Warning: Permanently added '10.128.1.13' (ED25519) to the list of known hosts. 2025/12/03 15:19:36 parsed 1 programs [ 57.970322][ T4271] cgroup: Unknown subsys name 'net' [ 58.165534][ T4271] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 59.383647][ T4271] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 60.613739][ T4278] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 60.621944][ T4278] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 60.629434][ T4278] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 60.637828][ T4278] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 60.645543][ T4278] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 60.653021][ T4278] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 62.133086][ T4317] chnl_net:caif_netlink_parms(): no params data found [ 62.179755][ T4317] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.187636][ T4317] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.195524][ T4317] device bridge_slave_0 entered promiscuous mode [ 62.204141][ T4317] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.211342][ T4317] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.219018][ T4317] device bridge_slave_1 entered promiscuous mode [ 62.247725][ T4317] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.258813][ T4317] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.288053][ T4317] team0: Port device team_slave_0 added [ 62.297182][ T4317] team0: Port device team_slave_1 added [ 62.319643][ T4317] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 62.326670][ T4317] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.352700][ T4317] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 62.365039][ T4317] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 62.372003][ T4317] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.397974][ T4317] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 62.431920][ T4317] device hsr_slave_0 entered promiscuous mode [ 62.438646][ T4317] device hsr_slave_1 entered promiscuous mode [ 62.536433][ T4317] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 62.548082][ T4317] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 62.558311][ T4317] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 62.567318][ T4317] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 62.599133][ T4317] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.606397][ T4317] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.614198][ T4317] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.621321][ T4317] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.659967][ T4317] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.673518][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.685216][ T75] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.694351][ T75] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.704859][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 62.718282][ T4317] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.753591][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 62.762544][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.769620][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.777979][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 62.790681][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.798230][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.819357][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 62.827929][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 62.840723][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 62.852357][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 62.863539][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 62.875911][ T4317] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 63.010204][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 63.018802][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 63.036724][ T4317] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.052468][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 63.069758][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 63.078797][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 63.087190][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 63.097374][ T4317] device veth0_vlan entered promiscuous mode [ 63.115007][ T4317] device veth1_vlan entered promiscuous mode [ 63.131850][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 63.140263][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 63.156021][ T4317] device veth0_macvtap entered promiscuous mode [ 63.166216][ T4317] device veth1_macvtap entered promiscuous mode [ 63.180536][ T4317] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 63.191089][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 63.199108][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 63.207296][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 63.216470][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 