Warning: Permanently added '10.128.0.113' (ED25519) to the list of known hosts. 1970/01/01 00:00:32 parsed 1 programs [ 33.468760][ T4327] cgroup: Unknown subsys name 'net' [ 33.742523][ T4327] cgroup: Unknown subsys name 'rlimit' [ 34.046781][ T4327] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 42.028851][ T1818] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 42.030232][ T1818] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 42.032241][ T1818] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 42.039263][ T1818] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 42.040713][ T1818] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 42.042336][ T1818] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 42.412766][ T4369] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 42.414325][ T4369] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 42.415565][ T4369] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 42.417109][ T4369] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 42.418555][ T4369] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 42.420410][ T4369] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 43.190562][ T4413] chnl_net:caif_netlink_parms(): no params data found [ 43.208711][ T4413] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.210211][ T4413] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.212164][ T4413] device bridge_slave_0 entered promiscuous mode [ 43.215053][ T4413] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.216332][ T4413] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.217772][ T4413] device bridge_slave_1 entered promiscuous mode [ 43.225698][ T4413] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 43.228073][ T4413] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 43.235487][ T4413] team0: Port device team_slave_0 added [ 43.237222][ T4413] team0: Port device team_slave_1 added [ 43.244025][ T4413] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 43.245106][ T4413] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 43.249125][ T4413] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 43.252493][ T4413] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 43.253591][ T4413] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 43.257773][ T4413] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 43.311361][ T4413] device hsr_slave_0 entered promiscuous mode [ 43.370023][ T4413] device hsr_slave_1 entered promiscuous mode [ 43.482709][ T4413] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 43.529272][ T4413] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 43.569188][ T4413] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 43.606084][ T4413] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 43.657192][ T4413] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.658534][ T4413] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.660101][ T4413] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.661191][ T4413] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.678382][ T4413] 8021q: adding VLAN 0 to HW filter on device bond0 [ 43.692519][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 43.694684][ T39] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.696343][ T39] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.704392][ T4413] 8021q: adding VLAN 0 to HW filter on device team0 [ 43.707769][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 43.709321][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.710653][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.713925][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 43.715491][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.716530][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.723478][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 43.725159][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 43.728598][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 43.732243][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 43.735193][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 43.737529][ T4413] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 43.804280][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 43.805628][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 43.808880][ T4413] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 43.815537][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 43.823064][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 43.824954][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 43.826604][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 43.828856][ T4413] device veth0_vlan entered promiscuous mode [ 43.832102][ T4413] device veth1_vlan entered promiscuous mode [ 43.840230][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 43.841895][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 43.843608][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 