Warning: Permanently added '10.128.0.209' (ED25519) to the list of known hosts. 2026/01/01 01:12:54 parsed 1 programs [ 58.924761][ T4188] cgroup: Unknown subsys name 'net' [ 59.032871][ T4188] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 60.536151][ T4188] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 62.563035][ T4214] chnl_net:caif_netlink_parms(): no params data found [ 62.627679][ T4214] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.635349][ T4214] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.643744][ T4214] device bridge_slave_0 entered promiscuous mode [ 62.653657][ T4214] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.660872][ T4214] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.669256][ T4214] device bridge_slave_1 entered promiscuous mode [ 62.698368][ T4214] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.710751][ T4214] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.741927][ T4214] team0: Port device team_slave_0 added [ 62.751302][ T4214] team0: Port device team_slave_1 added [ 62.776164][ T4214] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 62.784675][ T4214] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.812145][ T4214] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 62.825519][ T4214] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 62.834019][ T4214] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.861509][ T4214] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 62.904621][ T4214] device hsr_slave_0 entered promiscuous mode [ 62.911587][ T4214] device hsr_slave_1 entered promiscuous mode [ 63.052596][ T4214] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 63.066048][ T4214] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 63.078367][ T4214] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 63.088715][ T4214] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 63.121053][ T4214] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.128384][ T4214] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.136187][ T4214] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.143360][ T4214] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.211361][ T4214] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.226260][ T1485] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 63.238663][ T1485] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.247010][ T1485] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.256220][ T1485] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 63.271027][ T4214] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.283599][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 63.293182][ T155] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.300324][ T155] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.318570][ T1485] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 63.327837][ T1485] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.334917][ T1485] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.355470][ T1485] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 63.375215][ T1485] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 63.384506][ T1485] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 63.394048][ T1485] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 63.410397][ T4214] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 63.421596][ T4214] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 63.433885][ T1485] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 63.563840][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 63.574537][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 63.590509][ T4214] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.617914][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 63.626549][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 63.643581][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 63.653519][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 63.663305][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 63.671400][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 63.681682][ T4214] device veth0_vlan entered promiscuous mode [ 63.722466][ T4214] device veth1_vlan entered promiscuous mode [ 63.762015][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 