455] iput+0x764/0x7f4 [ 48.367896][ T4455] ext4_process_orphan+0x240/0x2b4 [ 48.368757][ T4455] ext4_orphan_cleanup+0x908/0x104c [ 48.369585][ T4455] ext4_fill_super+0x6440/0x68a8 [ 48.370389][ T4455] get_tree_bdev+0x358/0x544 [ 48.371071][ T4455] ext4_get_tree+0x28/0x38 [ 48.371704][ T4455] vfs_get_tree+0x90/0x274 [ 48.372334][ T4455] do_new_mount+0x228/0x810 [ 48.372969][ T4455] path_mount+0x5b4/0xe78 [ 48.373584][ T4455] __arm64_sys_mount+0x49c/0x584 [ 48.374304][ T4455] invoke_syscall+0x98/0x2bc [ 48.374945][ T4455] el0_svc_common+0x138/0x258 [ 48.375598][ T4455] do_el0_svc+0x58/0x13c [ 48.376207][ T4455] el0_svc+0x58/0x138 [ 48.376772][ T4455] el0t_64_sync_handler+0x84/0xf0 [ 48.377498][ T4455] el0t_64_sync+0x18c/0x190 [ 48.378137][ T4455] irq event stamp: 4417 [ 48.378746][ T4455] hardirqs last enabled at (4417): [] _raw_spin_unlock_irqrestore+0x48/0xac [ 48.380183][ T4455] hardirqs last disabled at (4416): [] _raw_spin_lock_irqsave+0xa4/0xb4 [ 48.381593][ T4455] softirqs last enabled at (2904): [] handle_softirqs+0xaf8/0xc6c [ 48.382844][ T4455] softirqs last disabled at (2887): [] __do_softirq+0x14/0x20 [ 48.384115][ T4455] ---[ end trace 0000000000000000 ]--- [ 48.386402][ T4455] EXT4-fs (loop0): 1 orphan inode deleted [ 48.387348][ T4455] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 48.388586][ T9] device hsr_slave_1 left promiscuous mode [ 48.391150][ T4435] EXT4-fs (loop0): unmounting filesystem. [ 48.447887][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 48.449126][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 48.450795][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 48.451894][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 48.453176][ T9] device bridge_slave_1 left promiscuous mode [ 48.454206][ T9] bridge0: port 2(bridge_slave_1) entered disabled state