Warning: Permanently added '10.128.1.153' (ED25519) to the list of known hosts.
2025/09/12 16:29:33 parsed 1 programs
syzkaller login: [ 88.192960][ T5793] cgroup: Unknown subsys name 'net'
[ 88.344394][ T5793] cgroup: Unknown subsys name 'rlimit'
[ 90.151150][ T5793] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 92.147897][ T786] cfg80211: failed to load regulatory.db
[ 92.316076][ T50] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 92.324005][ T50] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 92.332345][ T50] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 92.341366][ T5815] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 92.349410][ T5815] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 92.357357][ T5815] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 92.650900][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 92.659621][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 92.698015][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 92.706229][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 93.276872][ T5833] chnl_net:caif_netlink_parms(): no params data found
[ 93.377241][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state
[ 93.384986][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state
[ 93.392953][ T5833] bridge_slave_0: entered allmulticast mode
[ 93.401283][ T5833] bridge_slave_0: entered promiscuous mode
[ 93.410609][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state
[ 93.418059][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state
[ 93.426719][ T5833] bridge_slave_1: entered allmulticast mode
[ 93.434045][ T5833] bridge_slave_1: entered promiscuous mode
[ 93.478871][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 93.490976][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 93.543196][ T5833] team0: Port device team_slave_0 added
[ 93.551217][ T5833] team0: Port device team_slave_1 added
[ 93.582578][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 93.592309][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 93.618432][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 93.639152][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 93.646356][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 93.672440][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 93.723656][ T5833] hsr_slave_0: entered promiscuous mode
[ 93.730486][ T5833] hsr_slave_1: entered promiscuous mode
[ 93.990058][ T5833] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 94.003442][ T5833] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 94.014233][ T5833] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 94.024353][ T5833] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 94.147801][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0
[ 94.180189][ T5833] 8021q: adding VLAN 0 to HW filter on device team0
[ 94.194105][ T11] bridge0: port 1(bridge_slave_0) entered blocking state
[ 94.201548][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 94.226479][ T48] bridge0: port 2(bridge_slave_1) entered blocking state
[ 94.234041][ T48] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 94.454598][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 94.503057][ T5833] veth0_vlan: entered promiscuous mode
[ 94.520495][ T5833] veth1_vlan: entered promiscuous mode
[ 94.557881][ T5833] veth0_macvtap: entered promiscuous mode
[ 94.568607][ T5833] veth1_macvtap: entered promiscuous mode
[ 94.592558][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 94.610837][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 94.624526][ T5833] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 94.633774][ T5833] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 94.643016][ T5833] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 94.651992][ T5833] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 94.951415][ T2931] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 97.479494][ T2931] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/09/12 16:29:45 executed programs: 0
[ 98.062920][ T5104] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 98.072032][ T5104] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 98.083267][ T5104] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 98.091969][ T5104] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 98.100863][ T5104] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 98.108657][ T5104] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 98.277625][ T5904] chnl_net:caif_netlink_parms(): no params data found
[ 98.350607][ T5904] bridge0: port 1(bridge_slave_0) entered blocking state
[ 98.357901][ T5904] bridge0: port 1(bridge_slave_0) entered disabled state
[ 98.366862][ T5904] bridge_slave_0: entered allmulticast mode
[ 98.373895][ T5904] bridge_slave_0: entered promiscuous mode
[ 98.382248][ T5904] bridge0: port 2(bridge_slave_1) entered blocking state
[ 98.389583][ T5904] bridge0: port 2(bridge_slave_1) entered disabled state
[ 98.397609][ T5904] bridge_slave_1: entered allmulticast mode
[ 98.404636][ T5904] bridge_slave_1: entered promiscuous mode
