Warning: Permanently added '10.128.0.205' (ED25519) to the list of known hosts. 1970/01/01 00:00:32 parsed 1 programs [ 33.505945][ T4325] cgroup: Unknown subsys name 'net' [ 33.772883][ T4325] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 34.082662][ T4325] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 38.116317][ T4348] chnl_net:caif_netlink_parms(): no params data found [ 38.133170][ T4348] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.134343][ T4348] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.135780][ T4348] device bridge_slave_0 entered promiscuous mode [ 38.137939][ T4348] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.138895][ T4348] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.140189][ T4348] device bridge_slave_1 entered promiscuous mode [ 38.151473][ T4348] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 38.153865][ T4348] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 38.160813][ T4348] team0: Port device team_slave_0 added [ 38.162454][ T4348] team0: Port device team_slave_1 added [ 38.168400][ T4348] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 38.169419][ T4348] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.173741][ T4348] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 38.176277][ T4348] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 38.177361][ T4348] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.181368][ T4348] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.251463][ T4348] device hsr_slave_0 entered promiscuous mode [ 38.290463][ T4348] device hsr_slave_1 entered promiscuous mode [ 38.385272][ T4348] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 38.403365][ T4348] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 38.452904][ T4348] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 38.513181][ T4348] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 38.559580][ T4348] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.560689][ T4348] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.561976][ T4348] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.563012][ T4348] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.577970][ T4348] 8021q: adding VLAN 0 to HW filter on device bond0 [ 38.583473][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 38.585993][ T39] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.587664][ T39] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.589414][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 38.594188][ T4348] 8021q: adding VLAN 0 to HW filter on device team0 [ 38.597253][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 38.598687][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.599745][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.603775][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 38.605114][ T321] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.606183][ T321] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.613637][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 38.615194][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 38.618207][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 38.622249][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 38.624846][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 38.627263][ T4348] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 38.677200][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 38.678415][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 38.684434][ T4348] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 38.691396][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 38.697273][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 38.698848][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 38.700679][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 38.703127][ T4348] device veth0_vlan entered promiscuous mode [ 38.706069][ T4348] device veth1_vlan entered promiscuous mode [ 38.744161][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 38.745701][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 38.747425][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 38.750097][ T4348] device veth0_macvtap entered promiscuous mode [ 38.752783][ T4348] device veth1_macvtap entered promiscuous mode [ 38.759063][ T4348] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 38.760219][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 38.762803][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 38.766262][ T4348] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 38.768489][ T4348] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.769917][ T4348] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.771842][ T4348] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.773060][ T4348] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.775211][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 38.888102][ T4377] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 38.889531][ T4377] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 38.891793][ T4377] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 38.893279][ T4377] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 38.894647][ T4377] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 38.895844][ T4377] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 39.298632][ T39] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.299829][ T39] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.307252][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 39.313608][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.314772][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.316328][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 1970/01/01 00:00:39 executed programs: 0 [ 39.929084][ T47] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 39.930999][ T47] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 39.932383][ T47] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 39.933950][ T47] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 39.935421][ T47] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 39.936620][ T47] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 40.104400][ T4362] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 40.149172][ T4420] chnl_net:caif_netlink_parms(): no params data found [ 40.163845][ T4420] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.165019][ T4420] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.166425][ T4420] device bridge_slave_0 entered promiscuous mode [ 40.168302][ T4420] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.169400][ T4420] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.172091][ T4420] device bridge_slave_1 entered promiscuous mode [ 40.181639][ T4420] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 40.183948][ T4420] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 40.191709][ T4420] team0: Port device team_slave_0 added [ 40.193287][ T4420] team0: Port device team_slave_1 added [ 40.199229][ T4420] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 40.200680][ T4420] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.204436][ T4420] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 40.206697][ T4420] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 40.207789][ T4420] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.211575][ T4420] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 40.241488][ T4420] device hsr_slave_0 entered promiscuous mode [ 40.280536][ T4420] device hsr_slave_1 entered promiscuous mode [ 40.340432][ T4420] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 40.341602][ T4420] Cannot create hsr debugfs directory [ 42.010650][ T47] Bluetooth: hci0: command 0x0409 tx timeout [ 42.091538][ T4362] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 44.071366][ T4362] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 44.100634][ T47] Bluetooth: hci0: command 0x041b tx timeout [ 44.162129][ T4362] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 45.384242][ T4420] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 45.471975][ T4420] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 45.572169][ T4420] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 45.622211][ T4420] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 45.741835][ T4420] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.745085][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 45.746582][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 45.748883][ T4420] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.751586][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 45.753210][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 45.755171][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.756245][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.757954][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 45.760205][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 45.763162][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 45.764653][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.765680][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.813511][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 45.816212][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 45.819175][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 45.821125][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 45.822655][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 