no interfaces have a carrier
[ 61.304137][ T5470] 8021q: adding VLAN 0 to HW filter on device bond0
[ 61.338799][ T5470] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting crond: OK
Starting sshd: OK
syzkaller
syzkaller login: [ 86.978390][ T9] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.1.33' (ED25519) to the list of known hosts.
2025/12/17 13:04:02 parsed 1 programs
[ 92.990004][ T5809] cgroup: Unknown subsys name 'net'
[ 93.250473][ T5809] cgroup: Unknown subsys name 'cpuset'
[ 93.315116][ T5809] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 95.188176][ T5809] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 98.563174][ T5124] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 98.577532][ T5124] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 98.578908][ T5124] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 98.579980][ T5124] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 98.580880][ T5124] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 101.727102][ T5861] chnl_net:caif_netlink_parms(): no params data found
[ 102.195156][ T5861] bridge0: port 1(bridge_slave_0) entered blocking state
[ 102.196740][ T5861] bridge0: port 1(bridge_slave_0) entered disabled state
[ 102.196906][ T5861] bridge_slave_0: entered allmulticast mode
[ 102.198538][ T5861] bridge_slave_0: entered promiscuous mode
[ 102.219653][ T5861] bridge0: port 2(bridge_slave_1) entered blocking state
[ 102.239157][ T5861] bridge0: port 2(bridge_slave_1) entered disabled state
[ 102.239306][ T5861] bridge_slave_1: entered allmulticast mode
[ 102.240839][ T5861] bridge_slave_1: entered promiscuous mode
[ 102.431473][ T5861] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 102.434185][ T5861] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 102.588901][ T5861] team0: Port device team_slave_0 added
[ 102.592140][ T5861] team0: Port device team_slave_1 added
[ 102.758082][ T5861] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 102.758094][ T5861] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 102.758109][ T5861] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 102.760768][ T5861] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 102.760784][ T5861] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 102.760805][ T5861] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 102.961380][ T5861] hsr_slave_0: entered promiscuous mode
[ 102.962399][ T5861] hsr_slave_1: entered promiscuous mode
[ 103.368478][ T5861] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 103.418973][ T5861] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 103.439875][ T5861] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 103.577341][ T5861] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 103.698018][ T5861] 8021q: adding VLAN 0 to HW filter on device bond0
[ 103.719591][ T5861] 8021q: adding VLAN 0 to HW filter on device team0
[ 103.732913][ T1283] bridge0: port 1(bridge_slave_0) entered blocking state
[ 103.734299][ T1283] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 103.761220][ T1499] bridge0: port 2(bridge_slave_1) entered blocking state
[ 103.761374][ T1499] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 104.129652][ T5861] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 104.232545][ T5861] veth0_vlan: entered promiscuous mode
[ 104.258301][ T5861] veth1_vlan: entered promiscuous mode
[ 104.332401][ T5861] veth0_macvtap: entered promiscuous mode
[ 104.347844][ T5861] veth1_macvtap: entered promiscuous mode
[ 104.369490][ T5861] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 104.385852][ T5861] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 104.403336][ T3544] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 104.417577][ T3544] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 104.419118][ T3544] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 104.419162][ T3544] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 105.149982][ T3544] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 105.367180][ T3544] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 105.597966][ T3544] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 106.231486][ T3544] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 106.427667][ T1499] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 106.427694][ T1499] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 106.492792][ T1231] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 106.492814][ T1231] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 107.456259][ T3544] bridge_slave_1: left allmulticast mode
[ 107.456366][ T3544] bridge_slave_1: left promiscuous mode
[ 107.458092][ T3544] bridge0: port 2(bridge_slave_1) entered disabled state
[ 107.566031][ T3544] bridge_slave_0: left allmulticast mode
[ 107.566060][ T3544] bridge_slave_0: left promiscuous mode
[ 107.566310][ T3544] bridge0: port 1(bridge_slave_0) entered disabled state
2025/12/17 13:04:20 executed programs: 0
[ 107.986182][ T5124] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 107.990205][ T5124] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 107.991397][ T5124] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 107.993868][ T5124] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 108.004019][ T5124] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 109.385155][ T3544] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 109.445171][ T3544] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 109.497029][ T3544] bond0 (unregistering): Released all slaves