63.226668][ T4317] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 63.238889][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 63.247410][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 63.258237][ T4317] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.267559][ T4317] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.276610][ T4317] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.285471][ T4317] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.708922][ T9] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.167628][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.178675][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.193680][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 64.204055][ T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.214113][ T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.230235][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 2025/12/03 15:19:44 executed programs: 0 [ 64.545193][ T4280] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 64.553768][ T4280] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 64.561389][ T4280] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 64.569280][ T4280] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 64.577994][ T4280] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 64.585570][ T4280] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 64.690314][ T4370] chnl_net:caif_netlink_parms(): no params data found [ 64.737005][ T4370] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.744237][ T4370] bridge0: port 1(bridge_slave_0) entered disabled state [ 64.751970][ T4370] device bridge_slave_0 entered promiscuous mode [ 64.759993][ T4370] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.767142][ T4370] bridge0: port 2(bridge_slave_1) entered disabled state [ 64.775105][ T4370] device bridge_slave_1 entered promiscuous mode [ 64.799176][ T4370] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 64.811526][ T4370] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 64.834267][ T4370] team0: Port device team_slave_0 added [ 64.841440][ T4370] team0: Port device team_slave_1 added [ 64.860966][ T4370] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 64.867967][ T4370] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.894204][ T4370] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 64.908073][ T4370] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 64.916102][ T4370] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.942602][ T4370] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 64.969474][ T4370] device hsr_slave_0 entered promiscuous mode [ 64.977304][ T4370] device hsr_slave_1 entered promiscuous mode [ 64.984081][ T4370] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 64.991998][ T4370] Cannot create hsr debugfs directory [ 65.820107][ T9] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.621572][ T4278] Bluetooth: hci0: command 0x0409 tx timeout [ 68.070484][ T9] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.132477][ T9] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.711567][ T4280] Bluetooth: hci0: command 0x041b tx timeout [ 68.946509][ T4370] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 68.958166][ T4370] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 68.968140][ T4370] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 68.986611][ T9] device hsr_slave_0 left promiscuous mode [ 68.996559][ T9] device hsr_slave_1 left promiscuous mode [ 69.003555][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 69.013872][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 69.022991][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 69.030392][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 69.040259][ T9] device bridge_slave_1 left promiscuous mode [ 69.047135][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.057904][ T9] device bridge_slave_0 left promiscuous mode [ 69.064594][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.082032][ T9] device veth1_macvtap left promiscuous mode [ 69.088191][ T9] device veth0_macvtap left promiscuous mode [ 69.094516][ T9] device veth1_vlan left promiscuous mode [ 69.100388][ T9] device veth0_vlan left promiscuous mode [ 69.359129][ T9] team0 (unregistering): Port device team_slave_1 removed [ 69.384508][ T9] team0 (unregistering): Port device team_slave_0 removed [ 69.410811][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 69.441582][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 69.668076][ T9] bond0 (unregistering): Released all slaves [ 69.768142][ T4370] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 69.822458][ T4370] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.836745][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 69.844863][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 69.856255][ T4370] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.865589][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 69.874239][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 69.885014][ T75] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.892128][ T75] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.899926][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 69.913064][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 69.921993][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 69.930488][ T41] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.937614][ T41] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.947211][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 69.959050][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 69.969574][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 69.978790][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 69.987807][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 70.011239][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 70.019975][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 70.028415][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 70.036809][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 70.048011][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 70.056569][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 70.069681][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 70.258899][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 70.266514][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 70.280683][ T4370] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.307916][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 70.317280][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 70.347046][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 70.355468][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 70.364355][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 70.373176][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 70.382444][ T4370] device veth0_vlan entered promiscuous mode [ 70.393040][ T4370] device veth1_vlan entered promiscuous mode [ 70.408484][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 70.416802][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 70.425924][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 70.434678][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 70.444679][ T4370] device veth0_macvtap entered promiscuous mode [ 70.466056][ T4370] device veth1_macvtap entered promiscuous mode [ 70.479961][ T4370] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 70.488597][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 70.496926][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 70.505112][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 70.513707][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 70.524432][ T4370] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 70.543032][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 70.551791][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 70.563324][ T4370] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.572247][ T4370] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.581465][ T4370] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.590224][ T4370] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.643817][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 70.652732][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 70.674607][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 70.689969][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 70.698355][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 70.715587][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 70.756490][ T4429] loop0: detected capacity change from 0 to 512 [ 70.771254][ T4429] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 70.781336][ T4280] Bluetooth: hci0: command 0x040f tx timeout [ 70.808570][ T4429] [ 70.810919][ T4429] ====================================================== [ 70.817924][ T4429] WARNING: possible circular locking dependency detected [ 70.824925][ T4429] syzkaller #0 Not tainted [ 70.829315][ T4429] ------------------------------------------------------ [ 70.836307][ T4429] syz.0.17/4429 is trying to acquire lock: [ 70.842083][ T4429] ffff88801fe64b98 (&sbi->s_writepages_rwsem){.+.