63.770134][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 63.779021][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 63.788224][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 63.799904][ T4214] device veth0_macvtap entered promiscuous mode [ 63.808865][ T4214] device veth1_macvtap entered promiscuous mode [ 63.823039][ T4214] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 63.831783][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 63.840002][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 63.848848][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 63.857991][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 63.876970][ T4214] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 63.884428][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 63.892992][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 63.904669][ T4214] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.914372][ T4214] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.923171][ T4214] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.933139][ T4214] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.022609][ T4214] syz-executor (4214) used greatest stack depth: 20288 bytes left [ 64.619599][ T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.639609][ T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.666663][ T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.675037][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 64.685813][ T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.695155][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 66.051309][ T144] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 2026/01/01 01:13:03 executed programs: 0 [ 66.238473][ T4282] chnl_net:caif_netlink_parms(): no params data found [ 66.275909][ T4282] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.283103][ T4282] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.291269][ T4282] device bridge_slave_0 entered promiscuous mode [ 66.299389][ T4282] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.306738][ T4282] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.315558][ T4282] device bridge_slave_1 entered promiscuous mode [ 66.336008][ T4282] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.347264][ T4282] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 66.369448][ T4282] team0: Port device team_slave_0 added [ 66.376590][ T4282] team0: Port device team_slave_1 added [ 66.394708][ T4282] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 66.401770][ T4282] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.428172][ T4282] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 66.440697][ T4282] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 66.447693][ T4282] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.474071][ T4282] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 66.503406][ T4282] device hsr_slave_0 entered promiscuous mode [ 66.510284][ T4282] device hsr_slave_1 entered promiscuous mode [ 66.520318][ T4282] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 66.528813][ T4282] Cannot create hsr debugfs directory [ 68.168222][ T1108] Bluetooth: hci0: command 0x0409 tx timeout [ 69.335262][ T144] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.373711][ T144] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.415611][ T144] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.214359][ T4282] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 70.224726][ T4282] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 70.237670][ T4282] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 70.247409][ T4315] Bluetooth: hci0: command 0x041b tx timeout [ 70.255320][ T4282] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 70.343689][ T4282] 8021q: adding VLAN 0 to HW filter on device bond0 [ 70.361876][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 70.369964][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 70.381339][ T4282] 8021q: adding VLAN 0 to HW filter on device team0 [ 70.415973][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 70.424640][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 70.433461][ T155] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.440671][ T155] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.449985][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 70.464299][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 70.473060][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 70.481817][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.488976][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.529947][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 70.539079][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 70.548815][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 70.561398][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 70.570488][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 70.579681][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 70.588240][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 70.596951][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 70.605330][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 70.614514][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 70.623126][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 70.632659][ T4282] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 70.757954][ T1485] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 70.765422][ T1485] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 70.778574][ T4282] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.802436][ T1485] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 70.811791][ T1485] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 70.844058][ T1485] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 70.853028][ T1485] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 70.862262][ T1485] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 70.871598][ T1485] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 70.881586][ T4282] device veth0_vlan entered promiscuous mode [ 70.894777][ T4282] device veth1_vlan entered promiscuous mode [ 70.935782][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 70.945424][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 70.954235][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 70.963616][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 70.975285][ T4282] device veth0_macvtap entered promiscuous mode [ 71.006975][ T4282] device veth1_macvtap entered promiscuous mode [ 71.021973][ T4282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.032797][ T4282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.043776][ T4282] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 71.052058][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 71.061865][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 71.070351][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 71.080641][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 71.091250][ T4282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.102284][ T4282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.113770][ T4282] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 71.121789][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 71.130831][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 71.142260][ T4282] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.151730][ T4282] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.160559][ T4282] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.169331][ T4282] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.252005][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.268868][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.281628][ T155] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.282197][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 71.293596][ T155] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.308676][ T4346] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 71.360033][ T4347] loop0: detected capacity change from 0 to 512 [ 71.369743][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.376372][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.402558][ T4347] [ 71.404912][ T4347] ====================================================== [ 71.412040][ T4347] WARNING: possible circular locking dependency detected [ 71.419073][ T4347] syzkaller #0 Not tainted [ 71.423478][ T4347] ------------------------------------------------------ [ 71.430479][ T4347] syz.0.17/4347 is trying to acquire lock: [ 71.436271][ T4347] ffff8880736aebd8 (&sbi->s_writepages_rwsem){.