[ 109.844540][ T3544] hsr_slave_0: left promiscuous mode
[ 109.884520][ T3544] hsr_slave_1: left promiscuous mode
[ 109.885371][ T3544] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 109.885434][ T3544] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 109.923745][ T3544] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 109.923774][ T3544] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 110.029006][ T3544] veth1_macvtap: left promiscuous mode
[ 110.029249][ T3544] veth0_macvtap: left promiscuous mode
[ 110.029518][ T3544] veth1_vlan: left promiscuous mode
[ 110.029820][ T3544] veth0_vlan: left promiscuous mode
[ 110.097260][ T5124] Bluetooth: hci0: command tx timeout
[ 112.045211][ T3544] team0 (unregistering): Port device team_slave_1 removed
[ 112.182737][ T5124] Bluetooth: hci0: command tx timeout
[ 112.315212][ T3544] team0 (unregistering): Port device team_slave_0 removed
[ 114.254571][ T5124] Bluetooth: hci0: command tx timeout
[ 114.712160][ T5918] chnl_net:caif_netlink_parms(): no params data found
[ 115.194780][ T5918] bridge0: port 1(bridge_slave_0) entered blocking state
[ 115.194982][ T5918] bridge0: port 1(bridge_slave_0) entered disabled state
[ 115.195184][ T5918] bridge_slave_0: entered allmulticast mode
[ 115.201076][ T5918] bridge_slave_0: entered promiscuous mode
[ 115.255205][ T5918] bridge0: port 2(bridge_slave_1) entered blocking state
[ 115.255599][ T5918] bridge0: port 2(bridge_slave_1) entered disabled state
[ 115.255790][ T5918] bridge_slave_1: entered allmulticast mode
[ 115.257348][ T5918] bridge_slave_1: entered promiscuous mode
[ 115.431596][ T5918] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 115.436409][ T5918] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 115.672522][ T5918] team0: Port device team_slave_0 added
[ 115.676900][ T5918] team0: Port device team_slave_1 added
[ 115.838002][ T5918] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 115.838019][ T5918] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 115.838044][ T5918] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 115.840905][ T5918] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 115.840922][ T5918] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 115.840947][ T5918] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 116.336451][ T5124] Bluetooth: hci0: command tx timeout
[ 116.684994][ T5918] hsr_slave_0: entered promiscuous mode
[ 116.690236][ T5918] hsr_slave_1: entered promiscuous mode
[ 119.133647][ T5918] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 119.181878][ T5918] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 119.211327][ T5918] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 119.243687][ T5918] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 119.388173][ T5918] 8021q: adding VLAN 0 to HW filter on device bond0
[ 119.409749][ T5918] 8021q: adding VLAN 0 to HW filter on device team0
[ 119.426056][ T1283] bridge0: port 1(bridge_slave_0) entered blocking state
[ 119.426192][ T1283] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 119.432335][ T3544] bridge0: port 2(bridge_slave_1) entered blocking state
[ 119.432462][ T3544] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 119.636578][ T5918] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 119.682408][ T5918] veth0_vlan: entered promiscuous mode
[ 119.705934][ T5918] veth1_vlan: entered promiscuous mode
[ 119.737500][ T5918] veth0_macvtap: entered promiscuous mode
[ 119.740951][ T5918] veth1_macvtap: entered promiscuous mode
[ 119.759657][ T5918] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 119.779615][ T5918] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 119.798416][ T3544] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 119.799497][ T3544] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 119.799539][ T3544] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 119.799573][ T3544] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 119.993724][ T1231] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 119.993747][ T1231] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 120.053327][ T1231] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 120.053349][ T1231] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/12/17 13:04:32 executed programs: 2
[ 120.180006][ T6047] loop0: detected capacity change from 0 to 512
[ 120.242999][ T6047]
[ 120.243013][ T6047] ======================================================
[ 120.243020][ T6047] WARNING: possible circular locking dependency detected
[ 120.243036][ T6047] syzkaller #0 Not tainted
[ 120.243045][ T6047] ------------------------------------------------------
[ 120.243052][ T6047] syz.0.17/6047 is trying to acquire lock:
[ 120.243063][ T6047] ffff88803c5b2c58 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x1ca/0x350
[ 120.243130][ T6047]
[ 120.243130][ T6047] but task is already holding lock:
[ 120.243137][ T6047] ffff888053512470 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x3db/0x6e0
[ 120.243174][ T6047]
[ 120.243174][ T6047] which lock already depends on the new lock.