43.846347][ T4413] device veth0_macvtap entered promiscuous mode [ 43.848807][ T4413] device veth1_macvtap entered promiscuous mode [ 43.854833][ T4413] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 43.856159][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 43.858461][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 44.174375][ T4413] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 44.179493][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 44.182557][ T4413] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.184086][ T4413] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.185424][ T4413] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.186764][ T4413] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 1970/01/01 00:00:44 executed programs: 0 [ 44.422010][ T47] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 44.423805][ T47] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 44.425444][ T47] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 44.427037][ T47] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 44.428370][ T47] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 44.429626][ T47] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 44.643272][ T4435] chnl_net:caif_netlink_parms(): no params data found [ 44.660339][ T4435] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.662588][ T4435] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.664232][ T4435] device bridge_slave_0 entered promiscuous mode [ 44.690483][ T4435] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.691723][ T4435] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.693288][ T4435] device bridge_slave_1 entered promiscuous mode [ 44.710978][ T4435] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 44.713495][ T4435] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 44.720908][ T4435] team0: Port device team_slave_0 added [ 44.723157][ T4435] team0: Port device team_slave_1 added [ 44.729021][ T4435] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 44.730580][ T4435] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 44.734866][ T4435] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 44.737557][ T4435] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 44.738668][ T4435] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 44.742762][ T4435] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 44.811234][ T4435] device hsr_slave_0 entered promiscuous mode [ 44.850059][ T4435] device hsr_slave_1 entered promiscuous mode [ 44.899893][ T4435] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 44.901280][ T4435] Cannot create hsr debugfs directory [ 45.411588][ T4435] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 46.490517][ T4369] Bluetooth: hci0: command 0x0409 tx timeout [ 48.201280][ T4435] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 48.569746][ T4369] Bluetooth: hci0: command 0x041b tx timeout [ 49.350930][ T4435] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 49.431890][ T4435] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 49.651924][ T4435] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 49.716057][ T4435] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 49.751517][ T4435] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 49.851889][ T4435] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 49.955621][ T4435] 8021q: adding VLAN 0 to HW filter on device bond0 [ 49.959210][ T1818] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 49.960884][ T1818] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 49.963463][ T4435] 8021q: adding VLAN 0 to HW filter on device team0 [ 49.965795][ T1818] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.967346][ T1818] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.968853][ T1818] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.970510][ T1818] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.972177][ T1818] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 49.975445][ T1818] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.976986][ T1818] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.978556][ T1818] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.979607][ T1818] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.019001][ T1579] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 50.021913][ T1579] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 50.024551][ T1818] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 50.026407][ T1818] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 50.028460][ T1818] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 50.031233][ T1579] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 50.032931][ T1579] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 50.035495][ T1818] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 50.036988][ T1818] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 