+.+}-{0:0}, at: ext4_writepages+0x1c0/0x2d20 [ 71.446358][ T4347] [ 71.446358][ T4347] but task is already holding lock: [ 71.453711][ T4347] ffff88806950c690 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3e8/0x700 [ 71.463525][ T4347] [ 71.463525][ T4347] which lock already depends on the new lock. [ 71.463525][ T4347] [ 71.473917][ T4347] [ 71.473917][ T4347] the existing dependency chain (in reverse order) is: [ 71.482914][ T4347] [ 71.482914][ T4347] -> #2 (&ei->xattr_sem){++++}-{3:3}: [ 71.490453][ T4347] down_read+0x44/0x2e0 [ 71.495121][ T4347] ext4_setattr+0x71d/0x19e0 [ 71.500217][ T4347] notify_change+0xbcd/0xee0 [ 71.505310][ T4347] chown_common+0x483/0x610 [ 71.510317][ T4347] do_fchownat+0x164/0x270 [ 71.515241][ T4347] __x64_sys_chown+0x7e/0x90 [ 71.520334][ T4347] do_syscall_64+0x4c/0xa0 [ 71.525259][ T4347] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 71.531656][ T4347] [ 71.531656][ T4347] -> #1 (jbd2_handle){++++}-{0:0}: [ 71.539037][ T4347] start_this_handle+0x1338/0x15a0 [ 71.544661][ T4347] jbd2__journal_start+0x2b7/0x5a0 [ 71.550277][ T4347] __ext4_journal_start_sb+0x167/0x360 [ 71.556245][ T4347] ext4_writepages+0xdc2/0x2d20 [ 71.561603][ T4347] do_writepages+0x48d/0x6d0 [ 71.566703][ T4347] filemap_fdatawrite_wbc+0x1eb/0x240 [ 71.572582][ T4347] file_write_and_wait_range+0x129/0x1e0 [ 71.578720][ T4347] ext4_sync_file+0x1ff/0xae0 [ 71.583908][ T4347] __x64_sys_fsync+0x1a5/0x1e0 [ 71.589440][ T4347] do_syscall_64+0x4c/0xa0 [ 71.594364][ T4347] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 71.600765][ T4347] [ 71.600765][ T4347] -> #0 (&sbi->s_writepages_rwsem){.+.+}-{0:0}: [ 71.609183][ T4347] __lock_acquire+0x2c33/0x7c60 [ 71.614549][ T4347] lock_acquire+0x197/0x3f0 [ 71.619646][ T4347] percpu_down_read+0x46/0x1b0 [ 71.624913][ T4347] ext4_writepages+0x1c0/0x2d20 [ 71.630293][ T4347] do_writepages+0x48d/0x6d0 [ 71.635409][ T4347] __writeback_single_inode+0x153/0xda0 [ 71.641545][ T4347] writeback_single_inode+0x221/0x8b0 [ 71.647434][ T4347] write_inode_now+0x217/0x280 [ 71.652716][ T4347] iput+0x5ab/0x8a0 [ 71.657033][ T4347] ext4_xattr_set_entry+0x10ff/0x3d30 [ 71.662918][ T4347] ext4_xattr_block_set+0x4f7/0x2d30 [ 71.668711][ T4347] ext4_expand_extra_isize_ea+0xf4b/0x19a0 [ 71.675028][ T4347] __ext4_expand_extra_isize+0x301/0x3e0 [ 71.681167][ T4347] __ext4_mark_inode_dirty+0x469/0x700 [ 71.687138][ T4347] ext4_evict_inode+0xa81/0x1080 [ 71.692607][ T4347] evict+0x485/0x870 [ 71.697020][ T4347] ext4_orphan_cleanup+0xaa9/0x12e0 [ 71.702739][ T4347] ext4_fill_super+0x92f0/0x9a60 [ 71.708218][ T4347] mount_bdev+0x287/0x3c0 [ 71.713063][ T4347] legacy_get_tree+0xe6/0x180 [ 71.718364][ T4347] vfs_get_tree+0x88/0x270 [ 71.723290][ T4347] do_new_mount+0x24a/0xa40 [ 71.728318][ T4347] __se_sys_mount+0x2d6/0x3c0 [ 71.733503][ T4347] do_syscall_64+0x4c/0xa0 [ 71.738438][ T4347] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 71.744854][ T4347] [ 71.744854][ T4347] other info that might help us debug this: [ 71.744854][ T4347] [ 71.755129][ T4347] Chain exists of: [ 71.755129][ T4347] &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem [ 71.755129][ T4347] [ 71.768492][ T4347] Possible unsafe locking scenario: [ 71.768492][ T4347] [ 71.775929][ T4347] CPU0 CPU1 [ 71.781278][ T4347] ---- ---- [ 71.786630][ T4347] lock(&ei->xattr_sem); [ 71.790946][ T4347] lock(jbd2_handle); [ 71.797520][ T4347] lock(&ei->xattr_sem); [ 71.804537][ T4347] lock(&sbi->s_writepages_rwsem); [ 71.809772][ T4347] [ 71.809772][ T4347] *** DEADLOCK *** [ 71.809772][ T4347] [ 71.817911][ T4347] 3 locks held by syz.0.17/4347: [ 71.822834][ T4347] #0: ffff8880736b40e0 (&type->s_umount_key#28/1){+.+.