[ 120.243174][ T6047]
[ 120.243180][ T6047]
[ 120.243180][ T6047] the existing dependency chain (in reverse order) is:
[ 120.243188][ T6047]
[ 120.243188][ T6047] -> #2 (&ei->xattr_sem){++++}-{4:4}:
[ 120.243212][ T6047] down_write+0x3a/0x50
[ 120.243232][ T6047] ext4_xattr_set_handle+0x165/0x1590
[ 120.243254][ T6047] ext4_initxattrs+0x9f/0x110
[ 120.243270][ T6047] security_inode_init_security+0x290/0x3d0
[ 120.243290][ T6047] __ext4_new_inode+0x32f7/0x3c90
[ 120.243310][ T6047] ext4_create+0x22d/0x460
[ 120.243326][ T6047] path_openat+0x18d1/0x3df0
[ 120.243347][ T6047] do_filp_open+0x1fa/0x410
[ 120.243368][ T6047] do_sys_openat2+0x121/0x200
[ 120.243386][ T6047] __x64_sys_openat+0x138/0x170
[ 120.243404][ T6047] do_syscall_64+0xfa/0xf80
[ 120.243419][ T6047] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 120.243435][ T6047]
[ 120.243435][ T6047] -> #1 (jbd2_handle){++++}-{0:0}:
[ 120.243459][ T6047] wait_transaction_locked+0x1b6/0x270
[ 120.243481][ T6047] start_this_handle+0x77d/0x21c0
[ 120.243500][ T6047] jbd2__journal_start+0x2c1/0x5b0
[ 120.243518][ T6047] __ext4_journal_start_sb+0x203/0x580
[ 120.243539][ T6047] ext4_do_writepages+0xf41/0x44f0
[ 120.243557][ T6047] ext4_writepages+0x203/0x350
[ 120.243578][ T6047] do_writepages+0x32e/0x550
[ 120.243593][ T6047] __writeback_single_inode+0x133/0x1240
[ 120.243610][ T6047] writeback_sb_inodes+0x8c8/0x1840
[ 120.243711][ T6047] __writeback_inodes_wb+0x111/0x240
[ 120.243727][ T6047] wb_writeback+0x43f/0xaa0
[ 120.243750][ T6047] wb_workfn+0xad7/0xee0
[ 120.243769][ T6047] process_scheduled_works+0xad1/0x1770
[ 120.243788][ T6047] worker_thread+0x8a0/0xda0
[ 120.243806][ T6047] kthread+0x711/0x8a0
[ 120.243826][ T6047] ret_from_fork+0x599/0xb30
[ 120.243847][ T6047] ret_from_fork_asm+0x1a/0x30
[ 120.243871][ T6047]
[ 120.243871][ T6047] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}:
[ 120.243896][ T6047] __lock_acquire+0x15a6/0x2cf0
[ 120.243918][ T6047] lock_acquire+0x117/0x340
[ 120.243938][ T6047] percpu_down_read_internal+0x48/0x1d0
[ 120.243960][ T6047] ext4_writepages+0x1ca/0x350
[ 120.243981][ T6047] do_writepages+0x32e/0x550
[ 120.243996][ T6047] __writeback_single_inode+0x133/0x1240
[ 120.244012][ T6047] writeback_single_inode+0x488/0xd60
[ 120.244033][ T6047] write_inode_now+0x160/0x1d0
[ 120.244053][ T6047] iput+0xa77/0x1030
[ 120.244069][ T6047] ext4_xattr_block_set+0x1fce/0x2ac0
[ 120.244090][ T6047] ext4_expand_extra_isize_ea+0x12da/0x1ea0
[ 120.244112][ T6047] __ext4_expand_extra_isize+0x30d/0x400
[ 120.244133][ T6047] __ext4_mark_inode_dirty+0x45c/0x6e0
[ 120.244148][ T6047] ext4_evict_inode+0x79c/0xe60
[ 120.244162][ T6047] evict+0x5f4/0xae0
[ 120.244182][ T6047] ext4_orphan_cleanup+0xc20/0x1460
[ 120.244197][ T6047] ext4_fill_super+0x58ad/0x6170
[ 120.244222][ T6047] get_tree_bdev_flags+0x40e/0x4d0
[ 120.244245][ T6047] vfs_get_tree+0x92/0x2a0
[ 120.244266][ T6047] do_new_mount+0x302/0xa10
[ 120.244282][ T6047] __se_sys_mount+0x313/0x410
[ 120.244297][ T6047] do_syscall_64+0xfa/0xf80
[ 120.244309][ T6047] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 120.244323][ T6047]
[ 120.244323][ T6047] other info that might help us debug this:
[ 120.244323][ T6047]
[ 120.244328][ T6047] Chain exists of:
[ 120.244328][ T6047] &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem
[ 120.244328][ T6047]
[ 120.244360][ T6047] Possible unsafe locking scenario:
[ 120.244360][ T6047]
[ 120.244365][ T6047] CPU0 CPU1
[ 120.244369][ T6047] ---- ----
[ 120.244374][ T6047] lock(&ei->xattr_sem);
[ 120.244384][ T6047] lock(jbd2_handle);
[ 120.244394][ T6047] lock(&ei->xattr_sem);
[ 120.244404][ T6047] rlock(&sbi->s_writepages_rwsem);
[ 120.244415][ T6047]
[ 120.244415][ T6047] *** DEADLOCK ***
[ 120.244415][ T6047]
[ 120.244419][ T6047] 3 locks held by syz.0.17/6047:
[ 120.244428][ T6047] #0: ffff88803c5b60d0 (&type->s_umount_key#27/1){+.+.}-{4:4}, at: alloc_super+0x28c/0xab0
[ 120.244475][ T6047] #1: ffff88803c5b6770 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x26f/0xe60
[ 120.244510][ T6047] #2: ffff888053512470 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x3db/0x6e0
[ 120.244548][ T6047]
[ 120.244548][ T6047] stack backtrace:
[ 120.244571][ T6047] CPU: 1 UID: 0 PID: 6047 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 120.244588][ T6047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 120.244605][ T6047] Call Trace:
[ 120.244619][ T6047]
[ 120.244626][ T6047] dump_stack_lvl+0x189/0x250
[ 120.244657][ T6047] ? __pfx_dump_stack_lvl+0x10/0x10
[ 120.244677][ T6047] ? __pfx__printk+0x10/0x10
[ 120.244694][ T6047] ? print_lock_name+0xde/0x100
[ 120.244718][ T6047] print_circular_bug+0x2e2/0x300
[ 120.244735][ T6047] check_noncircular+0x12e/0x150
[ 120.244762][ T6047] __lock_acquire+0x15a6/0x2cf0
[ 120.244792][ T6047] ? ext4_writepages+0x1ca/0x350
[ 120.244812][ T6047] lock_acquire+0x117/0x340
[ 120.244830][ T6047] ? ext4_writepages+0x1ca/0x350
[ 120.244852][ T6047] ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 120.244867][ T6047] ? lockdep_hardirqs_on+0x98/0x140
[ 120.244882][ T6047] percpu_down_read_internal+0x48/0x1d0
[ 120.244902][ T6047] ? ext4_writepages+0x1ca/0x350
[ 120.244924][ T6047] ext4_writepages+0x1ca/0x350
[ 120.244947][ T6047] ? __pfx_ext4_writepages+0x10/0x10
[ 120.244967][ T6047] ? rt_mutex_slowunlock+0x493/0x8a0
[ 120.244994][ T6047] ? rt_spin_unlock+0x150/0x200
[ 120.245014][ T6047] ? rt_spin_unlock+0x161/0x200
[ 120.245033][ T6047] ? __pfx_ext4_writepages+0x10/0x10
[ 120.245055][ T6047] do_writepages+0x32e/0x550
[ 120.245074][ T6047] ? rt_mutex_slowunlock+0x493/0x8a0
[ 120.245099][ T6047] __writeback_single_inode+0x133/0x1240
[ 120.245118][ T6047] ? rt_spin_unlock+0x161/0x200
[ 120.245138][ T6047] writeback_single_inode+0x488/0xd60
[ 120.245162][ T6047] write_inode_now+0x160/0x1d0
[ 120.245184][ T6047] ? __pfx_write_inode_now+0x10/0x10
[ 120.245217][ T6047] ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 120.245241][ T6047] ? rt_spin_unlock+0x161/0x200
[ 120.245263][ T6047] iput+0xa77/0x1030
[ 120.245286][ T6047] ext4_xattr_block_set+0x1fce/0x2ac0
[ 120.245322][ T6047] ? __pfx_ext4_xattr_block_set+0x10/0x10
[ 120.245345][ T6047] ? ext4_xattr_block_find+0x2d4/0x350
[ 120.245368][ T6047] ext4_expand_extra_isize_ea+0x12da/0x1ea0
[ 120.245405][ T6047] __ext4_expand_extra_isize+0x30d/0x400
[ 120.245430][ T6047] __ext4_mark_inode_dirty+0x45c/0x6e0
[ 120.245450][ T6047] ext4_evict_inode+0x79c/0xe60
[ 120.245472][ T6047] ? __pfx_ext4_evict_inode+0x10/0x10
[ 120.245487][ T6047] ? rt_spin_unlock+0x150/0x200
[ 120.245509][ T6047] ? rt_spin_unlock+0x161/0x200