[ 98.437105][ T5904] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 98.448956][ T5904] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 98.484476][ T5904] team0: Port device team_slave_0 added
[ 98.493193][ T5904] team0: Port device team_slave_1 added
[ 98.522335][ T5904] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 98.529520][ T5904] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 98.556566][ T5904] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 98.572723][ T5904] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 98.579789][ T5904] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 98.605874][ T5904] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 98.654103][ T5904] hsr_slave_0: entered promiscuous mode
[ 98.661764][ T5904] hsr_slave_1: entered promiscuous mode
[ 98.668360][ T5904] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 98.678138][ T5904] Cannot create hsr debugfs directory
[ 99.828642][ T2931] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 99.881591][ T2931] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 100.135901][ T5815] Bluetooth: hci0: command tx timeout
[ 100.762091][ T5904] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 100.773995][ T5904] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 100.797172][ T2931] hsr_slave_0: left promiscuous mode
[ 100.803674][ T2931] hsr_slave_1: left promiscuous mode
[ 100.812804][ T2931] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 100.820876][ T2931] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 100.832816][ T2931] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 100.841504][ T2931] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 100.852366][ T2931] bridge_slave_1: left allmulticast mode
[ 100.858485][ T2931] bridge_slave_1: left promiscuous mode
[ 100.865340][ T2931] bridge0: port 2(bridge_slave_1) entered disabled state
[ 100.879463][ T2931] bridge_slave_0: left allmulticast mode
[ 100.885452][ T2931] bridge_slave_0: left promiscuous mode
[ 100.891310][ T2931] bridge0: port 1(bridge_slave_0) entered disabled state
[ 100.927707][ T2931] veth1_macvtap: left promiscuous mode
[ 100.933700][ T2931] veth0_macvtap: left promiscuous mode
[ 100.944685][ T2931] veth1_vlan: left promiscuous mode
[ 100.950917][ T2931] veth0_vlan: left promiscuous mode
[ 101.417714][ T2931] team0 (unregistering): Port device team_slave_1 removed
[ 101.454892][ T2931] team0 (unregistering): Port device team_slave_0 removed
[ 101.492298][ T2931] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 101.529605][ T2931] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 101.864055][ T2931] bond0 (unregistering): Released all slaves
[ 101.937744][ T5904] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 101.949517][ T5904] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 102.053629][ T5904] 8021q: adding VLAN 0 to HW filter on device bond0
[ 102.090386][ T5904] 8021q: adding VLAN 0 to HW filter on device team0
[ 102.108200][ T42] bridge0: port 1(bridge_slave_0) entered blocking state
[ 102.115432][ T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 102.141859][ T48] bridge0: port 2(bridge_slave_1) entered blocking state
[ 102.149049][ T48] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 102.216627][ T5815] Bluetooth: hci0: command tx timeout
[ 102.437113][ T5904] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 102.531753][ T5904] veth0_vlan: entered promiscuous mode
[ 102.557042][ T5904] veth1_vlan: entered promiscuous mode
[ 102.599553][ T5904] veth0_macvtap: entered promiscuous mode
[ 102.609486][ T5904] veth1_macvtap: entered promiscuous mode
[ 102.628963][ T5904] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 102.644184][ T5904] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 102.657090][ T5904] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 102.666128][ T5904] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 102.674862][ T5904] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 102.685671][ T5904] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 102.754620][ T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 102.766582][ T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 102.799170][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 102.807520][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 102.859621][ T5953] syz.0.17[5953]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[ 102.885006][ T5953] loop0: detected capacity change from 0 to 512
[ 102.920586][ T5953]
[ 102.922987][ T5953] ======================================================
[ 102.930041][ T5953] WARNING: possible circular locking dependency detected
[ 102.937101][ T5953] syzkaller #0 Not tainted
[ 102.941546][ T5953] ------------------------------------------------------
[ 102.948592][ T5953] syz.0.17/5953 is trying to acquire lock:
[ 102.954422][ T5953] ffff88802bb4ebd8 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x170/0x2f0
[ 102.964500][ T5953]
[ 102.964500][ T5953] but task is already holding lock:
[ 102.971892][ T5953] ffff888071f56ec8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3dc/0x6e0
[ 102.981784][ T5953]
[ 102.981784][ T5953] which lock already depends on the new lock.