50.039393][ T1579] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 50.041215][ T1579] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 50.043666][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 50.131225][ T1579] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 50.132744][ T1579] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 50.135796][ T4435] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 50.176513][ T1579] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 50.178163][ T1579] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 50.185141][ T1579] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 50.187100][ T1579] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 50.188660][ T1579] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 50.190273][ T1579] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 50.193571][ T4435] device veth0_vlan entered promiscuous mode [ 50.196552][ T4435] device veth1_vlan entered promiscuous mode [ 50.203057][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 50.204569][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 50.206059][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 50.207489][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 50.209662][ T4435] device veth0_macvtap entered promiscuous mode [ 50.213116][ T4435] device veth1_macvtap entered promiscuous mode [ 50.217923][ T4435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 50.220228][ T4435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 50.222373][ T4435] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 50.223628][ T1818] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 50.225229][ T1818] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 50.226746][ T1818] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 50.228228][ T1818] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 50.232783][ T4435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 50.234558][ T4435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 50.237595][ T4435] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 50.294412][ T1579] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 50.296163][ T1579] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 50.298801][ T4435] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.300371][ T4435] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.301851][ T4435] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.303305][ T4435] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.321993][ T1579] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 50.323322][ T1579] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 50.325230][ T1579] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 50.334463][ T9] device hsr_slave_0 left promiscuous mode [ 50.360169][ T9] device hsr_slave_1 left promiscuous mode [ 50.499856][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 50.501073][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 50.502675][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 50.503976][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 50.505392][ T9] device bridge_slave_1 left promiscuous mode [ 50.506743][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 50.540618][ T9] device bridge_slave_0 left promiscuous mode [ 50.541791][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 50.649767][ T4369] Bluetooth: hci0: command 0x040f tx timeout [ 50.680049][ T9] device veth1_macvtap left promiscuous mode [ 50.681288][ T9] device veth0_macvtap left promiscuous mode [ 50.682246][ T9] device veth1_vlan left promiscuous mode [ 50.683237][ T9] device veth0_vlan left promiscuous mode [ 52.500859][ T9] team0 (unregistering): Port device team_slave_1 removed [ 52.680608][ T9] team0 (unregistering): Port device team_slave_0 removed [ 52.729796][ T4369] Bluetooth: hci0: command 0x0419 tx timeout [ 52.840499][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 53.040195][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 55.510680][ T9] bond0 (unregistering): Released all slaves [ 55.750343][ T330] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.753047][ T330] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.758143][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 55.791540][ T4454] loop0: detected capacity change from 0 to 512 [ 55.806277][ T4454] [ 55.806658][ T4454] ====================================================== [ 55.807900][ T4454] WARNING: possible circular locking dependency detected [ 55.809001][ T4454] syzkaller #0 Not tainted [ 55.809646][ T4454] ------------------------------------------------------ [ 55.810739][ T4454] syz.0.17/4454 is trying to acquire lock: [ 55.811605][ T4454] ffff0000d495eb98 (&sbi->s_writepages_rwsem){.+.