Warning: Permanently added '10.128.0.66' (ED25519) to the list of known hosts. 1970/01/01 00:00:39 parsed 1 programs [ 41.103715][ T4330] cgroup: Unknown subsys name 'net' [ 41.353853][ T4330] cgroup: Unknown subsys name 'rlimit' [ 41.618528][ T4330] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 50.493273][ T4363] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 50.494884][ T4365] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 50.496189][ T4365] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 50.497640][ T4365] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 50.498979][ T4365] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 50.500253][ T4365] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 50.988154][ T4378] chnl_net:caif_netlink_parms(): no params data found [ 51.006162][ T4378] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.007298][ T4378] bridge0: port 1(bridge_slave_0) entered disabled state [ 51.008952][ T4378] device bridge_slave_0 entered promiscuous mode [ 51.012611][ T4378] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.013779][ T4378] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.015235][ T4378] device bridge_slave_1 entered promiscuous mode [ 51.022956][ T4378] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 51.025406][ T4378] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 51.034200][ T4378] team0: Port device team_slave_0 added [ 51.036048][ T4378] team0: Port device team_slave_1 added [ 51.042185][ T4378] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 51.043260][ T4378] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.047197][ T4378] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 51.049838][ T4378] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 51.050849][ T4378] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.055809][ T4378] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 51.092664][ T4378] device hsr_slave_0 entered promiscuous mode [ 51.141096][ T4378] device hsr_slave_1 entered promiscuous mode [ 51.222135][ T4378] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 51.290686][ T4378] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 51.340481][ T4378] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 51.372804][ T4378] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 51.434448][ T4378] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.435615][ T4378] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.437075][ T4378] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.438226][ T4378] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.455212][ T4378] 8021q: adding VLAN 0 to HW filter on device bond0 [ 51.459113][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 51.462338][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 51.463913][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.465784][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 51.478978][ T4378] 8021q: adding VLAN 0 to HW filter on device team0 [ 51.483182][ T253] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 51.484793][ T253] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.485933][ T253] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.488843][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 51.490639][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.491892][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.498083][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 51.499686][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 51.513486][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 51.516376][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 51.519056][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 51.523103][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 51.575733][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 51.577102][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 51.580219][ T4378] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 51.586261][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 51.592745][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 51.594529][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 51.596062][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 51.598407][ T4378] device veth0_vlan entered promiscuous mode [ 51.601773][ T4378] device veth1_vlan entered promiscuous mode [ 51.608111][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 51.609595][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 51.611539][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 51.620892][ T4378] device veth0_macvtap entered promiscuous mode [ 51.624011][ T4378] device veth1_macvtap entered promiscuous mode [ 51.629020][ T4378] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 51.630284][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 51.632578][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 51.635499][ T4378] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 51.636763][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 51.639220][ T4378] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.640582][ T4378] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.643048][ T4378] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.644515][ T4378] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.098073][ T118] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 52.099366][ T118] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 52.101914][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 52.111766][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 52.113030][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 52.114779][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 52.443166][ T1654] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 1970/01/01 00:00:52 executed programs: 0 [ 52.875157][ T47] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 52.876677][ T47] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 52.877966][ T47] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 52.879481][ T47] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 52.880817][ T47] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 52.882508][ T47] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 52.928968][ T4442] chnl_net:caif_netlink_parms(): no params data found [ 52.944403][ T4442] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.945548][ T4442] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.947012][ T4442] device bridge_slave_0 entered promiscuous mode [ 52.949252][ T4442] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.950489][ T4442] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.952845][ T4442] device bridge_slave_1 entered promiscuous mode [ 52.960149][ T4442] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 52.963123][ T4442] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 52.970201][ T4442] team0: Port device team_slave_0 added [ 52.972546][ T4442] team0: Port device team_slave_1 added [ 52.982129][ T4442] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 52.983215][ T4442] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 52.987300][ T4442] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 52.989662][ T4442] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 52.990821][ T4442] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 52.995011][ T4442] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.041850][ T4442] device hsr_slave_0 entered promiscuous mode [ 53.081120][ T4442] device hsr_slave_1 entered promiscuous mode [ 53.131292][ T4442] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 53.132637][ T4442] Cannot create hsr debugfs directory [ 54.891106][ T47] Bluetooth: hci0: command 0x0409 tx timeout [ 55.032161][ T1654] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 56.971496][ T47] Bluetooth: hci0: command 0x041b tx timeout [ 57.332001][ T1654] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 57.413618][ T1654] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.535602][ T4442] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 58.623142][ T4442] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 58.722956][ T4442] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 58.763190][ T4442] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 58.854762][ T4442] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.858185][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 58.859624][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.863358][ T4442] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.865659][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 58.867282][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 58.868764][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.869938][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.872556][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 58.876205][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 58.877698][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 58.879102][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.880178][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.883755][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 58.886220][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 58.888768][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 58.890824][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 58.892876][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 58.895452][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 58.897459][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 58.899902][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 58.903458][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 58.906163][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 58.907716][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.910002][ T4442] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 59.050925][ T47] Bluetooth: hci0: command 0x040f tx timeout [ 59.336077][ T253] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 59.337483][ T253] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 59.340240][ T4442] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.346847][ T253] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 59.348470][ T253] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 59.354117][ T253] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 59.355604][ T253] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 59.357156][ T253] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 59.358507][ T253] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 59.360577][ T4442] device veth0_vlan entered promiscuous mode [ 59.363835][ T4442] device veth1_vlan entered promiscuous mode [ 59.370381][ T253] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 59.372673][ T253] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 59.374089][ T253] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 59.375678][ T253] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 59.377943][ T4442] device veth0_macvtap entered promiscuous mode [ 59.380077][ T4442] device veth1_macvtap entered promiscuous mode [ 59.685651][ T4442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.687219][ T4442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.689201][ T4442] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.690441][ T118] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 59.692303][ T118] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 59.693811][ T118] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 59.695270][ T118] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 59.698867][ T4442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.700680][ T4442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.703695][ T4442] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.705279][ T253] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 59.706840][ T253] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 59.709500][ T4442] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.710987][ T4442] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.712332][ T4442] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.713762][ T4442] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.786285][ T1654] device hsr_slave_0 left promiscuous mode [ 59.831241][ T1654] device hsr_slave_1 left promiscuous mode [ 59.911393][ T1654] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 59.912638][ T1654] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 59.914376][ T1654] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 59.915602][ T1654] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 59.916962][ T1654] device bridge_slave_1 left promiscuous mode [ 59.918395][ T1654] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.951823][ T1654] device bridge_slave_0 left promiscuous mode [ 59.952925][ T1654] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.101163][ T1654] device veth1_macvtap left promiscuous mode [ 60.102219][ T1654] device veth0_macvtap left promiscuous mode [ 60.103103][ T1654] device veth1_vlan left promiscuous mode [ 60.104074][ T1654] device veth0_vlan left promiscuous mode [ 61.130925][ T47] Bluetooth: hci0: command 0x0419 tx timeout [ 61.933058][ T1654] team0 (unregistering): Port device team_slave_1 removed [ 62.091938][ T1654] team0 (unregistering): Port device team_slave_0 removed [ 62.262068][ T1654] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 62.471328][ T1654] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 64.493211][ T3432] cfg80211: failed to load regulatory.db [ 64.501842][ T2061] ieee802154 phy0 wpan0: encryption failed: -22 [ 64.502915][ T2061] ieee802154 phy1 wpan1: encryption failed: -22 [ 64.911880][ T1654] bond0 (unregistering): Released all slaves [ 65.151984][ T39] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.153479][ T39] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.158470][ T4506] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 65.162792][ T4506] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.164083][ T4506] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.165930][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 65.222323][ T4509] loop0: detected capacity change from 0 to 512 [ 65.234845][ T4509] [ 65.235332][ T4509] ====================================================== [ 65.236399][ T4509] WARNING: possible circular locking dependency detected [ 65.237575][ T4509] syzkaller #0 Not tainted [ 65.238298][ T4509] ------------------------------------------------------ [ 65.239552][ T4509] syz.0.17/4509 is trying to acquire lock: [ 65.240502][ T4509] ffff0000df25cb98 (&sbi->s_writepages_rwsem){.+.