[ 102.981784][ T5953]
[ 102.992197][ T5953]
[ 102.992197][ T5953] the existing dependency chain (in reverse order) is:
[ 103.001238][ T5953]
[ 103.001238][ T5953] -> #2 (&ei->xattr_sem){++++}-{3:3}:
[ 103.008804][ T5953] down_read+0x46/0x2e0
[ 103.013485][ T5953] ext4_setattr+0x86b/0x1c90
[ 103.018611][ T5953] notify_change+0xb0d/0xe10
[ 103.023726][ T5953] chown_common+0x3f9/0x5a0
[ 103.028749][ T5953] do_fchownat+0x168/0x270
[ 103.033690][ T5953] __x64_sys_chown+0x82/0x90
[ 103.038804][ T5953] do_syscall_64+0x55/0xb0
[ 103.043752][ T5953] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 103.050206][ T5953]
[ 103.050206][ T5953] -> #1 (jbd2_handle){++++}-{0:0}:
[ 103.057518][ T5953] start_this_handle+0x1e9d/0x20c0
[ 103.063149][ T5953] jbd2__journal_start+0x2bb/0x5b0
[ 103.068783][ T5953] __ext4_journal_start_sb+0x203/0x570
[ 103.074769][ T5953] ext4_do_writepages+0xf92/0x38d0
[ 103.080417][ T5953] ext4_writepages+0x1a8/0x2f0
[ 103.085706][ T5953] do_writepages+0x3a2/0x600
[ 103.090842][ T5953] filemap_fdatawrite_wbc+0x122/0x180
[ 103.096753][ T5953] file_write_and_wait_range+0x171/0x240
[ 103.102930][ T5953] ext4_sync_file+0x281/0xc10
[ 103.108238][ T5953] __x64_sys_fsync+0x195/0x1d0
[ 103.113649][ T5953] do_syscall_64+0x55/0xb0
[ 103.118697][ T5953] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 103.125152][ T5953]
[ 103.125152][ T5953] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}:
[ 103.133628][ T5953] __lock_acquire+0x2ddb/0x7c80
[ 103.139017][ T5953] lock_acquire+0x197/0x410
[ 103.144061][ T5953] percpu_down_read+0x44/0x1a0
[ 103.149357][ T5953] ext4_writepages+0x170/0x2f0
[ 103.154690][ T5953] do_writepages+0x3a2/0x600
[ 103.159827][ T5953] __writeback_single_inode+0x153/0xee0
[ 103.165936][ T5953] writeback_single_inode+0x211/0x720
[ 103.171858][ T5953] write_inode_now+0x161/0x1e0
[ 103.177182][ T5953] iput+0x5b2/0x920
[ 103.181521][ T5953] ext4_xattr_block_set+0x273a/0x32a0
[ 103.187443][ T5953] ext4_expand_extra_isize_ea+0x10ea/0x19e0
[ 103.193953][ T5953] __ext4_expand_extra_isize+0x306/0x400
[ 103.200131][ T5953] __ext4_mark_inode_dirty+0x45d/0x6e0
[ 103.206202][ T5953] ext4_evict_inode+0x7ed/0xea0
[ 103.211683][ T5953] evict+0x486/0x870
[ 103.216127][ T5953] ext4_orphan_cleanup+0xbd4/0x1400
[ 103.221897][ T5953] ext4_fill_super+0x5de7/0x66c0
[ 103.227372][ T5953] get_tree_bdev+0x3e4/0x510
[ 103.232546][ T5953] vfs_get_tree+0x8c/0x280
[ 103.237493][ T5953] do_new_mount+0x24b/0xa40
[ 103.242531][ T5953] __se_sys_mount+0x2da/0x3c0
[ 103.247735][ T5953] do_syscall_64+0x55/0xb0
[ 103.252681][ T5953] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 103.259135][ T5953]
[ 103.259135][ T5953] other info that might help us debug this:
[ 103.259135][ T5953]
[ 103.269375][ T5953] Chain exists of:
[ 103.269375][ T5953] &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem
[ 103.269375][ T5953]
[ 103.282765][ T5953] Possible unsafe locking scenario:
[ 103.282765][ T5953]
[ 103.290237][ T5953] CPU0 CPU1
[ 103.295601][ T5953] ---- ----
[ 103.300964][ T5953] lock(&ei->xattr_sem);
[ 103.305315][ T5953] lock(jbd2_handle);
[ 103.311902][ T5953] lock(&ei->xattr_sem);