+}-{0:0}, at: ext4_writepages+0x188/0x284c [ 55.813097][ T4454] [ 55.813097][ T4454] but task is already holding lock: [ 55.814376][ T4454] ffff0000ea320ad0 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x37c/0x790 [ 55.815959][ T4454] [ 55.815959][ T4454] which lock already depends on the new lock. [ 55.815959][ T4454] [ 55.817554][ T4454] [ 55.817554][ T4454] the existing dependency chain (in reverse order) is: [ 55.819012][ T4454] [ 55.819012][ T4454] -> #2 (&ei->xattr_sem){++++}-{3:3}: [ 55.820274][ T4454] down_read+0x64/0x304 [ 55.821019][ T4454] ext4_setattr+0x7c4/0x150c [ 55.821793][ T4454] notify_change+0xb0c/0xdcc [ 55.822538][ T4454] chown_common+0x414/0x574 [ 55.823228][ T4454] do_fchownat+0x158/0x268 [ 55.824114][ T4454] __arm64_sys_fchownat+0xb8/0xd4 [ 55.825099][ T4454] invoke_syscall+0x98/0x2bc [ 55.825917][ T4454] el0_svc_common+0x138/0x258 [ 55.826827][ T4454] do_el0_svc+0x58/0x13c [ 55.827627][ T4454] el0_svc+0x58/0x138 [ 55.828299][ T4454] el0t_64_sync_handler+0x84/0xf0 [ 55.829196][ T4454] el0t_64_sync+0x18c/0x190 [ 55.829991][ T4454] [ 55.829991][ T4454] -> #1 (jbd2_handle){++++}-{0:0}: [ 55.831178][ T4454] start_this_handle+0xfe0/0x122c [ 55.832114][ T4454] jbd2__journal_start+0x288/0x51c [ 55.833070][ T4454] __ext4_journal_start_sb+0x2fc/0x674 [ 55.833969][ T4454] ext4_writepages+0xa28/0x284c [ 55.834868][ T4454] do_writepages+0x2c0/0x4fc [ 55.835689][ T4454] filemap_fdatawrite_wbc+0x124/0x174 [ 55.836694][ T4454] file_write_and_wait_range+0x110/0x1d8 [ 55.837666][ T4454] ext4_sync_file+0x210/0xc7c [ 55.838519][ T4454] __arm64_sys_fsync+0x178/0x1c0 [ 55.839387][ T4454] invoke_syscall+0x98/0x2bc [ 55.840263][ T4454] el0_svc_common+0x138/0x258 [ 55.841141][ T4454] do_el0_svc+0x58/0x13c [ 55.841923][ T4454] el0_svc+0x58/0x138 [ 55.842566][ T4454] el0t_64_sync_handler+0x84/0xf0 [ 55.843439][ T4454] el0t_64_sync+0x18c/0x190 [ 55.844200][ T4454] [ 55.844200][ T4454] -> #0 (&sbi->s_writepages_rwsem){.+.+}-{0:0}: [ 55.845599][ T4454] __lock_acquire+0x293c/0x6544 [ 55.846433][ T4454] lock_acquire+0x20c/0x644 [ 55.847193][ T4454] percpu_down_read+0x70/0x2a8 [ 55.848023][ T4454] ext4_writepages+0x188/0x284c [ 55.848868][ T4454] do_writepages+0x2c0/0x4fc [ 55.849689][ T4454] __writeback_single_inode+0x164/0x157c [ 55.850640][ T4454] writeback_single_inode+0x1c0/0x720 [ 55.851533][ T4454] write_inode_now+0x144/0x1b0 [ 55.852409][ T4454] iput+0x5cc/0x7f4 [ 55.853122][ T4454] ext4_xattr_block_set+0x17a4/0x2810 [ 55.854036][ T4454] ext4_expand_extra_isize_ea+0xcb8/0x15cc [ 55.855018][ T4454] __ext4_expand_extra_isize+0x298/0x358 [ 55.856044][ T4454] __ext4_mark_inode_dirty+0x3e4/0x790 [ 55.857002][ T4454] ext4_evict_inode+0xb58/0x1270 [ 55.857888][ T4454] evict+0x3c8/0x810 [ 55.858682][ T4454] iput+0x764/0x7f4 [ 55.859424][ T4454] ext4_process_orphan+0x240/0x2b4 [ 55.860355][ T4454] ext4_orphan_cleanup+0x908/0x104c [ 55.861272][ T4454] ext4_fill_super+0x6920/0x6e34 [ 55.862195][ T4454] get_tree_bdev+0x358/0x544 [ 55.863060][ T4454] ext4_get_tree+0x28/0x38 [ 55.863843][ T4454] vfs_get_tree+0x90/0x274 [ 55.864636][ T4454] do_new_mount+0x228/0x810 [ 55.865477][ T4454] path_mount+0x5b4/0xe78 [ 55.866238][ T4454] __arm64_sys_mount+0x49c/0x584 [ 55.867158][ T4454] invoke_syscall+0x98/0x2bc [ 55.868064][ T4454] el0_svc_common+0x138/0x258 [ 55.868953][ T4454] do_el0_svc+0x58/0x13c [ 55.869782][ T4454] el0_svc+0x58/0x138 [ 55.870545][ T4454] el0t_64_sync_handler+0x84/0xf0 [ 55.871454][ T4454] el0t_64_sync+0x18c/0x190 [ 55.872199][ T4454] [ 55.872199][ T4454] other info that might help us debug this: [ 55.872199][ T4454] [ 55.873789][ T4454] Chain exists of: [ 55.873789][ T4454] &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem [ 55.873789][ T4454] [ 55.875985][ T4454] Possible unsafe locking scenario: [ 55.875985][ T4454] [ 55.877183][ T4454] CPU0 CPU1 [ 55.878000][ T4454] ---- ---- [ 55.878888][ T4454] lock(&ei->xattr_sem); [ 55.879590][ T4454] lock(jbd2_handle); [ 55.880707][ T4454] lock(&ei->xattr_sem); [ 55.881887][ T4454] lock(&sbi->s_writepages_rwsem); [ 55.882739][ T4454] [ 55.882739][ T4454] *** DEADLOCK *** [ 55.882739][ T4454] [ 55.883950][ T4454] 3 locks held by syz.0.17/4454: [ 55.884784][ T4454] #0: ffff0000d495c0e0 (&type->s_umount_key#26/1){+.+.}-{3:3}, at: alloc_super+0x1a4/0x804 [ 55.886473][ T4454] #1: ffff0000d495c650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x3dc/0x1270 [ 55.888013][ T4454] #2: ffff0000ea320ad0 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x37c/0x790 [ 55.889719][ T4454] [ 55.889719][ T4454] stack backtrace: [ 55.890754][ T4454] CPU: 0 PID: 4454 Comm: syz.0.17 Not tainted syzkaller #0 [ 55.891892][ T4454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 55.893565][ T4454] Call trace: [ 55.894140][ T4454] dump_backtrace+0x1c8/0x1f4 [ 55.894911][ T4454] show_stack+0x2c/0x3c [ 55.895656][ T4454] __dump_stack+0x30/0x40 [ 55.896373][ T4454] dump_stack_lvl+0xf8/0x160 [ 55.897165][ T4454] dump_stack+0x1c/0x5c [ 55.897882][ T4454] print_circular_bug+0x148/0x1b0 [ 55.898713][ T4454] check_noncircular+0x240/0x2d4 [ 55.899516][ T4454] __lock_acquire+0x293c/0x6544 [ 55.900342][ T4454] lock_acquire+0x20c/0x644 [ 55.901098][ T4454] percpu_down_read+0x70/0x2a8 [ 55.901816][ T4454] ext4_writepages+0x188/0x284c [ 55.902536][ T4454] do_writepages+0x2c0/0x4fc [ 55.903286][ T4454] __writeback_single_inode+0x164/0x157c [ 55.904094][ T4454] writeback_single_inode+0x1c0/0x720 [ 55.904909][ T4454] write_inode_now+0x144/0x1b0 [ 55.905613][ T4454] iput+0x5cc/0x7f4 [ 55.906146][ T4454] ext4_xattr_block_set+0x17a4/0x2810 [ 55.907030][ T4454] ext4_expand_extra_isize_ea+0xcb8/0x15cc [ 55.907949][ T4454] __ext4_expand_extra_isize+0x298/0x358 [ 55.908882][ T4454] __ext4_mark_inode_dirty+0x3e4/0x790 [ 55.909784][ T4454] ext4_evict_inode+0xb58/0x1270 [ 55.910617][ T4454] evict+0x3c8/0x810 [ 55.911240][ T4454] iput+0x764/0x7f4 [ 55.911848][ T4454] ext4_process_orphan+0x240/0x2b4 [ 55.912711][ T4454] ext4_orphan_cleanup+0x908/0x104c [ 55.913525][ T4454] ext4_fill_super+0x6920/0x6e34 [ 55.914264][ T4454] get_tree_bdev+0x358/0x544 [ 55.915020][ T4454] ext4_get_tree+0x28/0x38 [ 55.915684][ T4454] vfs_get_tree+0x90/0x274 [ 55.916326][ T4454] do_new_mount+0x228/0x810 [ 55.917063][ T4454] path_mount+0x5b4/0xe78 [ 55.917696][ T4454] __arm64_sys_mount+0x49c/0x584 [ 55.918460][ T4454] invoke_syscall+0x98/0x2bc [ 55.919286][ T4454] el0_svc_common+0x138/0x258 [ 55.920081][ T4454] do_el0_svc+0x58/0x13c [ 55.920742][ T4454] el0_svc+0x58/0x138 [ 55.921466][ T4454] el0t_64_sync_handler+0x84/0xf0 [ 55.922270][ T4454] el0t_64_sync+0x18c/0x190 [ 55.924240][ T4454] ------------[ cut here ]------------ [ 55.925150][ T4454] EA inode 11 i_nlink=2 [ 55.925230][ T4454] WARNING: CPU: 1 PID: 4454 at fs/ext4/xattr.c:1022 ext4_xattr_inode_update_ref+0x42c/0x470 [ 55.927251][ T4454] Modules linked in: [ 55.927819][ T4454] CPU: 1 PID: 4454 Comm: syz.0.17 Not tainted syzkaller #0 [ 55.928879][ T4454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 55.930315][ T4454] pstate: 62400005 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 55.931625][ T4454] pc : ext4_xattr_inode_update_ref+0x42c/0x470 [ 55.932676][ T4454] lr : ext4_xattr_inode_update_ref+0x42c/0x470 [ 55.933704][ T4454] sp : ffff800021286e60 [ 55.934399][ T4454] x29: ffff800021286f00 x28: 0000000000000000 x27: dfff800000000000 [ 55.935761][ T4454] x26: 1fffe0001d42aa9d x25: ffff700004250dd0 x24: 0000000000000000 [ 55.937062][ T4454] x23: ffff800017a8a000 x22: ffff0000ea155330 x21: 0000000000000002 [ 55.938327][ T4454] x20: 0000000000000001 x19: ffff0000ea1552f0 x18: ffff800011abbcc0 [ 55.939561][ T4454] x17: 0000000000000000 x16: ffff800008042d90 x15: 0000000000000000 [ 55.940898][ T4454] x14: 00000000ffffffff x13: 0000000000000001 x12: 0000000000ff0100 [ 55.942254][ T4454] x11: ff00800008191ca8 x10: 0000000000000000 x9 : 7e87d5eb18d96600 [ 55.943523][ T4454] x8 : 7e87d5eb18d96600 x7 : 0000000000000001 x6 : 0000000000000001 [ 55.944870][ T4454] x5 : ffff8000212868f8 x4 : ffff8000151a4920 x3 : ffff800008311fd8 [ 55.946224][ T4454] x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000 [ 55.947573][ T4454] Call trace: [ 55.948097][ T4454] ext4_xattr_inode_update_ref+0x42c/0x470 [ 55.948946][ T4454] ext4_xattr_set_entry+0x918/0x15ac [ 55.949752][ T4454] ext4_xattr_ibody_set+0x204/0x600 [ 55.950567][ T4454] ext4_expand_extra_isize_ea+0xd00/0x15cc [ 55.951521][ T4454] __ext4_expand_extra_isize+0x298/0x358 [ 55.952386][ T4454] __ext4_mark_inode_dirty+0x3e4/0x790 [ 55.953355][ T4454] ext4_evict_inode+0xb58/0x1270 [ 55.954256][ T4454] evict+0x3c8/0x810 [ 55.954924][ T4454] iput+0x764/0x7f4 [ 55.955483][ T4454] ext4_process_orphan+0x240/0x2b4 [ 55.956177][ T4454] ext4_orphan_cleanup+0x908/0x104c [ 55.956957][ T4454] ext4_fill_super+0x6920/0x6e34 [ 55.957798][ T4454] get_tree_bdev+0x358/0x544 [ 55.958536][ T4454] ext4_get_tree+0x28/0x38 [ 55.959254][ T4454] vfs_get_tree+0x90/0x274 [ 55.959986][ T4454] do_new_mount+0x228/0x810 [ 55.960688][ T4454] path_mount+0x5b4/0xe78 [ 55.961371][ T4454] __arm64_sys_mount+0x49c/0x584 [ 55.962171][ T4454] invoke_syscall+0x98/0x2bc [ 55.962859][ T4454] el0_svc_common+0x138/0x258 [ 55.963604][ T4454] do_el0_svc+0x58/0x13c [ 55.964235][ T4454] el0_svc+0x58/0x138 [ 55.964839][ T4454] el0t_64_sync_handler+0x84/0xf0 [ 55.965569][ T4454] el0t_64_sync+0x18c/0x190 [ 55.966305][ T4454] irq event stamp: 4245 [ 55.966988][ T4454] hardirqs last enabled at (4245): [] _raw_spin_unlock_irqrestore+0x48/0xac [ 55.968620][ T4454] hardirqs last disabled at (4244): [] _raw_spin_lock_irqsave+0xa4/0xb4 [ 55.970205][ T4454] softirqs last enabled at (1816): [] handle_softirqs+0xaf8/0xc6c [ 55.971580][ T4454] softirqs last disabled at (1809): [] __do_softirq+0x14/0x20 [ 55.972922][ T4454] ---[ end trace 0000000000000000 ]--- [ 55.975070][ T4454] EXT4-fs (loop0): 1 orphan inode deleted [ 55.976030][ T4454] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 55.981939][ T4435] EXT4-fs (loop0): unmounting filesystem.