[ 120.245529][ T6047] ? __pfx_ext4_evict_inode+0x10/0x10
[ 120.245546][ T6047] evict+0x5f4/0xae0
[ 120.245571][ T6047] ? __pfx_evict+0x10/0x10
[ 120.245592][ T6047] ? rt_spin_unlock+0x161/0x200
[ 120.245632][ T6047] ? iput+0xcc6/0x1030
[ 120.245660][ T6047] ext4_orphan_cleanup+0xc20/0x1460
[ 120.245682][ T6047] ? __pfx_ext4_orphan_cleanup+0x10/0x10
[ 120.245700][ T6047] ? ext4_register_li_request+0x640/0x720
[ 120.245729][ T6047] ? errseq_check_and_advance+0x66/0x120
[ 120.245745][ T6047] ext4_fill_super+0x58ad/0x6170
[ 120.245778][ T6047] ? __pfx_ext4_fill_super+0x10/0x10
[ 120.245800][ T6047] ? snprintf+0xda/0x120
[ 120.245820][ T6047] ? rt_spin_lock+0x1c1/0x3e0
[ 120.245843][ T6047] ? __pfx_snprintf+0x10/0x10
[ 120.245863][ T6047] ? set_blocksize+0x219/0x450
[ 120.245883][ T6047] ? rt_spin_unlock+0x150/0x200
[ 120.245905][ T6047] ? sb_set_blocksize+0x11b/0x210
[ 120.245926][ T6047] ? setup_bdev_super+0x4c1/0x5b0
[ 120.245950][ T6047] get_tree_bdev_flags+0x40e/0x4d0
[ 120.245974][ T6047] ? __pfx_ext4_fill_super+0x10/0x10
[ 120.245996][ T6047] ? __pfx_get_tree_bdev_flags+0x10/0x10
[ 120.246020][ T6047] ? cap_capable+0x123/0x440
[ 120.246042][ T6047] ? safesetid_security_capable+0xa9/0x1a0
[ 120.246068][ T6047] vfs_get_tree+0x92/0x2a0
[ 120.246092][ T6047] do_new_mount+0x302/0xa10
[ 120.246110][ T6047] ? safesetid_security_capable+0xa9/0x1a0
[ 120.246135][ T6047] ? __pfx_do_new_mount+0x10/0x10
[ 120.246152][ T6047] ? ns_capable+0x8a/0xf0
[ 120.246178][ T6047] __se_sys_mount+0x313/0x410
[ 120.246198][ T6047] ? __pfx___se_sys_mount+0x10/0x10
[ 120.246218][ T6047] ? do_syscall_64+0xbe/0xf80
[ 120.246234][ T6047] ? __x64_sys_mount+0x20/0xc0
[ 120.246252][ T6047] do_syscall_64+0xfa/0xf80
[ 120.246270][ T6047] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 120.246287][ T6047] ? clear_bhb_loop+0x60/0xb0
[ 120.246306][ T6047] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 120.246324][ T6047] RIP: 0033:0x7f1717c10eea
[ 120.246349][ T6047] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 120.246364][ T6047] RSP: 002b:00007ffc904f8068 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 120.246383][ T6047] RAX: ffffffffffffffda RBX: 00007ffc904f80f0 RCX: 00007f1717c10eea
[ 120.246397][ T6047] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007ffc904f80b0
[ 120.246409][ T6047] RBP: 0000200000000180 R08: 00007ffc904f80f0 R09: 0000000001800700
[ 120.246422][ T6047] R10: 0000000001800700 R11: 0000000000000246 R12: 00002000000001c0
[ 120.246434][ T6047] R13: 00007ffc904f80b0 R14: 000000000000047c R15: 00002000000004c0
[ 120.246453][ T6047]
[ 120.265016][ T6047] ------------[ cut here ]------------
[ 120.265029][ T6047] EA inode 11 i_nlink=2
[ 120.265042][ T6047] WARNING: fs/ext4/xattr.c:1058 at ext4_xattr_inode_update_ref+0x494/0x570, CPU#0: syz.0.17/6047
[ 120.265084][ T6047] Modules linked in:
[ 120.265101][ T6047] CPU: 0 UID: 0 PID: 6047 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 120.265121][ T6047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 120.265132][ T6047] RIP: 0010:ext4_xattr_inode_update_ref+0x4dc/0x570
[ 120.265157][ T6047] Code: 74 08 4c 89 ef e8 44 a6 9f ff 4d 8b 6d 00 48 b8 00 00 00 00 00 fc ff df 41 0f b6 04 06 84 c0 75 77 41 8b 17 4c 89 e7 4c 89 ee <67> 48 0f b9 3a 4c 8b 6c 24 28 e9 bd fe ff ff e8 00 62 50 08 44 89