[ 103.318843][ T5953] rlock(&sbi->s_writepages_rwsem);
[ 103.324155][ T5953]
[ 103.324155][ T5953] *** DEADLOCK ***
[ 103.324155][ T5953]
[ 103.334929][ T5953] 3 locks held by syz.0.17/5953:
[ 103.339923][ T5953] #0: ffff88802bb4c0e0 (&type->s_umount_key#31){++++}-{3:3}, at: get_tree_bdev+0x344/0x510
[ 103.350065][ T5953] #1: ffff88802bb4c608 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x2b9/0xea0
[ 103.359641][ T5953] #2: ffff888071f56ec8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3dc/0x6e0
[ 103.369926][ T5953]
[ 103.369926][ T5953] stack backtrace:
[ 103.375829][ T5953] CPU: 1 PID: 5953 Comm: syz.0.17 Not tainted syzkaller #0
[ 103.383042][ T5953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 103.393112][ T5953] Call Trace:
[ 103.396395][ T5953]
[ 103.399334][ T5953] dump_stack_lvl+0x16c/0x230
[ 103.404033][ T5953] ? load_image+0x3b0/0x3b0
[ 103.408560][ T5953] ? show_regs_print_info+0x20/0x20
[ 103.413890][ T5953] ? print_circular_bug+0x12b/0x1a0
[ 103.419113][ T5953] check_noncircular+0x2bd/0x3c0
[ 103.424071][ T5953] ? look_up_lock_class+0x75/0x140
[ 103.429206][ T5953] ? print_deadlock_bug+0x5d0/0x5d0
[ 103.434434][ T5953] ? lockdep_lock+0xe0/0x220
[ 103.439093][ T5953] ? _find_first_zero_bit+0xd3/0x100
[ 103.444489][ T5953] __lock_acquire+0x2ddb/0x7c80
[ 103.449394][ T5953] ? mark_lock+0x94/0x320
[ 103.453752][ T5953] ? verify_lock_unused+0x140/0x140
[ 103.458978][ T5953] ? __lock_acquire+0x1334/0x7c80
[ 103.464034][ T5953] ? verify_lock_unused+0x140/0x140
[ 103.469260][ T5953] lock_acquire+0x197/0x410
[ 103.473813][ T5953] ? ext4_writepages+0x170/0x2f0
[ 103.478778][ T5953] ? __might_sleep+0xe0/0xe0
[ 103.483377][ T5953] ? mark_lock+0x94/0x320
[ 103.487711][ T5953] ? read_lock_is_recursive+0x20/0x20
[ 103.493100][ T5953] ? __lock_acquire+0x1334/0x7c80
[ 103.498131][ T5953] percpu_down_read+0x44/0x1a0
[ 103.502920][ T5953] ? ext4_writepages+0x170/0x2f0
[ 103.507892][ T5953] ext4_writepages+0x170/0x2f0
[ 103.512782][ T5953] ? ext4_read_folio+0x2f0/0x2f0
[ 103.517768][ T5953] ? __rwlock_init+0x150/0x150
[ 103.522569][ T5953] ? _raw_spin_unlock_irqrestore+0x86/0x110
[ 103.528472][ T5953] ? do_raw_spin_unlock+0x121/0x230
[ 103.533693][ T5953] ? ext4_read_folio+0x2f0/0x2f0
[ 103.538663][ T5953] do_writepages+0x3a2/0x600
[ 103.543280][ T5953] ? folio_clear_dirty_for_io+0xc30/0xc30
[ 103.549037][ T5953] ? writeback_single_inode+0x206/0x720
[ 103.554611][ T5953] ? __lock_acquire+0x7c80/0x7c80
[ 103.559655][ T5953] ? do_raw_spin_lock+0x121/0x2c0
[ 103.564703][ T5953] ? get_tree_bdev+0x3e4/0x510
[ 103.569495][ T5953] __writeback_single_inode+0x153/0xee0
[ 103.575084][ T5953] writeback_single_inode+0x211/0x720
[ 103.580485][ T5953] ? write_inode_now+0x1e0/0x1e0
[ 103.585510][ T5953] write_inode_now+0x161/0x1e0
[ 103.590304][ T5953] ? bdi_split_work_to_wbs+0x890/0x890
[ 103.595791][ T5953] ? do_raw_spin_unlock+0x121/0x230
[ 103.601019][ T5953] iput+0x5b2/0x920
[ 103.604849][ T5953] ext4_xattr_block_set+0x273a/0x32a0
[ 103.610258][ T5953] ? __might_sleep+0xe0/0xe0
[ 103.614875][ T5953] ? xattr_find_entry+0x12b/0x2f0
[ 103.619927][ T5953] ? ext4_xattr_block_find+0x350/0x350
