Warning: Permanently added '10.128.1.170' (ED25519) to the list of known hosts. 2025/12/06 10:34:57 parsed 1 programs [ 56.573633][ T4269] cgroup: Unknown subsys name 'net' [ 56.695414][ T4269] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 57.910473][ T4269] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 59.570107][ T4290] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 59.578466][ T4290] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 59.586093][ T4290] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 59.594164][ T4290] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 59.603430][ T4290] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 59.610622][ T4290] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 59.770763][ T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.778856][ T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.792374][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 59.807877][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.816211][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.825154][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 61.557092][ T4344] chnl_net:caif_netlink_parms(): no params data found [ 61.607185][ T4344] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.614893][ T4344] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.623098][ T4344] device bridge_slave_0 entered promiscuous mode [ 61.631348][ T4344] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.638418][ T4344] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.646178][ T4344] device bridge_slave_1 entered promiscuous mode [ 61.676638][ T4344] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.686985][ T4344] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.715782][ T4344] team0: Port device team_slave_0 added [ 61.722953][ T4344] team0: Port device team_slave_1 added [ 61.737919][ T4344] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.744923][ T4344] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.772059][ T4344] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.797104][ T4344] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.804072][ T4344] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.829965][ T4344] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.859061][ T4344] device hsr_slave_0 entered promiscuous mode [ 61.866286][ T4344] device hsr_slave_1 entered promiscuous mode [ 61.962849][ T4344] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 61.971993][ T4344] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 61.980407][ T4344] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 61.989572][ T4344] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 62.057258][ T4344] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.078367][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 62.086859][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.097648][ T4344] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.120168][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 62.129440][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 62.138482][ T51] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.145757][ T51] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.163068][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 62.171139][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 62.179552][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 62.187924][ T51] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.194995][ T51] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.203722][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 62.213551][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 62.223617][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 62.232787][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 62.241568][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 62.253636][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 62.262539][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 62.276428][ T4344] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 62.289080][ T4344] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 62.303130][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 62.311970][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 62.320167][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 62.522031][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 62.529468][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 62.540727][ T4344] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 62.556107][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 62.574037][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 62.582446][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 62.590141][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 62.602598][ T4344] device veth0_vlan entered promiscuous mode [ 62.615076][ T4344] device veth1_vlan entered promiscuous mode [ 62.630790][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 62.639009][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 