+}-{0:0}, at: ext4_writepages+0x1c0/0x2e50 [ 70.852159][ T4429] [ 70.852159][ T4429] but task is already holding lock: [ 70.859506][ T4429] ffff888068e532f0 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3fe/0x770 [ 70.869321][ T4429] [ 70.869321][ T4429] which lock already depends on the new lock. [ 70.869321][ T4429] [ 70.879704][ T4429] [ 70.879704][ T4429] the existing dependency chain (in reverse order) is: [ 70.888705][ T4429] [ 70.888705][ T4429] -> #2 (&ei->xattr_sem){++++}-{3:3}: [ 70.896241][ T4429] down_read+0x42/0x2d0 [ 70.900909][ T4429] ext4_setattr+0x92a/0x19f0 [ 70.906013][ T4429] notify_change+0xc74/0xf40 [ 70.911106][ T4429] chown_common+0x486/0x620 [ 70.916112][ T4429] do_fchownat+0x164/0x270 [ 70.921029][ T4429] __x64_sys_chown+0x7e/0x90 [ 70.926119][ T4429] do_syscall_64+0x4c/0xa0 [ 70.931038][ T4429] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 70.937432][ T4429] [ 70.937432][ T4429] -> #1 (jbd2_handle){++++}-{0:0}: [ 70.944707][ T4429] start_this_handle+0x1f49/0x2150 [ 70.950324][ T4429] jbd2__journal_start+0x2b7/0x5a0 [ 70.955941][ T4429] __ext4_journal_start_sb+0x187/0x3d0 [ 70.961908][ T4429] ext4_writepages+0xde7/0x2e50 [ 70.967260][ T4429] do_writepages+0x3b7/0x610 [ 70.972356][ T4429] filemap_fdatawrite_wbc+0x11e/0x180 [ 70.978229][ T4429] file_write_and_wait_range+0x137/0x200 [ 70.984364][ T4429] ext4_sync_file+0x23b/0xca0 [ 70.989543][ T4429] __x64_sys_fsync+0x1a5/0x1e0 [ 70.994813][ T4429] do_syscall_64+0x4c/0xa0 [ 70.999734][ T4429] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 71.006128][ T4429] [ 71.006128][ T4429] -> #0 (&sbi->s_writepages_rwsem){.+.+}-{0:0}: [ 71.014532][ T4429] __lock_acquire+0x2cf8/0x7c50 [ 71.019889][ T4429] lock_acquire+0x1b4/0x490 [ 71.024896][ T4429] percpu_down_read+0x44/0x1a0 [ 71.030161][ T4429] ext4_writepages+0x1c0/0x2e50 [ 71.035509][ T4429] do_writepages+0x3b7/0x610 [ 71.040601][ T4429] __writeback_single_inode+0x156/0x1160 [ 71.046737][ T4429] writeback_single_inode+0x221/0x8b0 [ 71.052613][ T4429] write_inode_now+0x15d/0x1d0 [ 71.057878][ T4429] iput+0x613/0x980 [ 71.062189][ T4429] ext4_xattr_block_set+0x2736/0x32a0 [ 71.068061][ T4429] ext4_expand_extra_isize_ea+0x109b/0x19b0 [ 71.074459][ T4429] __ext4_expand_extra_isize+0x301/0x3e0 [ 71.080590][ T4429] __ext4_mark_inode_dirty+0x47f/0x770 [ 71.086552][ T4429] ext4_evict_inode+0xa73/0x1100 [ 71.091992][ T4429] evict+0x485/0x870 [ 71.096388][ T4429] ext4_orphan_cleanup+0xbd3/0x1400 [ 71.102089][ T4429] ext4_fill_super+0x7bdf/0x8150 [ 71.107525][ T4429] get_tree_bdev+0x3f1/0x610 [ 71.112617][ T4429] vfs_get_tree+0x88/0x270 [ 71.117533][ T4429] do_new_mount+0x24a/0xa40 [ 71.122536][ T4429] __se_sys_mount+0x2d6/0x3c0 [ 71.127714][ T4429] do_syscall_64+0x4c/0xa0 [ 71.132631][ T4429] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 71.139024][ T4429] [ 71.139024][ T4429] other info that might help us debug this: [ 71.139024][ T4429] [ 71.149231][ T4429] Chain exists of: [ 71.149231][ T4429] &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem [ 71.149231][ T4429] [ 71.162592][ T4429] Possible unsafe locking scenario: [ 71.162592][ T4429] [ 71.170017][ T4429] CPU0 CPU1 [ 71.175360][ T4429] ---- ---- [ 71.180701][ T4429] lock(&ei->xattr_sem); [ 71.185009][ T4429] lock(jbd2_handle); [ 71.191574][ T4429] lock(&ei->xattr_sem); [ 71.198404][ T4429] lock(&sbi->s_writepages_rwsem); [ 71.203579][ T4429] [ 71.203579][ T4429] *** DEADLOCK *** [ 71.203579][ T4429] [ 71.211700][ T4429] 3 locks held by syz.0.17/4429: [ 71.216613][ T4429] #0: ffff88801fe600e0 (&type->s_umount_key#27/1){+.+.}-{3:3}, at: alloc_super+0x1fa/0x930 [ 71.226688][ T4429] #1: ffff88801fe60650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x436/0x1100 [ 71.236151][ T4429] #2: ffff888068e532f0 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3fe/0x770 [ 71.246393][ T4429] [ 71.246393][ T4429] stack backtrace: [ 71.252275][ T4429] CPU: 1 PID: 4429 Comm: syz.0.17 Not tainted syzkaller #0 [ 71.259453][ T4429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 71.269493][ T4429] Call Trace: [ 71.272757][ T4429] [ 71.275670][ T4429] dump_stack_lvl+0x168/0x22e [ 71.280334][ T4429] ? load_image+0x3b0/0x3b0 [ 71.284822][ T4429] ? show_regs_print_info+0x12/0x12 [ 71.290001][ T4429] ? print_circular_bug+0x12b/0x1a0 [ 71.295186][ T4429] check_noncircular+0x274/0x310 [ 71.300107][ T4429] ? add_chain_block+0x940/0x940 [ 71.305030][ T4429] ? lockdep_lock+0xdc/0x1e0 [ 71.309603][ T4429] ? verify_lock_unused+0x140/0x140 [ 71.314782][ T4429] ? _find_first_zero_bit+0xcf/0x100 [ 71.320052][ T4429] __lock_acquire+0x2cf8/0x7c50 [ 71.324891][ T4429] ? verify_lock_unused+0x140/0x140 [ 71.330069][ T4429] ? mark_lock+0x94/0x320 [ 71.334381][ T4429] ? __lock_acquire+0x13c0/0x7c50 [ 71.339392][ T4429] lock_acquire+0x1b4/0x490 [ 71.343879][ T4429] ? ext4_writepages+0x1c0/0x2e50 [ 71.348885][ T4429] ? __might_sleep+0xd0/0xd0 [ 71.353460][ T4429] ? read_lock_is_recursive+0x10/0x10 [ 71.358815][ T4429] ? __lock_acquire+0x12e5/0x7c50 [ 71.363824][ T4429] ? mark_lock+0x94/0x320 [ 71.368139][ T4429] percpu_down_read+0x44/0x1a0 [ 71.372883][ T4429] ? ext4_writepages+0x1c0/0x2e50 [ 71.377886][ T4429] ext4_writepages+0x1c0/0x2e50 [ 71.382717][ T4429] ? __lock_acquire+0x13c0/0x7c50 [ 71.387728][ T4429] ? verify_lock_unused+0x140/0x140 [ 71.392911][ T4429] ? mark_lock+0x94/0x320 [ 71.397221][ T4429] ? ext4_read_folio+0x370/0x370 [ 71.402143][ T4429] ? __lock_acquire+0x13c0/0x7c50 [ 71.407154][ T4429] ? __lock_acquire+0x7c50/0x7c50 [ 71.412162][ T4429] ? do_raw_spin_lock+0x11d/0x280 [ 71.417171][ T4429] ? do_raw_spin_unlock+0x11d/0x230 [ 71.422353][ T4429] ? ext4_read_folio+0x370/0x370 [ 71.427269][ T4429] do_writepages+0x3b7/0x610 [ 71.431844][ T4429] ? __writepage+0x130/0x130 [ 71.436414][ T4429] ? writeback_single_inode+0x216/0x8b0 [ 71.441946][ T4429] ? __lock_acquire+0x7c50/0x7c50 [ 71.446951][ T4429] ? do_raw_spin_lock+0x11d/0x280 [ 71.451958][ T4429] ? __ext4_expand_extra_isize+0x301/0x3e0 [ 71.457747][ T4429] __writeback_single_inode+0x156/0x1160 [ 71.463363][ T4429] writeback_single_inode+0x221/0x8b0 [ 71.468737][ T4429] ? write_inode_now+0x1d0/0x1d0 [ 71.473678][ T4429] write_inode_now+0x15d/0x1d0 [ 71.478437][ T4429] ? bdi_split_work_to_wbs+0x890/0x890 [ 71.483887][ T4429] ? rcu_is_watching+0x11/0xa0 [ 71.488640][ T4429] ? do_raw_spin_unlock+0x11d/0x230 [ 71.493829][ T4429] iput+0x613/0x980 [ 71.497622][ T4429] ext4_xattr_block_set+0x2736/0x32a0 [ 71.502982][ T4429] ? __might_sleep+0xd0/0xd0 [ 71.507561][ T4429] ? xattr_find_entry+0x12b/0x2f0 [ 71.512568][ T4429] ? ext4_xattr_block_find+0x2b0/0x2b0 [ 71.518008][ T4429] ? ext4_xattr_block_find+0x241/0x2b0 [ 71.523448][ T4429] ext4_expand_extra_isize_ea+0x109b/0x19b0 [ 71.529333][ T4429] __ext4_expand_extra_isize+0x301/0x3e0 [ 71.534952][ T4429] __ext4_mark_inode_dirty+0x47f/0x770 [ 71.540398][ T4429] ext4_evict_inode+0xa73/0x1100 [ 71.545320][ T4429] ? _raw_spin_unlock+0x24/0x40 [ 71.550158][ T4429] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 71.556034][ T4429] ? do_raw_spin_unlock+0x11d/0x230 [ 71.561216][ T4429] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 71.567094][ T4429] evict+0x485/0x870 [ 71.570972][ T4429] ? __lock_acquire+0x7c50/0x7c50 [ 71.575981][ T4429] ? proc_nr_inodes+0x2f0/0x2f0 [ 71.580810][ T4429] ? do_raw_spin_unlock+0x11d/0x230 [ 71.585995][ T4429] ? _raw_spin_unlock+0x24/0x40 [ 71.590830][ T4429] ? iput+0x768/0x980 [ 71.594793][ T4429] ext4_orphan_cleanup+0xbd3/0x1400 [ 71.599979][ T4429] ? ext4_orphan_del+0xb90/0xb90 [ 71.604899][ T4429] ? errseq_check_and_advance+0x62/0x120 [ 71.610516][ T4429] ext4_fill_super+0x7bdf/0x8150 [ 71.615434][ T4429] ? bdev_name+0x2c1/0x3f0 [ 71.619844][ T4429] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 71.626069][ T4429] ? snprintf+0xd7/0x120 [ 71.630295][ T4429] ? preempt_count_add+0x8d/0x190 [ 71.635302][ T4429] ? vscnprintf+0x80/0x80 [ 71.639614][ T4429] ? set_blocksize+0x1d3/0x350 [ 71.644360][ T4429] ? sb_set_blocksize+0xa5/0xe0 [ 71.649193][ T4429] get_tree_bdev+0x3f1/0x610 [ 71.653763][ T4429] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 71.659983][ T4429] vfs_get_tree+0x88/0x270 [ 71.664379][ T4429] do_new_mount+0x24a/0xa40 [ 71.668863][ T4429] __se_sys_mount+0x2d6/0x3c0 [ 71.673522][ T4429] ? __x64_sys_mount+0xc0/0xc0 [ 71.678267][ T4429] ? lockdep_hardirqs_on+0x94/0x140 [ 71.683450][ T4429] ? __x64_sys_mount+0x1c/0xc0 [ 71.688201][ T4429] do_syscall_64+0x4c/0xa0 [ 71.692599][ T4429] ? clear_bhb_loop+0x60/0xb0 [ 71.697265][ T4429] ? clear_bhb_loop+0x60/0xb0 [ 71.701921][ T4429] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 71.707794][ T4429] RIP: 0033:0x7f8876b90eea [ 71.712203][ T4429] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 71.731795][ T4429] RSP: 002b:00007fff4f6d2fe8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 71.740188][ T4429] RAX: ffffffffffffffda RBX: 00007fff4f6d3070 RCX: 00007f8876b90eea [ 71.748141][ T4429] RDX: 0000200000000180 RSI: 0000200000000080 RDI: 00007fff4f6d3030 [ 71.756092][ T4429] RBP: 0000200000000180 R08: 00007fff4f6d3070 R09: 0000000000800700 [ 71.764045][ T4429] R10: 0000000000800700 R11: 0000000000000246 R12: 0000200000000080 [ 71.771996][ T4429] R13: 00007fff4f6d3030 R14: 000000000000046f R15: 00002000000007c0 [ 71.779954][ T4429] [ 71.785992][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.792307][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.802285][ T4429] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 71.816111][ T4429] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 11 err=-117 [ 71.830329][ T4429] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2819: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 71.843402][ T4429] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 71.857051][ T4429] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 11 err=-117 [ 71.869640][ T4429] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #18: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 71.883520][ T4429] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 18 err=-117 [ 71.895956][ T4429] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #18: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 71.909577][ T4429] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 18 err=-117 [ 71.922417][ T4429] EXT4-fs (loop0): 1 orphan inode deleted [ 71.928138][ T4429] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 71.956839][ T4370] EXT4-fs (loop0): unmounting filesystem.