[ 103.625410][ T5953] ? ext4_xattr_block_find+0x2d4/0x350
[ 103.630897][ T5953] ext4_expand_extra_isize_ea+0x10ea/0x19e0
[ 103.636821][ T5953] __ext4_expand_extra_isize+0x306/0x400
[ 103.642532][ T5953] __ext4_mark_inode_dirty+0x45d/0x6e0
[ 103.648023][ T5953] ext4_evict_inode+0x7ed/0xea0
[ 103.652925][ T5953] ? _raw_spin_unlock+0x28/0x40
[ 103.657798][ T5953] ? ext4_inode_is_fast_symlink+0x390/0x390
[ 103.663705][ T5953] ? do_raw_spin_unlock+0x121/0x230
[ 103.668926][ T5953] ? ext4_inode_is_fast_symlink+0x390/0x390
[ 103.674836][ T5953] evict+0x486/0x870
[ 103.678744][ T5953] ? __lock_acquire+0x7c80/0x7c80
[ 103.683781][ T5953] ? proc_nr_inodes+0x230/0x230
[ 103.688643][ T5953] ? do_raw_spin_unlock+0x121/0x230
[ 103.693864][ T5953] ? _raw_spin_unlock+0x28/0x40
[ 103.698740][ T5953] ? iput+0x70a/0x920
[ 103.702738][ T5953] ext4_orphan_cleanup+0xbd4/0x1400
[ 103.707997][ T5953] ? ext4_orphan_del+0xba0/0xba0
[ 103.713000][ T5953] ? ext4_register_li_request+0x183/0x940
[ 103.718737][ T5953] ? errseq_check_and_advance+0x66/0x120
[ 103.724379][ T5953] ext4_fill_super+0x5de7/0x66c0
[ 103.729335][ T5953] ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[ 103.735628][ T5953] ? vscnprintf+0x80/0x80
[ 103.739997][ T5953] ? down_read_killable+0x340/0x340
[ 103.745233][ T5953] ? setup_bdev_super+0x56b/0x660
[ 103.750273][ T5953] get_tree_bdev+0x3e4/0x510
[ 103.754880][ T5953] ? vfs_parse_fs_string+0x160/0x160
[ 103.760180][ T5953] ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[ 103.766445][ T5953] ? setup_bdev_super+0x660/0x660
[ 103.771513][ T5953] ? apparmor_capable+0x137/0x1a0
[ 103.776551][ T5953] ? bpf_lsm_capable+0x9/0x10
[ 103.781241][ T5953] ? security_capable+0x89/0xb0
[ 103.786105][ T5953] vfs_get_tree+0x8c/0x280
[ 103.790526][ T5953] do_new_mount+0x24b/0xa40
[ 103.795031][ T5953] __se_sys_mount+0x2da/0x3c0
[ 103.799716][ T5953] ? __x64_sys_mount+0xc0/0xc0
[ 103.804487][ T5953] ? lockdep_hardirqs_on+0x98/0x150
[ 103.809692][ T5953] ? __x64_sys_mount+0x20/0xc0
[ 103.814482][ T5953] do_syscall_64+0x55/0xb0
[ 103.818912][ T5953] ? clear_bhb_loop+0x40/0x90
[ 103.823594][ T5953] ? clear_bhb_loop+0x40/0x90
[ 103.828275][ T5953] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 103.834183][ T5953] RIP: 0033:0x7fd1a8b9034a
[ 103.838689][ T5953] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 103.858397][ T5953] RSP: 002b:00007ffe4ca90e38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 103.866846][ T5953] RAX: ffffffffffffffda RBX: 00007ffe4ca90ec0 RCX: 00007fd1a8b9034a
[ 103.874848][ T5953] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007ffe4ca90e80
[ 103.882825][ T5953] RBP: 0000200000000180 R08: 00007ffe4ca90ec0 R09: 0000000000800700
[ 103.890818][ T5953] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[ 103.898788][ T5953] R13: 00007ffe4ca90e80 R14: 0000000000000473 R15: 0000200000000680
[ 103.906770][ T5953]
[ 103.914019][ T5953] ------------[ cut here ]------------
[ 103.919676][ T5953] EA inode 11 i_nlink=2
[ 103.928392][ T5953] WARNING: CPU: 1 PID: 5953 at fs/ext4/xattr.c:1070 ext4_xattr_inode_update_ref+0x521/0x580