62.648384][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 62.658323][ T4344] device veth0_macvtap entered promiscuous mode [ 62.673163][ T4344] device veth1_macvtap entered promiscuous mode [ 62.686799][ T4344] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.694572][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 62.703980][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 62.712791][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 62.730253][ T4344] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.737884][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 62.746307][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 62.757369][ T4344] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.766246][ T4344] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.775120][ T4344] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.783998][ T4344] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 2025/12/06 10:35:04 executed programs: 0 [ 63.095958][ T47] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 63.103712][ T47] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 63.111433][ T47] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 63.119116][ T47] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 63.130086][ T47] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 63.137753][ T47] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 63.269667][ T4373] chnl_net:caif_netlink_parms(): no params data found [ 63.320022][ T4373] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.328336][ T4373] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.336274][ T4373] device bridge_slave_0 entered promiscuous mode [ 63.345063][ T4373] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.352287][ T4373] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.360143][ T4373] device bridge_slave_1 entered promiscuous mode [ 63.391293][ T9] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 63.405739][ T4373] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.418159][ T4373] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 63.438387][ T4373] team0: Port device team_slave_0 added [ 63.445168][ T4373] team0: Port device team_slave_1 added [ 63.460786][ T4373] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 63.467826][ T4373] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.494020][ T4373] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 63.508641][ T4373] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 63.515649][ T4373] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.541775][ T4373] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 63.568626][ T4373] device hsr_slave_0 entered promiscuous mode [ 63.575299][ T4373] device hsr_slave_1 entered promiscuous mode [ 63.582020][ T4373] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 63.589743][ T4373] Cannot create hsr debugfs directory [ 65.151697][ T4290] Bluetooth: hci0: command 0x0409 tx timeout [ 65.680530][ T9] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.230966][ T47] Bluetooth: hci0: command 0x041b tx timeout [ 67.909534][ T9] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.979924][ T9] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.825517][ T4373] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 68.834993][ T4373] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 68.847278][ T4373] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 68.856801][ T4373] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 68.908592][ T4373] 8021q: adding VLAN 0 to HW filter on device bond0 [ 68.932117][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 68.939800][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 68.949265][ T4373] 8021q: adding VLAN 0 to HW filter on device team0 [ 68.959679][ T9] device hsr_slave_0 left promiscuous mode [ 68.966021][ T9] device hsr_slave_1 left promiscuous mode [ 68.972569][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 68.979943][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 68.988241][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 68.995750][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 69.003300][ T9] device bridge_slave_1 left promiscuous mode [ 69.009856][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.019218][ T9] device bridge_slave_0 left promiscuous mode [ 69.027766][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.045936][ T9] device veth1_macvtap left promiscuous mode [ 69.052171][ T9] device veth0_macvtap left promiscuous mode [ 69.058190][ T9] device veth1_vlan left promiscuous mode [ 69.064131][ T9] device veth0_vlan left promiscuous mode [ 69.308267][ T9] team0 (unregistering): Port device team_slave_1 removed [ 69.315636][ T47] Bluetooth: hci0: command 0x040f tx timeout [ 69.337564][ T9] team0 (unregistering): Port device team_slave_0 removed [ 69.360042][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 69.388055][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 69.603643][ T9] bond0 (unregistering): Released all slaves [ 