[ 120.265172][ T6047] RSP: 0018:ffffc9000402f100 EFLAGS: 00010246
[ 120.265187][ T6047] RAX: 0000000000000000 RBX: 1ffff1100a68fb16 RCX: dffffc0000000000
[ 120.265200][ T6047] RDX: 0000000000000002 RSI: 000000000000000b RDI: ffffffff8ee143c0
[ 120.265212][ T6047] RBP: ffffc9000402f1f8 R08: 0000000000000000 R09: 0000000000000000
[ 120.265223][ T6047] R10: dffffc0000000000 R11: ffffed100a68fb17 R12: ffffffff8ee143c0
[ 120.265236][ T6047] R13: 000000000000000b R14: 1ffff1100a68fadb R15: ffff88805347d6d8
[ 120.265249][ T6047] FS: 0000555591722500(0000) GS:ffff888126d01000(0000) knlGS:0000000000000000
[ 120.265264][ T6047] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 120.265277][ T6047] CR2: 00007fc8ecaaa9c0 CR3: 00000000277ca000 CR4: 00000000003526f0
[ 120.265293][ T6047] Call Trace:
[ 120.265300][ T6047]
[ 120.265307][ T6047] ? __pfx_inode_set_ctime_to_ts+0x10/0x10
[ 120.265335][ T6047] ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10
[ 120.265360][ T6047] ? ext4_xattr_inode_iget+0x3d2/0x5f0
[ 120.265385][ T6047] ext4_xattr_set_entry+0xabb/0x1e20
[ 120.265416][ T6047] ext4_xattr_ibody_set+0x254/0x6a0
[ 120.265440][ T6047] ext4_expand_extra_isize_ea+0x13ad/0x1ea0
[ 120.265477][ T6047] __ext4_expand_extra_isize+0x30d/0x400
[ 120.265504][ T6047] __ext4_mark_inode_dirty+0x45c/0x6e0
[ 120.265525][ T6047] ext4_evict_inode+0x79c/0xe60
[ 120.265546][ T6047] ? __pfx_ext4_evict_inode+0x10/0x10
[ 120.265562][ T6047] ? rt_spin_unlock+0x150/0x200
[ 120.265587][ T6047] ? rt_spin_unlock+0x161/0x200
[ 120.265624][ T6047] ? __pfx_ext4_evict_inode+0x10/0x10
[ 120.265639][ T6047] evict+0x5f4/0xae0
[ 120.265664][ T6047] ? __pfx_evict+0x10/0x10
[ 120.265685][ T6047] ? rt_spin_unlock+0x161/0x200
[ 120.265708][ T6047] ? iput+0xcc6/0x1030
[ 120.265729][ T6047] ext4_orphan_cleanup+0xc20/0x1460
[ 120.265752][ T6047] ? __pfx_ext4_orphan_cleanup+0x10/0x10
[ 120.265770][ T6047] ? ext4_register_li_request+0x640/0x720
[ 120.265797][ T6047] ? errseq_check_and_advance+0x66/0x120
[ 120.265817][ T6047] ext4_fill_super+0x58ad/0x6170
[ 120.265849][ T6047] ? __pfx_ext4_fill_super+0x10/0x10
[ 120.265872][ T6047] ? snprintf+0xda/0x120
[ 120.265898][ T6047] ? rt_spin_lock+0x1c1/0x3e0
[ 120.265922][ T6047] ? __pfx_snprintf+0x10/0x10
[ 120.265942][ T6047] ? set_blocksize+0x219/0x450
[ 120.265962][ T6047] ? rt_spin_unlock+0x150/0x200
[ 120.265986][ T6047] ? sb_set_blocksize+0x11b/0x210
[ 120.266007][ T6047] ? setup_bdev_super+0x4c1/0x5b0
[ 120.266032][ T6047] get_tree_bdev_flags+0x40e/0x4d0
[ 120.266056][ T6047] ? __pfx_ext4_fill_super+0x10/0x10
[ 120.266079][ T6047] ? __pfx_get_tree_bdev_flags+0x10/0x10
[ 120.266104][ T6047] ? cap_capable+0x123/0x440
[ 120.266127][ T6047] ? safesetid_security_capable+0xa9/0x1a0
[ 120.266153][ T6047] vfs_get_tree+0x92/0x2a0
[ 120.266177][ T6047] do_new_mount+0x302/0xa10
[ 120.266194][ T6047] ? safesetid_security_capable+0xa9/0x1a0
[ 120.266219][ T6047] ? __pfx_do_new_mount+0x10/0x10
[ 120.266236][ T6047] ? ns_capable+0x8a/0xf0
[ 120.266261][ T6047] __se_sys_mount+0x313/0x410
[ 120.266281][ T6047] ? __pfx___se_sys_mount+0x10/0x10
[ 120.266301][ T6047] ? do_syscall_64+0xbe/0xf80
[ 120.266317][ T6047] ? __x64_sys_mount+0x20/0xc0
[ 120.266336][ T6047] do_syscall_64+0xfa/0xf80
[ 120.266352][ T6047] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 120.266370][ T6047] ? clear_bhb_loop+0x60/0xb0