[ 103.943139][ T5953] Modules linked in:
[ 103.947447][ T5953] CPU: 1 PID: 5953 Comm: syz.0.17 Not tainted syzkaller #0
[ 103.954691][ T5953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 103.965426][ T5953] RIP: 0010:ext4_xattr_inode_update_ref+0x521/0x580
[ 103.972175][ T5953] Code: 24 50 4c 89 f8 48 c1 e8 03 42 80 3c 28 00 74 08 4c 89 ff e8 31 43 9a ff 49 8b 37 48 c7 c7 00 d1 be 8a 44 89 f2 e8 cf 73 0d ff <0f> 0b 4c 8b 64 24 18 48 8b 5c 24 10 4c 8d 7c 24 60 e9 1f fe ff ff
[ 103.992297][ T5953] RSP: 0018:ffffc9000480f220 EFLAGS: 00010246
[ 103.998764][ T5953] RAX: 81b7d313f84f7a00 RBX: 0000000000000001 RCX: ffff88807a31bc00
[ 104.007215][ T5953] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[ 104.015573][ T5953] RBP: ffffc9000480f318 R08: ffffc9000480ee27 R09: 1ffff92000901dc4
[ 104.023893][ T5953] R10: dffffc0000000000 R11: fffff52000901dc5 R12: ffff88805d9002b0
[ 104.032208][ T5953] R13: dffffc0000000000 R14: 0000000000000002 R15: ffff88805d900300
[ 104.040625][ T5953] FS: 0000555566fc3500(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[ 104.050174][ T5953] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 104.057153][ T5953] CR2: 000055b084f10000 CR3: 00000000765a0000 CR4: 00000000003506e0
[ 104.065800][ T5953] Call Trace:
[ 104.069115][ T5953]
[ 104.072057][ T5953] ? ext4_xattr_list_entries+0x3d0/0x3d0
[ 104.078225][ T5953] ? ext4_xattr_inode_iget+0x3df/0x600
[ 104.083761][ T5953] ext4_xattr_set_entry+0xcda/0x1e90
[ 104.089772][ T5953] ext4_xattr_ibody_set+0x254/0x6a0
[ 104.095009][ T5953] ext4_expand_extra_isize_ea+0x113a/0x19e0
[ 104.101713][ T5953] __ext4_expand_extra_isize+0x306/0x400
[ 104.107771][ T5953] __ext4_mark_inode_dirty+0x45d/0x6e0
[ 104.113293][ T5953] ext4_evict_inode+0x7ed/0xea0
[ 104.118219][ T5953] ? _raw_spin_unlock+0x28/0x40
[ 104.123109][ T5953] ? ext4_inode_is_fast_symlink+0x390/0x390
[ 104.129212][ T5953] ? do_raw_spin_unlock+0x121/0x230
[ 104.134473][ T5953] ? ext4_inode_is_fast_symlink+0x390/0x390
[ 104.140491][ T5953] evict+0x486/0x870
[ 104.144451][ T5953] ? __lock_acquire+0x7c80/0x7c80
[ 104.149563][ T5953] ? proc_nr_inodes+0x230/0x230
[ 104.154487][ T5953] ? do_raw_spin_unlock+0x121/0x230
[ 104.160026][ T5953] ? _raw_spin_unlock+0x28/0x40
[ 104.164998][ T5953] ? iput+0x70a/0x920
[ 104.169263][ T5953] ext4_orphan_cleanup+0xbd4/0x1400
[ 104.174515][ T5953] ? ext4_orphan_del+0xba0/0xba0
[ 104.179594][ T5953] ? ext4_register_li_request+0x183/0x940
[ 104.185517][ T5953] ? errseq_check_and_advance+0x66/0x120
[ 104.191204][ T5953] ext4_fill_super+0x5de7/0x66c0
[ 104.196231][ T5953] ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[ 104.202651][ T5953] ? vscnprintf+0x80/0x80
[ 104.207064][ T5953] ? down_read_killable+0x340/0x340
[ 104.212488][ T5953] ? setup_bdev_super+0x56b/0x660
[ 104.217807][ T5953] get_tree_bdev+0x3e4/0x510
[ 104.222548][ T5953] ? vfs_parse_fs_string+0x160/0x160
[ 104.230949][ T5953] ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[ 104.237367][ T5953] ? setup_bdev_super+0x660/0x660
[ 104.242550][ T5953] ? apparmor_capable+0x137/0x1a0
[ 104.247863][ T5953] ? bpf_lsm_capable+0x9/0x10
[ 104.252919][ T5953] ? security_capable+0x89/0xb0