69.682240][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 69.691044][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 69.699331][ T75] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.706442][ T75] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.714126][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 69.724615][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 69.734143][ T75] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.741238][ T75] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.748701][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 69.758787][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 69.785892][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 69.796321][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 69.804972][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 69.813283][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 69.826038][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 69.836475][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 69.848552][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 69.857410][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 69.867932][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 69.878911][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 69.888818][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 70.027706][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 70.036733][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 70.052869][ T4373] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.070948][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 70.080622][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 70.102833][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 70.111732][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 70.120157][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 70.128911][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 70.138326][ T4373] device veth0_vlan entered promiscuous mode [ 70.148470][ T4373] device veth1_vlan entered promiscuous mode [ 70.165793][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 70.173963][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 70.184919][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 70.193504][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 70.203204][ T4373] device veth0_macvtap entered promiscuous mode [ 70.212381][ T4373] device veth1_macvtap entered promiscuous mode [ 70.225045][ T4373] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 70.233347][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 70.241685][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 70.249562][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 70.258198][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 70.268635][ T4373] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 70.276535][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 70.285150][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 70.295914][ T4373] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.305247][ T4373] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.314134][ T4373] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.323023][ T4373] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.366156][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 70.375252][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 70.389180][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 70.398238][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 70.406463][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 70.415589][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 70.453505][ T4427] loop0: detected capacity change from 0 to 512 [ 70.482422][ T4427] [ 70.484763][ T4427] ====================================================== [ 70.491777][ T4427] WARNING: possible circular locking dependency detected [ 70.498795][ T4427] syzkaller #0 Not tainted [ 70.503207][ T4427] ------------------------------------------------------ [ 70.510218][ T4427] syz.0.17/4427 is trying to acquire lock: [ 70.516009][ T4427] ffff88801ca66b98 (&sbi->s_writepages_rwsem){.+.+}-{0:0}, at: ext4_writepages+0x1c0/0x2e50 [ 70.526074][ T4427] [ 70.526074][ T4427] but task is already holding lock: [ 70.533411][ T4427] ffff88806ea65b10 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3fe/0x770 [ 70.543211][ T4427] [ 70.543211][ T4427] which lock already depends on the new lock. [ 70.543211][ T4427] [ 70.553588][ T4427] [ 70.553588][ T4427] the existing dependency chain (in reverse order) is: [ 70.562582][ T4427] [ 70.562582][ T4427] -> #2 (&ei->xattr_sem){++++}-{3:3}: [ 70.570108][ T4427] down_read+0x42/0x2d0 [ 70.574763][ T4427] ext4_setattr+0x92a/0x19f0 [ 70.579854][ T4427] notify_change+0xc74/0xf40 [ 70.584943][ T4427] chown_common+0x486/0x620 [ 70.589941][ T4427] do_fchownat+0x164/0x270 [ 70.594860][ T4427] __x64_sys_chown+0x7e/0x90 [ 70.599956][ T4427] do_syscall_64+0x4c/0xa0 [ 70.604876][ T4427] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 70.611272][ T4427] [ 70.611272][ T4427] -> #1 (jbd2_handle){++++}-{0:0}: [ 70.618548][ T4427] start_this_handle+0x1f49/0x2150 [ 70.624169][ T4427] jbd2__journal_start+0x2b7/0x5a0 [ 70.629783][ T4427] __ext4_journal_start_sb+0x187/0x3d0 [ 70.635750][ T4427] ext4_writepages+0xde7/0x2e50 [ 70.641101][ T4427] do_writepages+0x3b7/0x610 [ 70.646193][ T4427] filemap_fdatawrite_wbc+0x11e/0x180 [ 70.652076][ T4427] file_write_and_wait_range+0x137/0x200 [ 70.658209][ T4427] ext4_sync_file+0x23b/0xca0 [ 70.663392][ T4427] __x64_sys_fsync+0x1a5/0x1e0 [ 70.668662][ T4427] do_syscall_64+0x4c/0xa0 [ 70.673580][ T4427] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 70.679976][ T4427] [ 70.679976][ T4427] -> #0 (&sbi->s_writepages_rwsem){.