[ 120.266392][ T6047] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 120.266409][ T6047] RIP: 0033:0x7f1717c10eea
[ 120.266425][ T6047] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 120.266439][ T6047] RSP: 002b:00007ffc904f8068 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 120.266457][ T6047] RAX: ffffffffffffffda RBX: 00007ffc904f80f0 RCX: 00007f1717c10eea
[ 120.266469][ T6047] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007ffc904f80b0
[ 120.266482][ T6047] RBP: 0000200000000180 R08: 00007ffc904f80f0 R09: 0000000001800700
[ 120.266494][ T6047] R10: 0000000001800700 R11: 0000000000000246 R12: 00002000000001c0
[ 120.266506][ T6047] R13: 00007ffc904f80b0 R14: 000000000000047c R15: 00002000000004c0
[ 120.266525][ T6047]
[ 120.266535][ T6047] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 120.266547][ T6047] CPU: 0 UID: 0 PID: 6047 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 120.266568][ T6047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 120.266578][ T6047] Call Trace:
[ 120.266585][ T6047]
[ 120.266591][ T6047] dump_stack_lvl+0x99/0x250
[ 120.266615][ T6047] ? __asan_memcpy+0x40/0x70
[ 120.266747][ T6047] ? __pfx_dump_stack_lvl+0x10/0x10
[ 120.266784][ T6047] ? __pfx__printk+0x10/0x10
[ 120.266807][ T6047] vpanic+0x237/0x6d0
[ 120.266833][ T6047] ? __pfx_vpanic+0x10/0x10
[ 120.266855][ T6047] ? is_bpf_text_address+0x292/0x2b0
[ 120.266878][ T6047] ? is_bpf_text_address+0x26/0x2b0
[ 120.266903][ T6047] panic+0xb9/0xc0
[ 120.266926][ T6047] ? __pfx_panic+0x10/0x10
[ 120.266977][ T6047] __warn+0x317/0x4b0
[ 120.266999][ T6047] ? ext4_xattr_inode_update_ref+0x494/0x570
[ 120.267026][ T6047] ? ext4_xattr_inode_update_ref+0x494/0x570
[ 120.267051][ T6047] __report_bug+0x288/0x500
[ 120.267079][ T6047] ? ext4_xattr_inode_update_ref+0x494/0x570
[ 120.267107][ T6047] ? __pfx___report_bug+0x10/0x10
[ 120.267131][ T6047] ? __ext4_get_inode_loc+0x69a/0x1040
[ 120.267155][ T6047] ? ext4_fc_track_inode+0x133/0xb20
[ 120.267182][ T6047] ? set_normalized_timespec64+0xf0/0x1a0
[ 120.267208][ T6047] ? __ext4_journal_get_write_access+0x84/0x570
[ 120.267235][ T6047] report_bug_entry+0x19a/0x290
[ 120.267263][ T6047] ? ext4_xattr_inode_update_ref+0x4dc/0x570
[ 120.267288][ T6047] ? ext4_xattr_inode_update_ref+0x4e1/0x570
[ 120.267313][ T6047] handle_bug+0xca/0x200
[ 120.267333][ T6047] exc_invalid_op+0x1a/0x50
[ 120.267358][ T6047] asm_exc_invalid_op+0x1a/0x20
[ 120.267376][ T6047] RIP: 0010:ext4_xattr_inode_update_ref+0x4dc/0x570
[ 120.267404][ T6047] Code: 74 08 4c 89 ef e8 44 a6 9f ff 4d 8b 6d 00 48 b8 00 00 00 00 00 fc ff df 41 0f b6 04 06 84 c0 75 77 41 8b 17 4c 89 e7 4c 89 ee <67> 48 0f b9 3a 4c 8b 6c 24 28 e9 bd fe ff ff e8 00 62 50 08 44 89
[ 120.267421][ T6047] RSP: 0018:ffffc9000402f100 EFLAGS: 00010246
[ 120.267438][ T6047] RAX: 0000000000000000 RBX: 1ffff1100a68fb16 RCX: dffffc0000000000
[ 120.267452][ T6047] RDX: 0000000000000002 RSI: 000000000000000b RDI: ffffffff8ee143c0
[ 120.267464][ T6047] RBP: ffffc9000402f1f8 R08: 0000000000000000 R09: 0000000000000000
[ 120.267477][ T6047] R10: dffffc0000000000 R11: ffffed100a68fb17 R12: ffffffff8ee143c0
[ 120.267490][ T6047] R13: 000000000000000b R14: 1ffff1100a68fadb R15: ffff88805347d6d8