[ 104.258048][ T5953] vfs_get_tree+0x8c/0x280
[ 104.262490][ T5953] do_new_mount+0x24b/0xa40
[ 104.267079][ T5953] __se_sys_mount+0x2da/0x3c0
[ 104.272027][ T5953] ? __x64_sys_mount+0xc0/0xc0
[ 104.276915][ T5953] ? lockdep_hardirqs_on+0x98/0x150
[ 104.282169][ T5953] ? __x64_sys_mount+0x20/0xc0
[ 104.287027][ T5953] do_syscall_64+0x55/0xb0
[ 104.291477][ T5953] ? clear_bhb_loop+0x40/0x90
[ 104.296235][ T5953] ? clear_bhb_loop+0x40/0x90
[ 104.301134][ T5953] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 104.305244][ T5815] Bluetooth: hci0: command tx timeout
[ 104.307135][ T5953] RIP: 0033:0x7fd1a8b9034a
[ 104.317312][ T5953] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 104.337110][ T5953] RSP: 002b:00007ffe4ca90e38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 104.345778][ T5953] RAX: ffffffffffffffda RBX: 00007ffe4ca90ec0 RCX: 00007fd1a8b9034a
[ 104.354021][ T5953] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007ffe4ca90e80
[ 104.362466][ T5953] RBP: 0000200000000180 R08: 00007ffe4ca90ec0 R09: 0000000000800700
[ 104.370675][ T5953] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[ 104.379009][ T5953] R13: 00007ffe4ca90e80 R14: 0000000000000473 R15: 0000200000000680
[ 104.387261][ T5953]
[ 104.390347][ T5953] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 104.397678][ T5953] CPU: 1 PID: 5953 Comm: syz.0.17 Not tainted syzkaller #0
[ 104.404905][ T5953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 104.414983][ T5953] Call Trace:
[ 104.418275][ T5953]
[ 104.421241][ T5953] dump_stack_lvl+0x16c/0x230
[ 104.426466][ T5953] ? show_regs_print_info+0x20/0x20
[ 104.431673][ T5953] ? load_image+0x3b0/0x3b0
[ 104.436206][ T5953] panic+0x2c0/0x710
[ 104.440120][ T5953] ? bpf_jit_dump+0xd0/0xd0
[ 104.444648][ T5953] __warn+0x2e0/0x470
[ 104.448653][ T5953] ? ext4_xattr_inode_update_ref+0x521/0x580
[ 104.454746][ T5953] ? ext4_xattr_inode_update_ref+0x521/0x580
[ 104.460831][ T5953] report_bug+0x2be/0x4f0
[ 104.465202][ T5953] ? ext4_xattr_inode_update_ref+0x521/0x580
[ 104.471311][ T5953] ? ext4_xattr_inode_update_ref+0x521/0x580
[ 104.477319][ T5953] ? ext4_xattr_inode_update_ref+0x523/0x580
[ 104.483339][ T5953] handle_bug+0xcf/0x120
[ 104.487598][ T5953] exc_invalid_op+0x1a/0x50
[ 104.492124][ T5953] asm_exc_invalid_op+0x1a/0x20
[ 104.496983][ T5953] RIP: 0010:ext4_xattr_inode_update_ref+0x521/0x580
[ 104.503589][ T5953] Code: 24 50 4c 89 f8 48 c1 e8 03 42 80 3c 28 00 74 08 4c 89 ff e8 31 43 9a ff 49 8b 37 48 c7 c7 00 d1 be 8a 44 89 f2 e8 cf 73 0d ff <0f> 0b 4c 8b 64 24 18 48 8b 5c 24 10 4c 8d 7c 24 60 e9 1f fe ff ff
[ 104.523208][ T5953] RSP: 0018:ffffc9000480f220 EFLAGS: 00010246
[ 104.529285][ T5953] RAX: 81b7d313f84f7a00 RBX: 0000000000000001 RCX: ffff88807a31bc00
[ 104.537262][ T5953] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[ 104.545247][ T5953] RBP: ffffc9000480f318 R08: ffffc9000480ee27 R09: 1ffff92000901dc4
[ 104.553412][ T5953] R10: dffffc0000000000 R11: fffff52000901dc5 R12: ffff88805d9002b0
[ 104.561583][ T5953] R13: dffffc0000000000 R14: 0000000000000002 R15: ffff88805d900300