+.+}-{0:0}: [ 70.688383][ T4427] __lock_acquire+0x2cf8/0x7c50 [ 70.693742][ T4427] lock_acquire+0x1b4/0x490 [ 70.698748][ T4427] percpu_down_read+0x44/0x1a0 [ 70.704012][ T4427] ext4_writepages+0x1c0/0x2e50 [ 70.709364][ T4427] do_writepages+0x3b7/0x610 [ 70.714456][ T4427] __writeback_single_inode+0x156/0x1160 [ 70.720594][ T4427] writeback_single_inode+0x221/0x8b0 [ 70.726470][ T4427] write_inode_now+0x15d/0x1d0 [ 70.731738][ T4427] iput+0x613/0x980 [ 70.736049][ T4427] ext4_xattr_block_set+0x2736/0x32a0 [ 70.741924][ T4427] ext4_expand_extra_isize_ea+0x109b/0x19b0 [ 70.748324][ T4427] __ext4_expand_extra_isize+0x301/0x3e0 [ 70.754456][ T4427] __ext4_mark_inode_dirty+0x47f/0x770 [ 70.760418][ T4427] ext4_evict_inode+0xa73/0x1100 [ 70.765863][ T4427] evict+0x485/0x870 [ 70.770260][ T4427] ext4_orphan_cleanup+0xbd3/0x1400 [ 70.775962][ T4427] ext4_fill_super+0x7bdf/0x8150 [ 70.781407][ T4427] get_tree_bdev+0x3f1/0x610 [ 70.786499][ T4427] vfs_get_tree+0x88/0x270 [ 70.791418][ T4427] do_new_mount+0x24a/0xa40 [ 70.796424][ T4427] __se_sys_mount+0x2d6/0x3c0 [ 70.801602][ T4427] do_syscall_64+0x4c/0xa0 [ 70.806521][ T4427] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 70.812937][ T4427] [ 70.812937][ T4427] other info that might help us debug this: [ 70.812937][ T4427] [ 70.823142][ T4427] Chain exists of: [ 70.823142][ T4427] &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem [ 70.823142][ T4427] [ 70.836498][ T4427] Possible unsafe locking scenario: [ 70.836498][ T4427] [ 70.843925][ T4427] CPU0 CPU1 [ 70.849269][ T4427] ---- ---- [ 70.854611][ T4427] lock(&ei->xattr_sem); [ 70.858933][ T4427] lock(jbd2_handle); [ 70.865512][ T4427] lock(&ei->xattr_sem); [ 70.872353][ T4427] lock(&sbi->s_writepages_rwsem); [ 70.877538][ T4427] [ 70.877538][ T4427] *** DEADLOCK *** [ 70.877538][ T4427] [ 70.885660][ T4427] 3 locks held by syz.0.17/4427: [ 70.890577][ T4427] #0: ffff88801ca640e0 (&type->s_umount_key#27/1){+.+.}-{3:3}, at: alloc_super+0x1fa/0x930 [ 70.900660][ T4427] #1: ffff88801ca64650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x436/0x1100 [ 70.910125][ T4427] #2: ffff88806ea65b10 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3fe/0x770 [ 70.920377][ T4427] [ 70.920377][ T4427] stack backtrace: [ 70.926263][ T4427] CPU: 1 PID: 4427 Comm: syz.0.17 Not tainted syzkaller #0 [ 70.933440][ T4427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 70.943483][ T4427] Call Trace: [ 70.946746][ T4427] [ 70.949664][ T4427] dump_stack_lvl+0x168/0x22e [ 70.954326][ T4427] ? load_image+0x3b0/0x3b0 [ 70.958814][ T4427] ? show_regs_print_info+0x12/0x12 [ 70.963997][ T4427] ? print_circular_bug+0x12b/0x1a0 [ 70.969180][ T4427] check_noncircular+0x274/0x310 [ 70.974102][ T4427] ? add_chain_block+0x940/0x940 [ 70.979023][ T4427] ? lockdep_lock+0xdc/0x1e0 [ 70.983598][ T4427] ? verify_lock_unused+0x140/0x140 [ 70.988779][ T4427] ? _find_first_zero_bit+0xcf/0x100 [ 70.994057][ T4427] __lock_acquire+0x2cf8/0x7c50 [ 70.998902][ T4427] ? verify_lock_unused+0x140/0x140 [ 71.004084][ T4427] ? mark_lock+0x94/0x320 [ 71.008396][ T4427] ? __lock_acquire+0x13c0/0x7c50 [ 71.013409][ T4427] lock_acquire+0x1b4/0x490 [ 71.017894][ T4427] ? ext4_writepages+0x1c0/0x2e50 [ 71.022903][ T4427] ? __might_sleep+0xd0/0xd0 [ 71.027480][ T4427] ? read_lock_is_recursive+0x10/0x10 [ 71.032854][ T4427] ? __lock_acquire+0x12e5/0x7c50 [ 71.037868][ T4427] ? mark_lock+0x94/0x320 [ 71.042188][ T4427] percpu_down_read+0x44/0x1a0 [ 71.046936][ T4427] ? ext4_writepages+0x1c0/0x2e50 [ 71.051944][ T4427] ext4_writepages+0x1c0/0x2e50 [ 71.056784][ T4427] ? __lock_acquire+0x13c0/0x7c50 [ 71.061801][ T4427] ? verify_lock_unused+0x140/0x140 [ 71.066984][ T4427] ? mark_lock+0x94/0x320 [ 71.071296][ T4427] ? ext4_read_folio+0x370/0x370 [ 71.076217][ T4427] ? __lock_acquire+0x13c0/0x7c50 [ 71.081244][ T4427] ? __lock_acquire+0x7c50/0x7c50 [ 71.086259][ T4427] ? do_raw_spin_lock+0x11d/0x280 [ 71.091273][ T4427] ? do_raw_spin_unlock+0x11d/0x230 [ 71.096465][ T4427] ? ext4_read_folio+0x370/0x370 [ 71.101388][ T4427] do_writepages+0x3b7/0x610 [ 71.105968][ T4427] ? __writepage+0x130/0x130 [ 71.110540][ T4427] ? writeback_single_inode+0x216/0x8b0 [ 71.116072][ T4427] ? __lock_acquire+0x7c50/0x7c50 [ 71.121084][ T4427] ? do_raw_spin_lock+0x11d/0x280 [ 71.126100][ T4427] ? __ext4_expand_extra_isize+0x301/0x3e0 [ 71.131902][ T4427] __writeback_single_inode+0x156/0x1160 [ 71.137529][ T4427] writeback_single_inode+0x221/0x8b0 [ 71.142886][ T4427] ? write_inode_now+0x1d0/0x1d0 [ 71.147812][ T4427] write_inode_now+0x15d/0x1d0 [ 71.152566][ T4427] ? bdi_split_work_to_wbs+0x890/0x890 [ 71.158012][ T4427] ? rcu_is_watching+0x11/0xa0 [ 71.162765][ T4427] ? do_raw_spin_unlock+0x11d/0x230 [ 71.167955][ T4427] iput+0x613/0x980 [ 71.171750][ T4427] ext4_xattr_block_set+0x2736/0x32a0 [ 71.177110][ T4427] ? __might_sleep+0xd0/0xd0 [ 71.181690][ T4427] ? xattr_find_entry+0x12b/0x2f0 [ 71.186697][ T4427] ? ext4_xattr_block_find+0x2b0/0x2b0 [ 71.192146][ T4427] ? ext4_xattr_block_find+0x241/0x2b0 [ 71.197597][ T4427] ext4_expand_extra_isize_ea+0x109b/0x19b0 [ 71.203483][ T4427] __ext4_expand_extra_isize+0x301/0x3e0 [ 71.209098][ T4427] __ext4_mark_inode_dirty+0x47f/0x770 [ 71.214546][ T4427] ext4_evict_inode+0xa73/0x1100 [ 71.219472][ T4427] ? _raw_spin_unlock+0x24/0x40 [ 71.224310][ T4427] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 71.230190][ T4427] ? do_raw_spin_unlock+0x11d/0x230 [ 71.235374][ T4427] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 71.241260][ T4427] evict+0x485/0x870 [ 71.245138][ T4427] ? __lock_acquire+0x7c50/0x7c50 [ 71.250146][ T4427] ? proc_nr_inodes+0x2f0/0x2f0 [ 71.254979][ T4427] ? do_raw_spin_unlock+0x11d/0x230 [ 71.260163][ T4427] ? _raw_spin_unlock+0x24/0x40 [ 71.264998][ T4427] ? iput+0x768/0x980 [ 71.268962][ T4427] ext4_orphan_cleanup+0xbd3/0x1400 [ 71.274153][ T4427] ? ext4_orphan_del+0xb90/0xb90 [ 71.279077][ T4427] ? errseq_check_and_advance+0x62/0x120 [ 71.284692][ T4427] ext4_fill_super+0x7bdf/0x8150 [ 71.289617][ T4427] ? bdev_name+0x2c1/0x3f0 [ 71.294028][ T4427] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 71.300254][ T4427] ? snprintf+0xd7/0x120 [ 71.304485][ T4427] ? preempt_count_add+0x8d/0x190 [ 71.309494][ T4427] ? vscnprintf+0x80/0x80 [ 71.313811][ T4427] ? set_blocksize+0x1d3/0x350 [ 71.318562][ T4427] ? sb_set_blocksize+0xa5/0xe0 [ 71.323398][ T4427] get_tree_bdev+0x3f1/0x610 [ 71.327971][ T4427] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 71.334197][ T4427] vfs_get_tree+0x88/0x270 [ 71.338597][ T4427] do_new_mount+0x24a/0xa40 [ 71.343087][ T4427] __se_sys_mount+0x2d6/0x3c0 [ 71.347749][ T4427] ? __x64_sys_mount+0xc0/0xc0 [ 71.352498][ T4427] ? lockdep_hardirqs_on+0x94/0x140 [ 71.357680][ T4427] ? __x64_sys_mount+0x1c/0xc0 [ 71.362424][ T4427] do_syscall_64+0x4c/0xa0 [ 71.366822][ T4427] ? clear_bhb_loop+0x60/0xb0 [ 71.371481][ T4427] ? clear_bhb_loop+0x60/0xb0 [ 71.376145][ T4427] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 71.382020][ T4427] RIP: 0033:0x7fdbb3790eea [ 71.386429][ T4427] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 71.406021][ T4427] RSP: 002b:00007fff90cd6b88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 71.414416][ T4427] RAX: ffffffffffffffda RBX: 00007fff90cd6c10 RCX: 00007fdbb3790eea [ 71.422368][ T4427] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007fff90cd6bd0 [ 71.430321][ T4427] RBP: 0000200000000180 R08: 00007fff90cd6c10 R09: 0000000000800700 [ 71.438274][ T4427] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 71.446230][ T4427] R13: 00007fff90cd6bd0 R14: 000000000000046f R15: 000000000000002c [ 71.454186][ T4427] [ 71.457322][ T4290] Bluetooth: hci0: command 0x0419 tx timeout [ 71.459025][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.469575][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.483763][ T4427] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 71.498221][ T4427] EXT4-fs (loop0): Remounting filesystem read-only [ 71.505441][ T4427] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 11 err=-117 [ 71.517731][ T4427] EXT4-fs (loop0): Remounting filesystem read-only [ 71.524581][ T4427] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2819: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 71.537693][ T4427] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 71.551300][ T4427] EXT4-fs (loop0): Remounting filesystem read-only [ 71.557824][ T4427] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 11 err=-117 [ 71.570110][ T4427] EXT4-fs (loop0): Remounting filesystem read-only [ 71.576656][ T4427] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #18: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 71.590075][ T4427] EXT4-fs (loop0): Remounting filesystem read-only [ 71.596634][ T4427] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 18 err=-117 [ 71.609041][ T4427] EXT4-fs (loop0): Remounting filesystem read-only [ 71.615640][ T4427] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #18: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 71.629328][ T4427] EXT4-fs (loop0): Remounting filesystem read-only [ 71.635915][ T4427] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 18 err=-117 [ 71.648167][ T4427] EXT4-fs (loop0): Remounting filesystem read-only [ 71.654809][ T4427] EXT4-fs (loop0): 1 orphan inode deleted [ 71.660529][ T4427] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 71.697218][ T4373] EXT4-fs (loop0): unmounting filesystem.