[ 120.267579][ T6047] ? __pfx_inode_set_ctime_to_ts+0x10/0x10
[ 120.267609][ T6047] ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10
[ 120.267635][ T6047] ? ext4_xattr_inode_iget+0x3d2/0x5f0
[ 120.267656][ T6047] ext4_xattr_set_entry+0xabb/0x1e20
[ 120.267682][ T6047] ext4_xattr_ibody_set+0x254/0x6a0
[ 120.267705][ T6047] ext4_expand_extra_isize_ea+0x13ad/0x1ea0
[ 120.267743][ T6047] __ext4_expand_extra_isize+0x30d/0x400
[ 120.267770][ T6047] __ext4_mark_inode_dirty+0x45c/0x6e0
[ 120.267793][ T6047] ext4_evict_inode+0x79c/0xe60
[ 120.267814][ T6047] ? __pfx_ext4_evict_inode+0x10/0x10
[ 120.267830][ T6047] ? rt_spin_unlock+0x150/0x200
[ 120.267856][ T6047] ? rt_spin_unlock+0x161/0x200
[ 120.267886][ T6047] ? __pfx_ext4_evict_inode+0x10/0x10
[ 120.267904][ T6047] evict+0x5f4/0xae0
[ 120.267929][ T6047] ? __pfx_evict+0x10/0x10
[ 120.267951][ T6047] ? rt_spin_unlock+0x161/0x200
[ 120.267974][ T6047] ? iput+0xcc6/0x1030
[ 120.267996][ T6047] ext4_orphan_cleanup+0xc20/0x1460
[ 120.268020][ T6047] ? __pfx_ext4_orphan_cleanup+0x10/0x10
[ 120.268038][ T6047] ? ext4_register_li_request+0x640/0x720
[ 120.268066][ T6047] ? errseq_check_and_advance+0x66/0x120
[ 120.268088][ T6047] ext4_fill_super+0x58ad/0x6170
[ 120.268122][ T6047] ? __pfx_ext4_fill_super+0x10/0x10
[ 120.268146][ T6047] ? snprintf+0xda/0x120
[ 120.268167][ T6047] ? rt_spin_lock+0x1c1/0x3e0
[ 120.268194][ T6047] ? __pfx_snprintf+0x10/0x10
[ 120.268214][ T6047] ? set_blocksize+0x219/0x450
[ 120.268235][ T6047] ? rt_spin_unlock+0x150/0x200
[ 120.268258][ T6047] ? sb_set_blocksize+0x11b/0x210
[ 120.268276][ T6047] ? setup_bdev_super+0x4c1/0x5b0
[ 120.268299][ T6047] get_tree_bdev_flags+0x40e/0x4d0
[ 120.268323][ T6047] ? __pfx_ext4_fill_super+0x10/0x10
[ 120.268348][ T6047] ? __pfx_get_tree_bdev_flags+0x10/0x10
[ 120.268373][ T6047] ? cap_capable+0x123/0x440
[ 120.268397][ T6047] ? safesetid_security_capable+0xa9/0x1a0
[ 120.268424][ T6047] vfs_get_tree+0x92/0x2a0
[ 120.268448][ T6047] do_new_mount+0x302/0xa10
[ 120.268462][ T6047] ? safesetid_security_capable+0xa9/0x1a0
[ 120.268483][ T6047] ? __pfx_do_new_mount+0x10/0x10
[ 120.268497][ T6047] ? ns_capable+0x8a/0xf0
[ 120.268520][ T6047] __se_sys_mount+0x313/0x410
[ 120.268539][ T6047] ? __pfx___se_sys_mount+0x10/0x10
[ 120.268555][ T6047] ? do_syscall_64+0xbe/0xf80
[ 120.268571][ T6047] ? __x64_sys_mount+0x20/0xc0
[ 120.268590][ T6047] do_syscall_64+0xfa/0xf80
[ 120.268607][ T6047] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 120.268623][ T6047] ? clear_bhb_loop+0x60/0xb0
[ 120.268640][ T6047] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 120.268651][ T6047] RIP: 0033:0x7f1717c10eea
[ 120.268662][ T6047] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 120.268671][ T6047] RSP: 002b:00007ffc904f8068 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 120.268683][ T6047] RAX: ffffffffffffffda RBX: 00007ffc904f80f0 RCX: 00007f1717c10eea
[ 120.268690][ T6047] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007ffc904f80b0
[ 120.268697][ T6047] RBP: 0000200000000180 R08: 00007ffc904f80f0 R09: 0000000001800700
[ 120.268704][ T6047] R10: 0000000001800700 R11: 0000000000000246 R12: 00002000000001c0
[ 120.268711][ T6047] R13: 00007ffc904f80b0 R14: 000000000000047c R15: 00002000000004c0
[ 120.268721][ T6047]
[ 120.269260][ T6047] Kernel Offset: disabled