[ 104.569643][ T5953] ? ext4_xattr_list_entries+0x3d0/0x3d0
[ 104.575353][ T5953] ? ext4_xattr_inode_iget+0x3df/0x600
[ 104.580957][ T5953] ext4_xattr_set_entry+0xcda/0x1e90
[ 104.586273][ T5953] ext4_xattr_ibody_set+0x254/0x6a0
[ 104.591521][ T5953] ext4_expand_extra_isize_ea+0x113a/0x19e0
[ 104.597443][ T5953] __ext4_expand_extra_isize+0x306/0x400
[ 104.603100][ T5953] __ext4_mark_inode_dirty+0x45d/0x6e0
[ 104.608598][ T5953] ext4_evict_inode+0x7ed/0xea0
[ 104.613464][ T5953] ? _raw_spin_unlock+0x28/0x40
[ 104.618324][ T5953] ? ext4_inode_is_fast_symlink+0x390/0x390
[ 104.624242][ T5953] ? do_raw_spin_unlock+0x121/0x230
[ 104.629540][ T5953] ? ext4_inode_is_fast_symlink+0x390/0x390
[ 104.635460][ T5953] evict+0x486/0x870
[ 104.639376][ T5953] ? __lock_acquire+0x7c80/0x7c80
[ 104.644412][ T5953] ? proc_nr_inodes+0x230/0x230
[ 104.649275][ T5953] ? do_raw_spin_unlock+0x121/0x230
[ 104.654508][ T5953] ? _raw_spin_unlock+0x28/0x40
[ 104.659387][ T5953] ? iput+0x70a/0x920
[ 104.663390][ T5953] ext4_orphan_cleanup+0xbd4/0x1400
[ 104.668617][ T5953] ? ext4_orphan_del+0xba0/0xba0
[ 104.673599][ T5953] ? ext4_register_li_request+0x183/0x940
[ 104.679351][ T5953] ? errseq_check_and_advance+0x66/0x120
[ 104.685052][ T5953] ext4_fill_super+0x5de7/0x66c0
[ 104.690026][ T5953] ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[ 104.696281][ T5953] ? vscnprintf+0x80/0x80
[ 104.700710][ T5953] ? down_read_killable+0x340/0x340
[ 104.705927][ T5953] ? setup_bdev_super+0x56b/0x660
[ 104.710979][ T5953] get_tree_bdev+0x3e4/0x510
[ 104.715596][ T5953] ? vfs_parse_fs_string+0x160/0x160
[ 104.721017][ T5953] ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[ 104.727296][ T5953] ? setup_bdev_super+0x660/0x660
[ 104.732361][ T5953] ? apparmor_capable+0x137/0x1a0
[ 104.737419][ T5953] ? bpf_lsm_capable+0x9/0x10
[ 104.742124][ T5953] ? security_capable+0x89/0xb0
[ 104.747008][ T5953] vfs_get_tree+0x8c/0x280
[ 104.751466][ T5953] do_new_mount+0x24b/0xa40
[ 104.756032][ T5953] __se_sys_mount+0x2da/0x3c0
[ 104.760733][ T5953] ? __x64_sys_mount+0xc0/0xc0
[ 104.765514][ T5953] ? lockdep_hardirqs_on+0x98/0x150
[ 104.770741][ T5953] ? __x64_sys_mount+0x20/0xc0
[ 104.775512][ T5953] do_syscall_64+0x55/0xb0
[ 104.779969][ T5953] ? clear_bhb_loop+0x40/0x90
[ 104.784659][ T5953] ? clear_bhb_loop+0x40/0x90
[ 104.789347][ T5953] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 104.795265][ T5953] RIP: 0033:0x7fd1a8b9034a
[ 104.799691][ T5953] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 104.819319][ T5953] RSP: 002b:00007ffe4ca90e38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 104.827744][ T5953] RAX: ffffffffffffffda RBX: 00007ffe4ca90ec0 RCX: 00007fd1a8b9034a
[ 104.835723][ T5953] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007ffe4ca90e80
[ 104.843704][ T5953] RBP: 0000200000000180 R08: 00007ffe4ca90ec0 R09: 0000000000800700
[ 104.851687][ T5953] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[ 104.859672][ T5953] R13: 00007ffe4ca90e80 R14: 0000000000000473 R15: 0000200000000680
[ 104.867657][ T5953]
[ 104.870962][ T5953] Kernel Offset: disabled
[ 104.875290][ T5953] Rebooting in 86400 seconds..