}-{3:3}, at: alloc_super+0x201/0x950 [ 71.832932][ T4347] #1: ffff8880736b4650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x444/0x1080 [ 71.842489][ T4347] #2: ffff88806950c690 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3e8/0x700 [ 71.852760][ T4347] [ 71.852760][ T4347] stack backtrace: [ 71.858864][ T4347] CPU: 1 PID: 4347 Comm: syz.0.17 Not tainted syzkaller #0 [ 71.866050][ T4347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 71.876092][ T4347] Call Trace: [ 71.879376][ T4347] [ 71.882297][ T4347] dump_stack_lvl+0x168/0x230 [ 71.886964][ T4347] ? load_image+0x3b0/0x3b0 [ 71.891460][ T4347] ? show_regs_print_info+0x20/0x20 [ 71.896647][ T4347] ? print_circular_bug+0x12b/0x1a0 [ 71.901864][ T4347] check_noncircular+0x274/0x310 [ 71.906806][ T4347] ? add_chain_block+0x940/0x940 [ 71.911731][ T4347] ? lockdep_lock+0xdc/0x1e0 [ 71.916312][ T4347] ? lockdep_unlock+0x134/0x2d0 [ 71.921244][ T4347] ? mark_lock+0x94/0x320 [ 71.925574][ T4347] __lock_acquire+0x2c33/0x7c60 [ 71.930420][ T4347] ? verify_lock_unused+0x140/0x140 [ 71.935605][ T4347] ? verify_lock_unused+0x140/0x140 [ 71.940796][ T4347] lock_acquire+0x197/0x3f0 [ 71.945288][ T4347] ? ext4_writepages+0x1c0/0x2d20 [ 71.950303][ T4347] ? check_path+0x40/0x40 [ 71.954641][ T4347] ? __might_sleep+0xf0/0xf0 [ 71.959231][ T4347] ? read_lock_is_recursive+0x10/0x10 [ 71.964605][ T4347] ? mark_lock+0x94/0x320 [ 71.968936][ T4347] ? __lock_acquire+0x13ad/0x7c60 [ 71.973951][ T4347] percpu_down_read+0x46/0x1b0 [ 71.978730][ T4347] ? ext4_writepages+0x1c0/0x2d20 [ 71.983743][ T4347] ext4_writepages+0x1c0/0x2d20 [ 71.988682][ T4347] ? rcu_is_watching+0x11/0xa0 [ 71.993474][ T4347] ? lock_release+0xba/0x870 [ 71.998051][ T4347] ? rcu_lock_release+0x5/0x20 [ 72.002798][ T4347] ? mark_lock+0x94/0x320 [ 72.007114][ T4347] ? verify_lock_unused+0x140/0x140 [ 72.012419][ T4347] ? mark_lock+0x94/0x320 [ 72.016759][ T4347] ? ext4_readpage+0x2e0/0x2e0 [ 72.021517][ T4347] ? __lock_acquire+0x13ad/0x7c60 [ 72.026535][ T4347] ? rcu_lock_release+0x5/0x20 [ 72.031292][ T4347] ? __lock_acquire+0x7c60/0x7c60 [ 72.036303][ T4347] ? do_raw_spin_lock+0x11d/0x280 [ 72.041319][ T4347] ? _raw_spin_lock_irqsave+0x7f/0xf0 [ 72.046692][ T4347] ? do_raw_spin_unlock+0x11d/0x230 [ 72.051906][ T4347] ? ext4_readpage+0x2e0/0x2e0 [ 72.056680][ T4347] do_writepages+0x48d/0x6d0 [ 72.061276][ T4347] ? __writepage+0x130/0x130 [ 72.065857][ T4347] ? writeback_single_inode+0x216/0x8b0 [ 72.071406][ T4347] ? __lock_acquire+0x7c60/0x7c60 [ 72.076421][ T4347] ? do_raw_spin_lock+0x11d/0x280 [ 72.081438][ T4347] __writeback_single_inode+0x153/0xda0 [ 72.086978][ T4347] writeback_single_inode+0x221/0x8b0 [ 72.092342][ T4347] ? write_inode_now+0x280/0x280 [ 72.097271][ T4347] write_inode_now+0x217/0x280 [ 72.102033][ T4347] ? bdi_split_work_to_wbs+0x820/0x820 [ 72.107491][ T4347] ? do_raw_spin_unlock+0x11d/0x230 [ 72.112704][ T4347] iput+0x5ab/0x8a0 [ 72.116508][ T4347] ext4_xattr_set_entry+0x10ff/0x3d30 [ 72.121877][ T4347] ? ext4_xattr_ibody_set+0x330/0x330 [ 72.127259][ T4347] ? rcu_is_watching+0x11/0xa0 [ 72.132013][ T4347] ? kmem_cache_free+0x14c/0x210 [ 72.136965][ T4347] ? mb_cache_entry_delete_or_get+0x1bd/0x1e0 [ 72.143048][ T4347] ext4_xattr_block_set+0x4f7/0x2d30 [ 72.148323][ T4347] ? do_raw_spin_unlock+0x11d/0x230 [ 72.153517][ T4347] ? __ext4_xattr_check_block+0x7d8/0x8d0 [ 72.159228][ T4347] ? ext4_xattr_block_find+0x500/0x500 [ 72.164691][ T4347] ? ext4_xattr_block_find+0x433/0x500 [ 72.170143][ T4347] ext4_expand_extra_isize_ea+0xf4b/0x19a0 [ 72.175941][ T4347] __ext4_expand_extra_isize+0x301/0x3e0 [ 72.181564][ T4347] __ext4_mark_inode_dirty+0x469/0x700 [ 72.187011][ T4347] ext4_evict_inode+0xa81/0x1080 [ 72.191936][ T4347] ? _raw_spin_unlock+0x24/0x40 [ 72.196775][ T4347] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 72.202669][ T4347] ? do_raw_spin_unlock+0x11d/0x230 [ 72.207861][ T4347] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 72.213765][ T4347] evict+0x485/0x870 [ 72.217651][ T4347] ? __lock_acquire+0x7c60/0x7c60 [ 72.222664][ T4347] ? proc_nr_inodes+0x320/0x320 [ 72.227502][ T4347] ? do_raw_spin_unlock+0x11d/0x230 [ 72.232687][ T4347] ? _raw_spin_unlock+0x24/0x40 [ 72.237537][ T4347] ? iput+0x706/0x8a0 [ 72.241643][ T4347] ext4_orphan_cleanup+0xaa9/0x12e0 [ 72.246856][ T4347] ? ext4_orphan_del+0xb90/0xb90 [ 72.251901][ T4347] ? errseq_check_and_advance+0x62/0x120 [ 72.257573][ T4347] ext4_fill_super+0x92f0/0x9a60 [ 72.262572][ T4347] ? ext4_mount+0x40/0x40 [ 72.267074][ T4347] ? set_blocksize+0x1f1/0x370 [ 72.271848][ T4347] ? sb_set_blocksize+0xa5/0xe0 [ 72.276789][ T4347] mount_bdev+0x287/0x3c0 [ 72.281128][ T4347] ? ext4_mount+0x40/0x40 [ 72.285463][ T4347] legacy_get_tree+0xe6/0x180 [ 72.290151][ T4347] ? ext4_errno_to_code+0x160/0x160 [ 72.295339][ T4347] vfs_get_tree+0x88/0x270 [ 72.299761][ T4347] do_new_mount+0x24a/0xa40 [ 72.304438][ T4347] __se_sys_mount+0x2d6/0x3c0 [ 72.309290][ T4347] ? __x64_sys_mount+0xc0/0xc0 [ 72.314292][ T4347] ? lockdep_hardirqs_on+0x94/0x140 [ 72.319491][ T4347] ? __x64_sys_mount+0x1c/0xc0 [ 72.324266][ T4347] do_syscall_64+0x4c/0xa0 [ 72.328686][ T4347] ? clear_bhb_loop+0x30/0x80 [ 72.333355][ T4347] ? clear_bhb_loop+0x30/0x80 [ 72.338022][ T4347] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 72.343902][ T4347] RIP: 0033:0x7f52600c4eea [ 72.348308][ T4347] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 72.367906][ T4347] RSP: 002b:00007fffa5919ab8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 72.376314][ T4347] RAX: ffffffffffffffda RBX: 00007fffa5919b40 RCX: 00007f52600c4eea [ 72.384278][ T4347] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007fffa5919b00 [ 72.392547][ T4347] RBP: 0000200000000180 R08: 00007fffa5919b40 R09: 0000000000800700 [ 72.400521][ T4347] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 72.408496][ T4347] R13: 00007fffa5919b00 R14: 000000000000046f R15: 000000000000002c [ 72.416587][ T4347] [ 72.423099][ T4232] Bluetooth: hci0: command 0x040f tx timeout [ 72.439309][ T4347] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 72.452912][ T4347] EXT4-fs (loop0): Remounting filesystem read-only [ 72.460101][ T4347] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 11 err=-117 [ 72.473803][ T4347] EXT4-fs (loop0): Remounting filesystem read-only [ 72.480493][ T4347] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2826: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 72.496187][ T4347] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 72.510042][ T4347] EXT4-fs (loop0): Remounting filesystem read-only [ 72.516587][ T4347] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 11 err=-117 [ 72.529212][ T4347] EXT4-fs (loop0): Remounting filesystem read-only [ 72.535806][ T4347] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #18: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 72.549594][ T4347] EXT4-fs (loop0): Remounting filesystem read-only [ 72.556309][ T4347] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 18 err=-117 [ 72.569571][ T4347] EXT4-fs (loop0): Remounting filesystem read-only [ 72.576179][ T4347] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #18: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 72.590338][ T4347] EXT4-fs (loop0): Remounting filesystem read-only [ 72.596947][ T4347] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 18 err=-117 [ 72.609628][ T4347] EXT4-fs (loop0): Remounting filesystem read-only [ 72.616203][ T144] device hsr_slave_0 left promiscuous mode [ 72.616265][ T4347] EXT4-fs (loop0): 1 orphan inode deleted [ 72.628056][ T4347] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodioread_nolock,errors=remount-ro,debug_want_extra_isize=0x000000000000005a,nouid32,resgid=0x0000000000000000,acl,init_itable=0x0000000000000003,. Quota mode: none. [ 72.651276][ T144] device hsr_slave_1 left promiscuous mode [ 72.676720][ T144] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 72.685383][ T144] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 72.693549][ T144] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 72.701562][ T144] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 72.709386][ T144] device bridge_slave_1 left promiscuous mode [ 72.715598][ T144] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.724055][ T144] device bridge_slave_0 left promiscuous mode [ 72.730479][ T144] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.741600][ T144] device veth1_macvtap left promiscuous mode [ 72.747790][ T144] device veth0_macvtap left promiscuous mode [ 72.753846][ T144] device veth1_vlan left promiscuous mode [ 72.760670][ T144] device veth0_vlan left promiscuous mode [ 72.926449][ T144] team0 (unregistering): Port device team_slave_1 removed [ 72.941133][ T144] team0 (unregistering): Port device team_slave_0 removed [ 72.957561][ T144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 72.970961][ T144] bond0 (unregistering): (slave bond_slave_0)