+}-{0:0}, at: ext4_writepages+0x188/0x284c [ 65.242250][ T4509] [ 65.242250][ T4509] but task is already holding lock: [ 65.243414][ T4509] ffff0000e9c34700 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x37c/0x790 [ 65.245014][ T4509] [ 65.245014][ T4509] which lock already depends on the new lock. [ 65.245014][ T4509] [ 65.246654][ T4509] [ 65.246654][ T4509] the existing dependency chain (in reverse order) is: [ 65.248016][ T4509] [ 65.248016][ T4509] -> #2 (&ei->xattr_sem){++++}-{3:3}: [ 65.249162][ T4509] down_read+0x64/0x304 [ 65.249867][ T4509] ext4_setattr+0x7c4/0x150c [ 65.250729][ T4509] notify_change+0xb0c/0xdcc [ 65.251626][ T4509] chown_common+0x414/0x574 [ 65.252451][ T4509] do_fchownat+0x158/0x268 [ 65.253216][ T4509] __arm64_sys_fchownat+0xb8/0xd4 [ 65.254198][ T4509] invoke_syscall+0x98/0x2bc [ 65.255010][ T4509] el0_svc_common+0x138/0x258 [ 65.255884][ T4509] do_el0_svc+0x58/0x13c [ 65.256662][ T4509] el0_svc+0x58/0x138 [ 65.257418][ T4509] el0t_64_sync_handler+0x84/0xf0 [ 65.258294][ T4509] el0t_64_sync+0x18c/0x190 [ 65.259121][ T4509] [ 65.259121][ T4509] -> #1 (jbd2_handle){++++}-{0:0}: [ 65.260281][ T4509] start_this_handle+0xfe0/0x122c [ 65.261116][ T4509] jbd2__journal_start+0x288/0x51c [ 65.262004][ T4509] __ext4_journal_start_sb+0x2fc/0x674 [ 65.262868][ T4509] ext4_writepages+0xa28/0x284c [ 65.263808][ T4509] do_writepages+0x2c0/0x4fc [ 65.264677][ T4509] __writeback_single_inode+0x164/0x157c [ 65.265687][ T4509] writeback_sb_inodes+0x824/0x1404 [ 65.266599][ T4509] __writeback_inodes_wb+0x110/0x394 [ 65.267540][ T4509] wb_writeback+0x414/0xfb0 [ 65.268395][ T4509] wb_workfn+0xac0/0xd98 [ 65.269202][ T4509] process_one_work+0x7f4/0x13a8 [ 65.270065][ T4509] worker_thread+0x8c8/0xfbc [ 65.270826][ T4509] kthread+0x250/0x2d8 [ 65.271537][ T4509] ret_from_fork+0x10/0x20 [ 65.272332][ T4509] [ 65.272332][ T4509] -> #0 (&sbi->s_writepages_rwsem){.+.+}-{0:0}: [ 65.273711][ T4509] __lock_acquire+0x293c/0x6544 [ 65.274585][ T4509] lock_acquire+0x20c/0x644 [ 65.275406][ T4509] percpu_down_read+0x70/0x2a8 [ 65.276256][ T4509] ext4_writepages+0x188/0x284c [ 65.277078][ T4509] do_writepages+0x2c0/0x4fc [ 65.277873][ T4509] __writeback_single_inode+0x164/0x157c [ 65.278946][ T4509] writeback_single_inode+0x1c0/0x720 [ 65.279867][ T4509] write_inode_now+0x144/0x1b0 [ 65.280682][ T4509] iput+0x5cc/0x7f4 [ 65.281308][ T4509] ext4_xattr_block_set+0x17a4/0x2810 [ 65.282309][ T4509] ext4_expand_extra_isize_ea+0xcb8/0x15cc [ 65.283380][ T4509] __ext4_expand_extra_isize+0x298/0x358 [ 65.284337][ T4509] __ext4_mark_inode_dirty+0x3e4/0x790 [ 65.285343][ T4509] ext4_evict_inode+0xb58/0x1270 [ 65.286206][ T4509] evict+0x3c8/0x810 [ 65.286984][ T4509] iput+0x764/0x7f4 [ 65.287738][ T4509] ext4_process_orphan+0x240/0x2b4 [ 65.288720][ T4509] ext4_orphan_cleanup+0x908/0x104c [ 65.289743][ T4509] ext4_fill_super+0x6920/0x6e34 [ 65.290624][ T4509] get_tree_bdev+0x358/0x544 [ 65.291775][ T4509] ext4_get_tree+0x28/0x38 [ 65.292556][ T4509] vfs_get_tree+0x90/0x274 [ 65.293303][ T4509] do_new_mount+0x228/0x810 [ 65.294120][ T4509] path_mount+0x5b4/0xe78 [ 65.294932][ T4509] __arm64_sys_mount+0x49c/0x584 [ 65.295741][ T4509] invoke_syscall+0x98/0x2bc [ 65.296542][ T4509] el0_svc_common+0x138/0x258 [ 65.297347][ T4509] do_el0_svc+0x58/0x13c [ 65.298045][ T4509] el0_svc+0x58/0x138 [ 65.298770][ T4509] el0t_64_sync_handler+0x84/0xf0 [ 65.299710][ T4509] el0t_64_sync+0x18c/0x190 [ 65.300448][ T4509] [ 65.300448][ T4509] other info that might help us debug this: [ 65.300448][ T4509] [ 65.302140][ T4509] Chain exists of: [ 65.302140][ T4509] &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem [ 65.302140][ T4509] [ 65.304362][ T4509] Possible unsafe locking scenario: [ 65.304362][ T4509] [ 65.305576][ T4509] CPU0 CPU1 [ 65.306479][ T4509] ---- ---- [ 65.307365][ T4509] lock(&ei->xattr_sem); [ 65.308067][ T4509] lock(jbd2_handle); [ 65.309166][ T4509] lock(&ei->xattr_sem); [ 65.310345][ T4509] lock(&sbi->s_writepages_rwsem); [ 65.311239][ T4509] [ 65.311239][ T4509] *** DEADLOCK *** [ 65.311239][ T4509] [ 65.312558][ T4509] 3 locks held by syz.0.17/4509: [ 65.313370][ T4509] #0: ffff0000df25a0e0 (&type->s_umount_key#26/1){+.+.}-{3:3}, at: alloc_super+0x1a4/0x804 [ 65.315057][ T4509] #1: ffff0000df25a650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x3dc/0x1270 [ 65.316624][ T4509] #2: ffff0000e9c34700 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x37c/0x790 [ 65.318290][ T4509] [ 65.318290][ T4509] stack backtrace: [ 65.319261][ T4509] CPU: 1 PID: 4509 Comm: syz.0.17 Not tainted syzkaller #0 [ 65.320456][ T4509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 65.322110][ T4509] Call trace: [ 65.322690][ T4509] dump_backtrace+0x1c8/0x1f4 [ 65.323454][ T4509] show_stack+0x2c/0x3c [ 65.324155][ T4509] __dump_stack+0x30/0x40 [ 65.324926][ T4509] dump_stack_lvl+0xf8/0x160 [ 65.325649][ T4509] dump_stack+0x1c/0x5c [ 65.326353][ T4509] print_circular_bug+0x148/0x1b0 [ 65.327246][ T4509] check_noncircular+0x240/0x2d4 [ 65.328051][ T4509] __lock_acquire+0x293c/0x6544 [ 65.328850][ T4509] lock_acquire+0x20c/0x644 [ 65.329560][ T4509] percpu_down_read+0x70/0x2a8 [ 65.330352][ T4509] ext4_writepages+0x188/0x284c [ 65.331129][ T4509] do_writepages+0x2c0/0x4fc [ 65.331884][ T4509] __writeback_single_inode+0x164/0x157c [ 65.332832][ T4509] writeback_single_inode+0x1c0/0x720 [ 65.333708][ T4509] write_inode_now+0x144/0x1b0 [ 65.334483][ T4509] iput+0x5cc/0x7f4 [ 65.335061][ T4509] ext4_xattr_block_set+0x17a4/0x2810 [ 65.335990][ T4509] ext4_expand_extra_isize_ea+0xcb8/0x15cc [ 65.336950][ T4509] __ext4_expand_extra_isize+0x298/0x358 [ 65.337839][ T4509] __ext4_mark_inode_dirty+0x3e4/0x790 [ 65.338633][ T4509] ext4_evict_inode+0xb58/0x1270 [ 65.339394][ T4509] evict+0x3c8/0x810 [ 65.339982][ T4509] iput+0x764/0x7f4 [ 65.340606][ T4509] ext4_process_orphan+0x240/0x2b4 [ 65.341453][ T4509] ext4_orphan_cleanup+0x908/0x104c [ 65.342303][ T4509] ext4_fill_super+0x6920/0x6e34 [ 65.343121][ T4509] get_tree_bdev+0x358/0x544 [ 65.343893][ T4509] ext4_get_tree+0x28/0x38 [ 65.344595][ T4509] vfs_get_tree+0x90/0x274 [ 65.345338][ T4509] do_new_mount+0x228/0x810 [ 65.346122][ T4509] path_mount+0x5b4/0xe78 [ 65.346794][ T4509] __arm64_sys_mount+0x49c/0x584 [ 65.347569][ T4509] invoke_syscall+0x98/0x2bc [ 65.348282][ T4509] el0_svc_common+0x138/0x258 [ 65.348971][ T4509] do_el0_svc+0x58/0x13c [ 65.349637][ T4509] el0_svc+0x58/0x138 [ 65.350214][ T4509] el0t_64_sync_handler+0x84/0xf0 [ 65.351095][ T4509] el0t_64_sync+0x18c/0x190 [ 65.352857][ T4509] ------------[ cut here ]------------ [ 65.353692][ T4509] EA inode 11 i_nlink=2 [ 65.353771][ T4509] WARNING: CPU: 1 PID: 4509 at fs/ext4/xattr.c:1022 ext4_xattr_inode_update_ref+0x42c/0x470 [ 65.355876][ T4509] Modules linked in: [ 65.356447][ T4509] CPU: 1 PID: 4509 Comm: syz.0.17 Not tainted syzkaller #0 [ 65.357518][ T4509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 65.358890][ T4509] pstate: 62400005 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 65.360106][ T4509] pc : ext4_xattr_inode_update_ref+0x42c/0x470 [ 65.361052][ T4509] lr : ext4_xattr_inode_update_ref+0x42c/0x470 [ 65.361946][ T4509] sp : ffff800021e66e60 [ 65.362572][ T4509] x29: ffff800021e66f00 x28: 0000000000000000 x27: dfff800000000000 [ 65.363888][ T4509] x26: 1fffe0001d386d1f x25: ffff7000043ccdd0 x24: 0000000000000000 [ 65.365139][ T4509] x23: ffff800017a8a000 x22: ffff0000e9c36740 x21: 0000000000000002 [ 65.366447][ T4509] x20: 0000000000000001 x19: ffff0000e9c36700 x18: ffff800011abbcc0 [ 65.367808][ T4509] x17: 0000000000000000 x16: ffff800008042d90 x15: 0000000000000000 [ 65.369251][ T4509] x14: 00000000ffffffff x13: 0000000000000001 x12: 0000000000ff0100 [ 65.370528][ T4509] x11: ff00800008191ca8 x10: 0000000000000000 x9 : 168766bf02455900 [ 65.371869][ T4509] x8 : 168766bf02455900 x7 : 0000000000000001 x6 : 0000000000000001 [ 65.373197][ T4509] x5 : ffff800021e668f8 x4 : ffff8000151a4920 x3 : ffff800008311fd8 [ 65.374468][ T4509] x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000 [ 65.375732][ T4509] Call trace: [ 65.376246][ T4509] ext4_xattr_inode_update_ref+0x42c/0x470 [ 65.377127][ T4509] ext4_xattr_set_entry+0x918/0x15ac [ 65.377958][ T4509] ext4_xattr_ibody_set+0x204/0x600 [ 65.378787][ T4509] ext4_expand_extra_isize_ea+0xd00/0x15cc [ 65.379747][ T4509] __ext4_expand_extra_isize+0x298/0x358 [ 65.380714][ T4509] __ext4_mark_inode_dirty+0x3e4/0x790 [ 65.381595][ T4509] ext4_evict_inode+0xb58/0x1270 [ 65.382487][ T4509] evict+0x3c8/0x810 [ 65.383344][ T4509] iput+0x764/0x7f4 [ 65.383967][ T4509] ext4_process_orphan+0x240/0x2b4 [ 65.384773][ T4509] ext4_orphan_cleanup+0x908/0x104c [ 65.385609][ T4509] ext4_fill_super+0x6920/0x6e34 [ 65.386424][ T4509] get_tree_bdev+0x358/0x544 [ 65.387205][ T4509] ext4_get_tree+0x28/0x38 [ 65.387983][ T4509] vfs_get_tree+0x90/0x274 [ 65.388763][ T4509] do_new_mount+0x228/0x810 [ 65.389510][ T4509] path_mount+0x5b4/0xe78 [ 65.390246][ T4509] __arm64_sys_mount+0x49c/0x584 [ 65.391042][ T4509] invoke_syscall+0x98/0x2bc [ 65.391880][ T4509] el0_svc_common+0x138/0x258 [ 65.392645][ T4509] do_el0_svc+0x58/0x13c [ 65.393353][ T4509] el0_svc+0x58/0x138 [ 65.393951][ T4509] el0t_64_sync_handler+0x84/0xf0 [ 65.394706][ T4509] el0t_64_sync+0x18c/0x190 [ 65.395389][ T4509] irq event stamp: 4149 [ 65.395992][ T4509] hardirqs last enabled at (4149): [] _raw_spin_unlock_irqrestore+0x48/0xac [ 65.397639][ T4509] hardirqs last disabled at (4148): [] _raw_spin_lock_irqsave+0xa4/0xb4 [ 65.399052][ T4509] softirqs last enabled at (2014): [] handle_softirqs+0xaf8/0xc6c [ 65.400696][ T4509] softirqs last disabled at (2007): [] __do_softirq+0x14/0x20 [ 65.402174][ T4509] ---[ end trace 0000000000000000 ]--- [ 65.404233][ T4509] EXT4-fs (loop0): 1 orphan inode deleted [ 65.405144][ T4509] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 65.409802][ T4442] EXT4-fs (loop0): unmounting filesystem.