45.825090][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 45.826685][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 45.828906][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 45.830440][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 45.833135][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 45.834616][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 45.836863][ T4420] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 45.917234][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 45.918585][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 45.922039][ T4420] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 45.927723][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 45.929377][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 45.976079][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 45.977654][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 45.979380][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 45.980893][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 45.982834][ T4420] device veth0_vlan entered promiscuous mode [ 45.986142][ T4420] device veth1_vlan entered promiscuous mode [ 45.993465][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 45.994988][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 45.996361][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 45.997795][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 46.000411][ T4420] device veth0_macvtap entered promiscuous mode [ 46.002826][ T4420] device veth1_macvtap entered promiscuous mode [ 46.006849][ T4420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.008269][ T4420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.010109][ T4420] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 46.012769][ T4420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.014449][ T4420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.016479][ T4420] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 46.017597][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 46.019162][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 46.021529][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 46.023001][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 46.024482][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 46.025966][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 46.030079][ T4420] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.032341][ T4420] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.033752][ T4420] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.035085][ T4420] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.170318][ T47] Bluetooth: hci0: command 0x040f tx timeout [ 46.420469][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.420918][ T151] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.422402][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.422671][ T151] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.424648][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 46.426678][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 46.490933][ T4519] loop0: detected capacity change from 0 to 512 [ 46.501027][ T4519] [ 46.501451][ T4519] ====================================================== [ 46.502465][ T4519] WARNING: possible circular locking dependency detected [ 46.503387][ T4519] syzkaller #0 Not tainted [ 46.504025][ T4519] ------------------------------------------------------ [ 46.504941][ T4519] syz.0.17/4519 is trying to acquire lock: [ 46.505743][ T4519] ffff0000d31e6b98 (&sbi->s_writepages_rwsem){.+.+}-{0:0}, at: ext4_writepages+0x188/0x284c [ 46.507121][ T4519] [ 46.507121][ T4519] but task is already holding lock: [ 46.508175][ T4519] ffff0000e9fd8ad0 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x37c/0x790 [ 46.509658][ T4519] [ 46.509658][ T4519] which lock already depends on the new lock. [ 46.509658][ T4519] [ 46.511153][ T4519] [ 46.511153][ T4519] the existing dependency chain (in reverse order) is: [ 46.512548][ T4519] [ 46.512548][ T4519] -> #2 (&ei->xattr_sem){++++}-{3:3}: [ 46.513721][ T4519] down_read+0x64/0x304 [ 46.514471][ T4519] ext4_setattr+0x7c4/0x150c [ 46.515193][ T4519] notify_change+0xb0c/0xdcc [ 46.515907][ T4519] chown_common+0x414/0x574 [ 46.516652][ T4519] do_fchownat+0x158/0x268 [ 46.517384][ T4519] __arm64_sys_fchownat+0xb8/0xd4 [ 46.518207][ T4519] invoke_syscall+0x98/0x2bc [ 46.519032][ T4519] el0_svc_common+0x138/0x258 [ 46.519875][ T4519] do_el0_svc+0x58/0x13c [ 46.520635][ T4519] el0_svc+0x58/0x138 [ 46.521350][ T4519] el0t_64_sync_handler+0x84/0xf0 [ 46.522194][ T4519] el0t_64_sync+0x18c/0x190 [ 46.522963][ T4519] [ 46.522963][ T4519] -> #1 (jbd2_handle){++++}-{0:0}: [ 46.524038][ T4519] start_this_handle+0xfe0/0x122c [ 46.524892][ T4519] jbd2__journal_start+0x288/0x51c [ 46.525730][ T4519] __ext4_journal_start_sb+0x2fc/0x674 [ 46.526717][ T4519] ext4_writepages+0xa28/0x284c [ 46.527556][ T4519] do_writepages+0x2c0/0x4fc [ 46.528303][ T4519] __writeback_single_inode+0x164/0x157c [ 46.529216][ T4519] writeback_sb_inodes+0x824/0x1404 [ 46.530074][ T4519] __writeback_inodes_wb+0x110/0x394 [ 46.530930][ T4519] wb_writeback+0x414/0xfb0 [ 46.531637][ T4519] wb_workfn+0xac0/0xd98 [ 46.532314][ T4519] process_one_work+0x7f4/0x13a8 [ 46.533124][ T4519] worker_thread+0x8c8/0xfbc [ 46.533847][ T4519] kthread+0x250/0x2d8 [ 46.534527][ T4519] ret_from_fork+0x10/0x20 [ 46.535229][ T4519] [ 46.535229][ T4519] -> #0 (&sbi->s_writepages_rwsem){.+.+}-{0:0}: [ 46.536521][ T4519] __lock_acquire+0x293c/0x6544 [ 46.537309][ T4519] lock_acquire+0x20c/0x644 [ 46.537997][ T4519] percpu_down_read+0x70/0x2a8 [ 46.538771][ T4519] ext4_writepages+0x188/0x284c [ 46.539535][ T4519] do_writepages+0x2c0/0x4fc [ 46.540278][ T4519] __writeback_single_inode+0x164/0x157c [ 46.541141][ T4519] writeback_single_inode+0x1c0/0x720 [ 46.541980][ T4519] write_inode_now+0x144/0x1b0 [ 46.542659][ T4519] iput+0x5cc/0x7f4 [ 46.543306][ T4519] ext4_xattr_block_set+0x17a4/0x2810 [ 46.544211][ T4519] ext4_expand_extra_isize_ea+0xcb8/0x15cc [ 46.545052][ T4519] __ext4_expand_extra_isize+0x298/0x358 [ 46.545876][ T4519] __ext4_mark_inode_dirty+0x3e4/0x790 [ 46.546750][ T4519] ext4_evict_inode+0xb58/0x1270 [ 46.547565][ T4519] evict+0x3c8/0x810 [ 46.548166][ T4519] iput+0x764/0x7f4 [ 46.548820][ T4519] ext4_process_orphan+0x240/0x2b4 [ 46.549617][ T4519] ext4_orphan_cleanup+0x908/0x104c [ 46.550428][ T4519] ext4_fill_super+0x6440/0x68a8 [ 46.551184][ T4519] get_tree_bdev+0x358/0x544 [ 46.551929][ T4519] ext4_get_tree+0x28/0x38 [ 46.552622][ T4519] vfs_get_tree+0x90/0x274 [ 46.553328][ T4519] do_new_mount+0x228/0x810 [ 46.554059][ T4519] path_mount+0x5b4/0xe78 [ 46.554786][ T4519] __arm64_sys_mount+0x49c/0x584 [ 46.555578][ T4519] invoke_syscall+0x98/0x2bc [ 46.556413][ T4519] el0_svc_common+0x138/0x258 [ 46.557174][ T4519] do_el0_svc+0x58/0x13c [ 46.557831][ T4519] el0_svc+0x58/0x138 [ 46.558520][ T4519] el0t_64_sync_handler+0x84/0xf0 [ 46.559304][ T4519] el0t_64_sync+0x18c/0x190 [ 46.560015][ T4519] [ 46.560015][ T4519] other info that might help us debug this: [ 46.560015][ T4519] [ 46.561503][ T4519] Chain exists of: [ 46.561503][ T4519] &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem [ 46.561503][ T4519] [ 46.563479][ T4519] Possible unsafe locking scenario: [ 46.563479][ T4519] [ 46.564598][ T4519] CPU0 CPU1 [ 46.565363][ T4519] ---- ---- [ 46.566092][ T4519] lock(&ei->xattr_sem); [ 46.566716][ T4519] lock(jbd2_handle); [ 46.567674][ T4519] lock(&ei->xattr_sem); [ 46.568779][ T4519] lock(&sbi->s_writepages_rwsem); [ 46.569644][ T4519] [ 46.569644][ T4519] *** DEADLOCK *** [ 46.569644][ T4519] [ 46.571035][ T4519] 3 locks held by syz.0.17/4519: [ 46.571826][ T4519] #0: ffff0000d31e40e0 (&type->s_umount_key#26/1){+.+.}-{3:3}, at: alloc_super+0x1a4/0x804 [ 46.573473][ T4519] #1: ffff0000d31e4650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x3dc/0x1270 [ 46.574928][ T4519] #2: ffff0000e9fd8ad0 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x37c/0x790 [ 46.576470][ T4519] [ 46.576470][ T4519] stack backtrace: [ 46.577309][ T4519] CPU: 0 PID: 4519 Comm: syz.0.17 Not tainted syzkaller #0 [ 46.578463][ T4519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 46.580074][ T4519] Call trace: [ 46.580602][ T4519] dump_backtrace+0x1c8/0x1f4 [ 46.581358][ T4519] show_stack+0x2c/0x3c [ 46.582055][ T4519] __dump_stack+0x30/0x40 [ 46.582714][ T4519] dump_stack_lvl+0xf8/0x160 [ 46.583407][ T4519] dump_stack+0x1c/0x5c [ 46.584029][ T4519] print_circular_bug+0x148/0x1b0 [ 46.584766][ T4519] check_noncircular+0x240/0x2d4 [ 46.585526][ T4519] __lock_acquire+0x293c/0x6544 [ 46.586260][ T4519] lock_acquire+0x20c/0x644 [ 46.586920][ T4519] percpu_down_read+0x70/0x2a8 [ 46.587609][ T4519] ext4_writepages+0x188/0x284c [ 46.588299][ T4519] do_writepages+0x2c0/0x4fc [ 46.588944][ T4519] __writeback_single_inode+0x164/0x157c [ 46.589738][ T4519] writeback_single_inode+0x1c0/0x720 [ 46.590538][ T4519] write_inode_now+0x144/0x1b0 [ 46.591243][ T4519] iput+0x5cc/0x7f4 [ 46.591788][ T4519] ext4_xattr_block_set+0x17a4/0x2810 [ 46.592518][ T4519] ext4_expand_extra_isize_ea+0xcb8/0x15cc [ 46.593342][ T4519] __ext4_expand_extra_isize+0x298/0x358 [ 46.594125][ T4519] __ext4_mark_inode_dirty+0x3e4/0x790 [ 46.594865][ T4519] ext4_evict_inode+0xb58/0x1270 [ 46.595584][ T4519] evict+0x3c8/0x810 [ 46.596141][ T4519] iput+0x764/0x7f4 [ 46.596712][ T4519] ext4_process_orphan+0x240/0x2b4 [ 46.597453][ T4519] ext4_orphan_cleanup+0x908/0x104c [ 46.598167][ T4519] ext4_fill_super+0x6440/0x68a8 [ 46.598868][ T4519] get_tree_bdev+0x358/0x544 [ 46.599590][ T4519] ext4_get_tree+0x28/0x38 [ 46.600273][ T4519] vfs_get_tree+0x90/0x274 [ 46.600929][ T4519] do_new_mount+0x228/0x810 [ 46.601605][ T4519] path_mount+0x5b4/0xe78 [ 46.602202][ T4519] __arm64_sys_mount+0x49c/0x584 [ 46.602849][ T4519] invoke_syscall+0x98/0x2bc [ 46.603534][ T4519] el0_svc_common+0x138/0x258 [ 46.604280][ T4519] do_el0_svc+0x58/0x13c [ 46.604905][ T4519] el0_svc+0x58/0x138 [ 46.605521][ T4519] el0t_64_sync_handler+0x84/0xf0 [ 46.606252][ T4519] el0t_64_sync+0x18c/0x190 [ 46.608250][ T4519] ------------[ cut here ]------------ [ 46.609113][ T4519] EA inode 11 i_nlink=2 [ 46.609180][ T4519] WARNING: CPU: 0 PID: 4519 at fs/ext4/xattr.c:1022 ext4_xattr_inode_update_ref+0x42c/0x470 [ 46.611138][ T4519] Modules linked in: [ 46.611741][ T4519] CPU: 0 PID: 4519 Comm: syz.0.17 Not tainted syzkaller #0 [ 46.612797][ T4519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 46.614295][ T4519] pstate: 62400005 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 46.615449][ T4519] pc : ext4_xattr_inode_update_ref+0x42c/0x470 [ 46.616404][ T4519] lr : ext4_xattr_inode_update_ref+0x42c/0x470 [ 46.617368][ T4519] sp : ffff800021456e00 [ 46.617981][ T4519] x29: ffff800021456ea0 x28: 0000000000000000 x27: dfff800000000000 [ 46.619151][ T4519] x26: 1fffe0001d3fb599 x25: ffff70000428adc4 x24: 0000000000000000 [ 46.620358][ T4519] x23: ffff800017a8a000 x22: ffff0000e9fdab10 x21: 0000000000000002 [ 46.621581][ T4519] x20: 0000000000000001 x19: ffff0000e9fdaad0 x18: ffff800011abbcc0 [ 46.622721][ T4519] x17: 0000000000000000 x16: ffff800008042d90 x15: 0000000000000000 [ 46.623907][ T4519] x14: 00000000ffffffff x13: 0000000000000001 x12: 0000000000ff0100 [ 46.625081][ T4519] x11: ff00800008191ca8 x10: 0000000000000000 x9 : dde4598b451b8a00 [ 46.626146][ T4519] x8 : dde4598b451b8a00 x7 : 0000000000000001 x6 : 0000000000000001 [ 46.627294][ T4519] x5 : ffff800021456898 x4 : ffff8000151a4920 x3 : ffff800008311fcc [ 46.628432][ T4519] x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000 [ 46.629584][ T4519] Call trace: [ 46.630048][ T4519] ext4_xattr_inode_update_ref+0x42c/0x470 [ 46.630865][ T4519] ext4_xattr_set_entry+0x918/0x15ac [ 46.631611][ T4519] ext4_xattr_ibody_set+0x204/0x600 [ 46.632385][ T4519] ext4_expand_extra_isize_ea+0xd00/0x15cc [ 46.633230][ T4519] __ext4_expand_extra_isize+0x298/0x358 [ 46.634052][ T4519] __ext4_mark_inode_dirty+0x3e4/0x790 [ 46.634800][ T4519] ext4_evict_inode+0xb58/0x1270 [ 46.635518][ T4519] evict+0x3c8/0x810 [ 46.636068][ T4519] iput+0x764/0x7f4 [ 46.636625][ T4519] ext4_process_orphan+0x240/0x2b4 [ 46.637369][ T4519] ext4_orphan_cleanup+0x908/0x104c [ 46.638174][ T4519] ext4_fill_super+0x6440/0x68a8 [ 46.638895][ T4519] get_tree_bdev+0x358/0x544 [ 46.639571][ T4519] ext4_get_tree+0x28/0x38 [ 46.640287][ T4519] vfs_get_tree+0x90/0x274 [ 46.640980][ T4519] do_new_mount+0x228/0x810 [ 46.641673][ T4519] path_mount+0x5b4/0xe78 [ 46.642393][ T4519] __arm64_sys_mount+0x49c/0x584 [ 46.643128][ T4519] invoke_syscall+0x98/0x2bc [ 46.643830][ T4519] el0_svc_common+0x138/0x258 [ 46.644532][ T4519] do_el0_svc+0x58/0x13c [ 46.645181][ T4519] el0_svc+0x58/0x138 [ 46.645743][ T4519] el0t_64_sync_handler+0x84/0xf0 [ 46.646456][ T4519] el0t_64_sync+0x18c/0x190 [ 46.647097][ T4519] irq event stamp: 4611 [ 46.647683][ T4519] hardirqs last enabled at (4611): [] _raw_spin_unlock_irqrestore+0x48/0xac [ 46.649139][ T4519] hardirqs last disabled at (4610): [] _raw_spin_lock_irqsave+0xa4/0xb4 [ 46.650550][ T4519] softirqs last enabled at (4452): [] handle_softirqs+0xaf8/0xc6c [ 46.651947][ T4519] softirqs last disabled at (4281): [] __do_softirq+0x14/0x20 [ 46.653144][ T4519] ---[ end trace 0000000000000000 ]--- [ 46.654852][ T4519] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #18: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 46.657069][ T4519] EXT4-fs (loop0): Remounting filesystem read-only [ 46.658185][ T4519] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 18 err=-117 [ 46.660066][ T4519] EXT4-fs (loop0): Remounting filesystem read-only [ 46.661027][ T4519] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #18: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 46.663035][ T4519] EXT4-fs (loop0): Remounting filesystem read-only [ 46.664049][ T4519] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 18 err=-117 [ 46.666054][ T4519] EXT4-fs (loop0): Remounting filesystem read-only [ 46.666982][ T4519] EXT4-fs (loop0): 1 orphan inode deleted [ 46.667817][ T4519] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 46.675792][ T4420] EXT4-fs (loop0): unmounting filesystem.